Category Security

Nov 21, 2024Ravie LakshmananCryptocurrency / Identity Theft Five alleged members of the infamous Scattered Spider cybercrime crew have been indicted in the U.S. for targeting employees of companies across the country using social engineering techniques to harvest credentials and using…

Four US citizens and one Brit have been charged in connection with a series of sophisticated corporate data breaches and SIM swap-enabled crypto theft. The quintuplet, who are all in their early 20s, are reportedly members of the notorious hacking…

As a relatively new security category, many security operators and executives I’ve met have asked us “What are these Automated Security Validation (ASV) tools?” We’ve covered that pretty extensively in the past, so today, instead of covering the “What is…

Researchers from Google’s OSS-Fuzz team have successfully used AI to identify 26 vulnerabilities in open-source projects maintainers. These included a flaw that has existed for two decades in the OpenSSL library (CVE-2024-9143), a software library that most HTTPS websites rely…

Nov 21, 2024Ravie LakshmananCyber Espionage / Malware The China-aligned advanced persistent threat (APT) actor known as Gelsemium has been observed using a new Linux backdoor dubbed WolfsBane as part of cyber attacks likely targeting East and Southeast Asia. That’s according…

When we think about our data being leaked onto the internet, we often picture it as our financial records, our passwords, our names and addresses… what is less often considered is the exposure of our private medical information. A French…

Recent discoveries have unveiled two new malware strains, WolfsBane and FireWood, targeting Linux systems. These advanced tools have been attributed by ESET to the notorious Gelsemium Advanced Persistent Threat (APT) group, a cyber-espionage entity with a history of targeting government,…

Nov 21, 2024Ravie LakshmananVulnerability / Cyber Attack As many as 2,000 Palo Alto Networks devices are estimated to have been compromised as part of a campaign abusing the newly disclosed security flaws that have come under active exploitation in the…

Researchers from Group-IB have revealed new findings highlighting significant differences in the methods and structures of two prominent infostealer malware families, VietCredCare and DuckTail.  Both have been central to the cybercrime ecosystem in Vietnam, targeting Facebook Business accounts for financial gain. The…

Privileged access management (PAM) plays a pivotal role in building a strong security strategy. PAM empowers you to significantly reduce cybersecurity risks, gain tighter control over privileged access, achieve regulatory compliance, and reduce the burden on your IT team. As…