Outpost24’s KrakenLabs reveals EncryptHub’s multi-stage malware campaign, exposing their infrastructure and tactics through critical OPSEC failures. Learn how… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Cryptocurrency offers financial freedom, but it also comes with privacy challenges. Unlike traditional banking, where transactions remain relatively… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
When the Trump administration began sidelining and laying off personnel at the Cybersecurity and Infrastructure Security Agency, it started by targeting employees who worked on election security and disinformation. At the same time, the Department Homeland Security announced it would conduct a comprehensive review of CISA’s election security mission. This week, the agency confirmed that it has completed the review,...
The FBI and threat researchers are warning executives to be on the lookout for physical letters in the mail threatening to leak sensitive corporate data. The letters, which are stamped “time sensitive read immediately” and shipped directly to executives through the Postal Service, are part of a nationwide scam designed to extort victims into paying $250,000 to $500,000, the FBI...
U.S. and European law enforcement agencies have seized the infrastructure of Garantex, a cryptocurrency exchange accused of laundering billions in criminal proceeds, in a sweeping international operation that signals heightened focus on illicit financial flows in cryptocurrency markets. According to Justice Department documents unsealed Friday, the Moscow-based exchange processed approximately $96 billion in cryptocurrency transactions since its founding in April...
Threat hunters have shed light on a “sophisticated and evolving malware toolkit” called Ragnar Loader that’s used by various cybercrime and ransomware groups like Ragnar Locker (aka Monstrous Mantis), FIN7, FIN8, and Ruthless Mantis (ex-REvil). “Ragnar Loader plays a key role in keeping access to compromised systems, helping attackers stay in networks for long-term operations,” Swiss – Read More –...
Microsoft Threat Intelligence exposes a malvertising campaign exploiting GitHub, Discord, and Dropbox. Discover the multi-stage attack chain, the… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Travelers found that ransomware groups are focusing on targeting weak credentials on VPN and gateway accounts for initial access, marking a shift from 2023 – Read More –
Microsoft has disclosed details of a large-scale malvertising campaign that’s estimated to have impacted over one million devices globally as part of what it said is an opportunistic attack designed to steal sensitive information. The tech giant, which detected the activity in early December 2024, is tracking it under the broader umbrella Storm-0408, a moniker used for a set of...
Are you tired of dealing with outdated security tools that never seem to give you the full picture? You’re not alone. Many organizations struggle with piecing together scattered information, leaving your apps vulnerable to modern threats. That’s why we’re excited to introduce a smarter, unified approach: Application Security Posture Management (ASPM). ASPM brings together the best of both – Read...
AI-driven cyberattacks are rapidly escalating, with a vast majority of security professionals reporting encounters and anticipating a surge, while struggling with detection – Read More –
Access on-demand webinar here Avoid a $100,000/month Compliance Disaster March 31, 2025: The Clock is Ticking. What if a single overlooked script could cost your business $100,000 per month in non-compliance fines? PCI DSS v4 is coming, and businesses handling payment card data must be prepared. Beyond fines, non-compliance exposes businesses to web skimming, third-party script attacks, and – Read...
A coalition of international law enforcement agencies has seized the website associated with the cryptocurrency exchange Garantex (“garantex[.]org”), nearly three years after the service was sanctioned by the U.S. Treasury Department in April 2022. “The domain for Garantex has been seized by the United States Secret Service pursuant to a seizure warrant obtained by the United States Attorney’s – Read...
Cybersecurity researchers have discovered a malicious Python package on the Python Package Index (PyPI) repository that’s equipped to steal a victim’s Ethereum private keys by impersonating popular libraries. The package in question is set-utils, which has received 1,077 downloads to date. It’s no longer available for download from the official registry. “Disguised as a simple utility for Python – Read...
Symantec found that Medusa has listed almost 400 victims on its data leaks site since early 2023, demanding ransom payments as high as $15m – Read More –
SafeWallet has revealed that the cybersecurity incident that led to the Bybit $1.5 billion crypto heist is a “highly sophisticated, state-sponsored attack,” stating the North Korean threat actors behind the hack took steps to erase traces of the malicious activity in an effort to hamper investigation efforts. The multi-signature (multisig) platform, which has roped in Google Cloud Mandiant to –...
Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025. “The attacker has exploited the vulnerability CVE-2024-4577, a remote code execution (RCE) flaw in the PHP-CGI implementation of PHP on Windows, to gain initial access to victim machines,” Cisco Talos researcher Chetan Raghuprasad said in a technical – Read More ...
At 49, Branden Spikes isn’t just one of the oldest technologists who has been involved in Elon Musk’s Department of Government Efficiency (DOGE). As the current director of information technology at X/Twitter and an early hire at PayPal, Zip2, Tesla and SpaceX, Spikes is also among Musk’s most loyal employees. Here’s a closer look at this trusted Musk lieutenant, whose...
Discover how artificial intelligence is shaping the future of workplace management, from optimizing efficiency to enhancing employee experience.… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
One of the many advancements in the financial system is the adoption of Bitcoin, which has shifted the… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Tata Technologies hit by Hunters International ransomware attack. The group threatened to leak 1.4TB of data. Learn about… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Socket exposes a typosquatting campaign delivering malware to Linux and macOS systems via malicious Go packages. Discover the… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Post Content – Read More – IC3.gov News
One of the most successful actions that cyber threat actors have historically taken is in the use of “phishing” while misrepresenting themselves and convincing people to give up their logins, passwords and/or control of their device. The problem with this is that the users volunteer their information and therefore the breach can’t be prosecuted. Anydesk […] The post Victims of...
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: PCU400, PCULogger Vulnerabilities: Access of Resource Using Incompatible Type (‘Type Confusion’), NULL Pointer Dereference, Use After Free, Double Free, Observable Discrepancy, Out-of-bounds Read 2. RISK EVALUATION Exploitation of these vulnerabilities could allow an attacker to access or decrypt sensitive data, crash the device...
CISA released three Industrial Control Systems (ICS) advisories on March 6, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-065-01 Hitachi Energy PCU400 ICSA-25-065-02 Hitachi Energy Relion 670/650/SAM600-IO ICSA-25-037-02 Schneider Electric EcoStruxure (Update A) CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations. – Read More –...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Relion 670/650/SAM600-IO Vulnerability: Improper Handling of Insufficient Privileges 2. RISK EVALUATION Successful exploitation of this vulnerability could allow anyone with user credentials to bypass the security controls enforced by the product. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Hitachi Energy reports the following products...
An arbitrary file upload vulnerability in the Chaty Pro plugin has been identified, affecting 18,000 WordPress sites – Read More –
Attackers are actively exploiting an RCE flaw in Windows PHP-CGI implementations to target Japanese firms, deploying Cobalt Strike for persistence – Read More –
Post Content – Read More – IC3.gov News
U.S. indicts 12 in Chinese Hacker-for-Hire Network tied to cyber attacks on governments & media. DOJ offers $10M reward for info on key suspects. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Palo Alto, Singapore, 6th March 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
The Chinese state-backed threat group Silk Typhoon shifted tactics in late 2024 to broaden access and enable follow-on attacks against downstream customers of its initial targets, Microsoft Threat Intelligence said in a blog released Wednesday. The Chinese espionage group, which is also known as APT27, has abused stolen API keys and credentials for privileged access management, cloud-based application providers and...
YouTube CEO Neal Mohan was impersonated in a deepfake phishing scam. Learn about the attack, how to spot… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Remote system administration provides powerful and flexible access to systems and services. – Read More – NCSC Feed
The threat actors behind the Medusa ransomware have claimed nearly 400 victims since it first emerged in January 2023, with the financially motivated attacks witnessing a 42% increase between 2023 and 2024. In the first two months of 2025 alone, the group has claimed over 40 attacks, according to data from the Symantec Threat Hunter Team said in a report...
The financially motivated threat actor known as EncryptHub has been observed orchestrating sophisticated phishing campaigns to deploy information stealers and ransomware, while also working on a new product called EncryptRAT. “EncryptHub has been observed targeting users of popular applications, by distributing trojanized versions,” Outpost24 KrakenLabs said in a new report shared with The – Read More – The Hacker News
Elastic has rolled out security updates to address a critical security flaw impacting the Kibana data visualization dashboard software for Elasticsearch that could result in arbitrary code execution. The vulnerability, tracked as CVE-2025-25012, carries a CVSS score of 9.9 out of a maximum of 10.0. It has been described as a case of prototype pollution. “Prototype pollution in Kibana leads...
Layoffs and cutbacks have been cited as major factors in a significant drop in job satisfaction among women working in cybersecurity, according to ISC2 – Read More –
Cyber threats are growing more sophisticated, and traditional security approaches struggle to keep up. Organizations can no longer rely on periodic assessments or static vulnerability lists to stay secure. Instead, they need a dynamic approach that provides real-time insights into how attackers move through their environment. This is where attack graphs come in. By mapping potential attack paths – Read...
Journey with us to Myanmar’s shadowy scam factories, where trafficked workers are forced to run romance-baiting and fake tech support scams, and find out why a company’s mandatory hold time for tech support could lead to innocent users having their computers compromised. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans...
Enisa identifies six sectors that it says must improve on NIS2 compliance – Read More –
Over 1,000 websites powered by WordPress have been infected with a third-party JavaScript code that injects four separate backdoors. “Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed,” c/side researcher Himanshu Anand said in a Wednesday analysis. The malicious JavaScript code has been found to be served via cdn.csyndication[ – Read More ...
The DoJ has charged Chinese government and i-Soon employees for a series of for-profit data theft campaigns – Read More –
How NCSC guidance can help organisations detect and protect themselves from credential abuse. – Read More – NCSC Feed
Vulnerability Scanning solutions offer a cost-effective way to discover and manage common security issues. – Read More – NCSC Feed
The U.S. Department of Justice (DoJ) has announced charges against 12 Chinese nationals for their alleged participation in a wide-ranging scheme designed to steal data and suppress free speech and dissent globally. The individuals include two officers of the People’s Republic of China’s (PRC) Ministry of Public Security (MPS), eight employees of an ostensibly private PRC company, Anxun – Read...
We publish the results of our ACD 2.0 external attack surface management (EASM) trials – Read More – NCSC Feed
The Justice Department on Wednesday indicted 12 Chinese nationals for their alleged involvement in an extensive nation-state-backed espionage campaign that included a spree of attacks on U.S. federal and state agencies, including the late 2024 attack targeting the Treasury Department. Officials accused the Chinese individuals, including two officers of China’s Ministry of Public Security, eight i-Soon employees and two members...
Microsoft warns that Chinese espionage group Silk Typhoon now exploits IT tools like remote management apps and cloud services to breach networks. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
