SafeBreach Labs’ researcher Alon Leviev exposed flaws in Microsoft’s Windows Update system. These flaws allow attackers to launch undetectable downgrade attacks. Hackers can revert fully patched Windows machines to vulnerable states, turning fixed issues into zero-day threats. Leviev demonstrated how a manipulated Update process can bypass security features, exposing systems …
Ransomware attacks surged in the first half of 2024, with Rapid7 reporting more than 2,570 incidents—an average of 14 attacks per day. The number of criminal groups has expanded, increasing pressure on victims, as 68 groups posted 2,611 data leaks, a 23% rise from last year. Despite law enforcement efforts, …
The UnDisruptable27 project, led by Josh Corman, launches with a $700,000 grant to tackle growing cybersecurity threats against critical US infrastructure. The project aims to engage utility operators, municipalities, and the public in understanding the risks we face and inspiring them to take action. Focusing on the interdependence of essential …
Hunters International, a ransomware group thought to be a rebrand of Hive, now uses SharpRhino malware against IT professionals. This C# remote access trojan (RAT) helps the group gain access, escalate privileges, and run PowerShell commands to deploy ransomware on corporate networks. SharpRhino spreads through a site that mimics the …
Fortinet’s FortiGuard Labs has reported a surge in SnakeKeylogger infections that target Windows users. The malware, which steals credentials and captures screenshots, records keystrokes and sends sensitive information to cybercriminals. SnakeKeylogger, originally sold on Russian crime forums, has evolved into a dangerous threat. It uses obfuscation techniques to hide its …
Jerico Pictures Inc., operating as National Public Data, exposed nearly 3 billion personal records in an April data breach. On April 8, the cybercriminal group USDoD listed the “National Public Data” database for sale on a dark web forum, demanding $3.5 million. The breach, one of the largest ever, includes …
Chinese hacking group StormBamboo compromised an internet service provider (ISP) to deliver malware through poisoned software updates. The hacker group, active for over a decade, targeted organizations across Asia and beyond. They exploited insecure HTTP update mechanisms that lacked digital signature validation. By intercepting DNS requests, they injected malicious IP …
Cybercriminals are targeting social media users by hijacking pages and rebranding them to mimic popular AI photo editors. They post malicious links leading victims to download ITarian software, disguised as a photo editor, which grants them remote access to the victim’s devices. This access allows attackers to steal sensitive information …
A sophisticated phishing campaign is targeting Microsoft OneDrive users, aiming to trick them into executing a malicious PowerShell script. The attack begins with an email containing an .html file that simulates a OneDrive error page. The fake page urges users to fix a DNS issue by following specific steps. If …
Ransomware attacks have become a relentless threat, with nearly one-third of companies paying a ransom four or more times in the past year to regain access to their systems, according to Semperis. More than a third of companies either didn’t receive decryption keys or received corrupted ones, leaving them without …
