Dear reader, I am exhausted. Over the past few days, the House and Senate passed a massive foreign aid package that also forces TikTok to divest from its China-based owner ByteDance and find a new American owner—or else be banned nationwide. President Joe Biden signed that bill into law, and TikTok has threatened to sue […]
Over the past two years, a shocking 51% of organizations surveyed in a leading industry report have been compromised by a cyberattack. Yes, over half. And this, in a world where enterprises deploy an average of 53 different security solutions to safeguard their digital domain. Alarming? Absolutely. A recent survey of CISOs and CIOs, commissioned […]
Between crossovers – Do threat actors play dirty or desperate? In our dataset of over 11,000 victim organizations that have experienced a Cyber Extortion / Ransomware attack, we noticed that some victims re-occur. Consequently, the question arises why we observe a re-victimization and whether or not this is an actual second attack, an affiliate crossover […]
Cybercrime as-a-service , Fraud Management & Cybercrime , ID Fraud Cybercriminals Netting Over 50 Credentials Per Infected Device, Kaspersky Says Jayant Chakravarti (@JayJay_Tech) • April 18, 2024 A rise in infostealer malware attacks over the past three years has enabled cybercriminal groups to turn credential stealing into a major money-making business, paving the […]
Financial services firms have been hit with $12bn in losses over the last two decades as a result of cyber attacks, according to a recently published report from the International Monetary Fund (IMF). The data shows little sign that the risk is about to reduce and has led to the IMF to call for greater […]
Over 92,000 Internet-facing D-Link NAS devices can be easily hacked Pierluigi Paganini April 07, 2024 A researcher disclosed an arbitrary command injection and hardcoded backdoor issue in multiple end-of-life D-Link NAS models. A researcher who goes online with the moniker ‘Netsecfish’ disclosed a new arbitrary command injection and hardcoded backdoor flaw, tracked as , tracked […]
A premium WordPress plugin named LayerSlider, used in over one million sites, is vulnerable to unauthenticated SQL injection, requiring admins to prioritize applying security updates for the plugin.
A sophisticated phishing-as-a-service (PhaaS) platform called Darcula has set its sights on organizations in over 100 countries by leveraging a massive network of more than 20,000 counterfeit domains to help cyber criminals launch attacks at scale. “Using iMessage and RCS rather than SMS to send text messages has the side effect of bypassing SMS firewalls, […]
Minecraft, with over 500 million registered users and 166 million monthly players, faces significant risks from distributed denial-of-service (DDoS) attacks, threatening server functionality, player experience, and the game’s reputation. Despite the prevalence of DDoS attacks on the game, the majority of incidents go unreported, leaving a gap in awareness and protection. This article explains what […]