INTERPOL said it devised a “global stop-payment mechanism” that helped facilitate the largest-ever recovery of funds defrauded in a business email compromise (BEC) scam.  The development comes after an unnamed commodity firm based in Singapore fell victim to a BEC scam in mid-July 2024. It refers to a type of cybercrime where a malicious actor […]

The STRRAT malware, sold for $80, allows attackers to take control of computers and steal data. Attackers use phishing emails pretending to be from government agencies to trick victims into downloading malicious files.

SnakeKeylogger, also known as KrakenKeylogger, is a malicious software targeting Windows users. It logs keystrokes, steals credentials, and takes screenshots, allowing cybercriminals to capture sensitive information.

North Korean hackers exploited a VPN software update flaw to install malware and breach networks, as warned by South Korea’s National Cyber Security Center. The threat groups involved in these activities are Kimsuky (APT43) and Andariel (APT45).

Key Tronic revealed to regulators that a cyberattack in May 2024 cost the company over $17 million. The attack led to a shutdown of operations in Mexico and the U.S. for two weeks.

The Hunters International ransomware group is using a new C# remote access trojan named SharpRhino to target IT workers and breach corporate networks. It is distributed through a typosquatting site posing as Angry IP Scanner’s website.

Last year, the White House launched an initiative to strengthen school cybersecurity, but cyberattacks on schools persist. Private sector resources have been utilized by thousands of school districts to enhance their defenses.

The North Korea-linked threat actor known as Moonstone Sleet has continued to push malicious npm packages to the JavaScript package registry with the aim of infecting Windows systems, underscoring the persistent nature of their campaigns. The packages in question, harthat-api and harthat-hash, were published on July 7, 2024, according to Datadog Security Labs. Both the […]

Everyone loves the double-agent plot twist in a spy movie, but it’s a different story when it comes to securing company data. Whether intentional or unintentional, insider threats are a legitimate concern. According to CSA research, 26% of companies who reported a SaaS security incident were struck by an insider.  The challenge for many is […]