A Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service (MaaS) offerings to the next level. Singaporean cybersecurity company Group-IB, which has been tracking the e-crime actor since January 2023, described the crimeware solution as a “sophisticated AI-powered phishing-as-a-service platform”

Researchers at Wiz have identified an ongoing campaign targeting exposed Selenium Grid services for illicit cryptocurrency mining. The campaign, known as SeleniumGreed, is exploiting older versions of Selenium to run a modified XMRig miner.

The US has indicted a North Korean state hacker for ransomware attacks on hospitals and healthcare companies. The hacker, Rim Jong Hyok, is a member of the Andariel Unit within North Korea’s intelligence agency.

The Internet Systems Consortium (ISC) has released patches to fix multiple security vulnerabilities in the BIND 9 DNS software suite that could lead to denial-of-service attacks.

US Senator Richard Blumenthal revealed that Bank of America, JPMorgan Chase, and Wells Fargo only reimbursed 38% of customers for unauthorized payments, resulting in $100 million in fraud losses.

Process Injection is a vital technique used by attackers to evade detection and escalate privileges. Thread Name-Calling has emerged as a new injection technique that abuses Windows APIs for thread descriptions to bypass endpoint protection products.

A recent study by Parametrix has found that the global IT outage linked to CrowdStrike will result in at least $5.4 billion in direct financial losses for Fortune 500 companies, excluding Microsoft.

ServiceNow RCE vulnerabilities are being actively exploited to steal credentials. Threat actors are using publicly available exploits to target government agencies and private firms for data theft.

“Peace is the virtue of civilization. War is its crime. Yet it is often in the furnace of war that the sharpest tools of peace are forged.” – Victor Hugo. In 1971, an unsettling message started appearing on several computers that comprised ARPANET, the precursor to what we now know as the Internet. The message, […]