AI/MLPhishing attacks armed with AI capabilities are on the riseShaun NicholsOctober 4, 2024Phishing attacks are become more prevalent as threat actors are arming themselves with potent new tools.
RansomwareMedusaLocker ransomware variant paired with ‘paid_memes’ toolkitLaura FrenchOctober 4, 2024The “BabyLockerKZ” variant has been in use by an unnamed threat actor since late 2023.
Network SecurityDOJ, Microsoft take down 107 Russian-backed Star Blizzard domainsSteve ZurierOctober 4, 2024Security pros says while Star Blizzard will most likely regroup, it does degrade their operations and gives defenders some time to deploy AI-powered tools.
Cloud Security‘LLM hijacking’ of cloud infrastructure uncovered by researchersLaura FrenchOctober 3, 2024Attackers leverage exposed access keys to run chatbot services at the victim’s expense.
Vulnerability ManagementIvanti warns critical flaws in Endpoint Manager exploited in the wildShaun NicholsOctober 3, 2024Ivanti is advising administrators to get up to date on their patches following a new spell of exploits against Endpoint Manager (EPM).
Network Security14 DrayTek vulnerabilities patched, including max-severity RCE flawLaura FrenchOctober 2, 2024More than 267,000 internet-exposed routers are likely vulnerable to exploitation.
Network SecurityZimbra email platform under active attack, RCE possibleShaun NicholsOctober 2, 2024If properly executed, the exploit would allow an attacker to obtain remote code execution on the target server.
RansomwareNorth Korean’s Stonefly shifts from espionage to ransomware, extortionSteve ZurierOctober 2, 2024While it not has been successful on its first wave of attacks, security pros warn that Stonefly intends to extort U.S. companies via ransomware.
Network SecuritySAP, D-Link flaws among 4 added to Known Exploited Vulnerabilities catalogLaura FrenchOctober 1, 2024Older, unpatched vulnerabilities remain a risk for organizations.
RansomwareEvil Corp/REvil malware crime group outed as a family affairShaun NicholsOctober 1, 2024The Evil Corp/Revil malware operation was the work of a small group of criminals who had family ties and Kremlin connections.