Adversary-sponsored research contests on cybercriminal forums focus on new methods of attack and evasion, according to Sophos. The contests mirror legitimate security conference ‘Call For Papers’ and provide...
Cybercriminals are increasingly leveraging extreme weather events to launch attacks on critical infrastructure sectors. Cybersecurity experts say critical infrastructure operators can leverage a set of traditional...
The “Classiscam” scam-as-a-service operation has broadened its reach worldwide, targeting many more brands, countries, and industries, causing more significant financial damage than before. Like a ransomware-as-a-service...
The FBI and the Justice Department have declared a global effort to disrupt and dismantle the Qakbot infrastructure, which is utilized in ransomware attacks. More than 700,000...
The cybercrime group evaded remediation efforts by installing persistent backdoors and deploying “new and novel malware.” A Chinese-linked hacking group that security researchers say disproportionately targeted...
A vulnerability affecting Apache RocketMQ servers was publicly disclosed in May 2023, allowing remote code execution through a gateway. RocketMQ is a cloud-native platform for messaging...
The nation’s cyber defense agency is scaling up a key program that gives federal agencies a chance to remediate vulnerabilities before they can be exploited. The...
Thousands of Openfire servers remain vulnerable to CVE-2023-32315, an actively exploited and path traversal vulnerability that allows an unauthenticated user to create new admin accounts. Openfire...
The law enforcement agency says it has been tracking large volumes of cryptocurrency stolen by North Korean hackers during a summer of high-profile cyber heists. North...
To counteract new and emerging threat methods enhanced by artificial intelligence, specialized email security vendors are leveraging a synergy of AI and human insights to enhance...