Ransomware8base ransomware site seized, 4 suspects arrestedLaura FrenchFebruary 10, 2025An international law enforcement operation targeting the Phobos-linked group was led by German authorities.
Identity‘Next level’ brute-force attack uses 2.8 million IPs to target VPNsSteve ZurierFebruary 10, 2025Bad actors target VPNs from leading brands, such as Palo Alto Networks, Ivanti, and SonicWall.
RansomwareRansomware attackers turn to workers for data breach accessShaun NicholsFebruary 7, 2025Ransomware operators are pitching victims to infect additional machines on their company network.
Vulnerability ManagementCISA warns Trimble Cityworks customers of actively exploited RCE flawLaura FrenchFebruary 7, 2025Immediately patching is recommended due to the risk of RCE on Microsoft IIS web servers in critical infrastructure sectors.
Network Security3,000 exposed ASP.NET keys could perform code injection attacksSteve ZurierFebruary 7, 2025Microsoft worries the leaked keys could be pushed into development code without modification, leaving it open to security issues.
Threat IntelligenceKimsuky shifts tactics from traditional backdoors to RDP, proxiesLaura FrenchFebruary 6, 2025The North Korean APT group has leveraged a custom RDP Wrapper and new malware called forceCopy in recent campaigns.
AI/MLFormer Google engineer charged with stealing AI trade secretsShaun NicholsFebruary 6, 2025A Chinese national is facing multiple charges of economic espionage and theft of trade secrets after he was accused of stealing AI technology from Google
Vulnerability ManagementLinux kernel flaw added to CISA’s exploited vulnerabilities listSteve ZurierFebruary 6, 2025Flaw could let attackers escalate privileges on popular Google Android and Pixel devices.
RansomwareRansomware payments drop 35% in 2024, first decrease since 2022Shaun NicholsFebruary 5, 2025The first half of 2024 recorded an increase in ransomware payouts.
Vulnerability ManagementVeeam Updater receives update for critical RCE flawLaura FrenchFebruary 5, 2025The vulnerability affects Veeam Backup for Salesforce, AWS, Microsoft Azure, Google Cloud and more.