Fortinet’s FortiGuard Labs has reported a surge in SnakeKeylogger infections that target Windows users. The malware, which steals credentials and captures screenshots, records keystrokes and sends sensitive information to cybercriminals. SnakeKeylogger, originally sold on Russian crime forums, has evolved into a dangerous threat. It uses obfuscation techniques to hide its …
Jerico Pictures Inc., operating as National Public Data, exposed nearly 3 billion personal records in an April data breach. On April 8, the cybercriminal group USDoD listed the “National Public Data” database for sale on a dark web forum, demanding $3.5 million. The breach, one of the largest ever, includes …
Chinese hacking group StormBamboo compromised an internet service provider (ISP) to deliver malware through poisoned software updates. The hacker group, active for over a decade, targeted organizations across Asia and beyond. They exploited insecure HTTP update mechanisms that lacked digital signature validation. By intercepting DNS requests, they injected malicious IP …
Cybercriminals are targeting social media users by hijacking pages and rebranding them to mimic popular AI photo editors. They post malicious links leading victims to download ITarian software, disguised as a photo editor, which grants them remote access to the victim’s devices. This access allows attackers to steal sensitive information …
A sophisticated phishing campaign is targeting Microsoft OneDrive users, aiming to trick them into executing a malicious PowerShell script. The attack begins with an email containing an .html file that simulates a OneDrive error page. The fake page urges users to fix a DNS issue by following specific steps. If …
Ransomware attacks have become a relentless threat, with nearly one-third of companies paying a ransom four or more times in the past year to regain access to their systems, according to Semperis. More than a third of companies either didn’t receive decryption keys or received corrupted ones, leaving them without …
Healthcare organizations are vulnerable to data breaches due to insecure file-sharing practices. Metomic reports that 25% of publicly shared files and 68% of private files shared externally contain Personal Identifiable Information (PII). 77% of private files shared internally hold sensitive data. Failing to update or remove access permissions leaves organizations …
IBM’s 2024 Cost of a Data Breach Report shows a 10% rise in the global average cost of breaches, now at $4.88 million. However, organizations using AI and automation saved $2.2 million on average, highlighting the financial benefits of these technologies. As breaches grow more disruptive, AI plays a crucial …
A Fortune 50 company paid $75 million to the Dark Angels ransomware group, setting a new record for ransom payments. Zscaler ThreatLabz revealed massive payout, which broke the previous record of $40 million held by CNA. The company hasn’t been officially named, many speculate it’s Cencora, a pharmaceutical giant hit …
Walmart’s Cyber Intelligence Team has discovered an unknown PowerShell backdoor linked to a new variant of the Zloader/SilentNight malware. This sophisticated backdoor provides threat actors with access to systems for reconnaissance and deployment of additional malware. It employs advanced obfuscation techniques, making detection challenging. The backdoor’s discovery highlights a broader …
