Breaking (Cyber) News

Keep abreast of breaking cyber security news and evolution in the cyber threat landscape

RSS The Hacker News
  • New Variant of Banking Trojan BBTok Targets Over 40 Latin American Banks
    An active malware campaign targeting Latin America is dispensing a new variant of a banking trojan called BBTok, particularly users in Brazil and Mexico. "The BBTok banker has a dedicated functionality that replicates the interfaces of more than 40 Mexican and Brazilian banks, and tricks the victims into entering its 2FA code to their bank accounts […]
  • How to Interpret the 2023 MITRE ATT&CK Evaluation Results
    Thorough, independent tests are a vital resource for analyzing provider’s capabilities to guard against increasingly sophisticated threats to their organization. And perhaps no assessment is more widely trusted than the annual MITRE Engenuity ATT&CK Evaluation.  This testing is critical for evaluating vendors because it’s virtually impossible to evaluate cybersecurity vendors based on their own
  • Iranian Nation-State Actor OilRig Targets Israeli Organizations
    Israeli organizations were targeted as part of two different campaigns orchestrated by the Iranian nation-state actor known as OilRig in 2021 and 2022. The campaigns, dubbed Outer Space and Juicy Mix, entailed the use of two previously documented first-stage backdoors called Solar and Mango, which were deployed to collect sensitive information from major browsers and the Windows […]
RSS CSO Online
  • Top cybersecurity M&A deals for 2023
    Uncertainty and instability marked the end of 2022 for many in the tech sector, a trend that bled into the beginning of 2023. Following on the heels of a drought in IT talent came mass layoffs at many of the world's biggest tech companies as predictions of recession loomed and war in Ukraine dragged on […]
  • Unmasking ransomware threat clusters: Why it matters to defenders
    Cybersecurity analysts have typically dissected ransomware attacks in isolation, scrutinizing the tactics, techniques, and procedures (TTPs) unique to each incident. However, new Sophos research shows why it is critical for defenders to look beyond the surface as attacks executed by different threat groups often display noteworthy similarities. These so-called ransomware threat clusters offer insights into […]
  • China’s offensive cyber operations support “soft power” agenda in Africa
    Targeted cyber intrusions against key industrial sectors in various African nations conspicuously align with China's broader soft power and technological agenda in the region, encompassing critical areas such as the telecommunication sector, financial institutions, and governmental bodies. That's according to a new report from SentinelOne, which has observed sustained tasking toward strategic intrusions by Chinese […]
RSS Naked Security
RSS GBHackers – Latest Cyber Security News | Hacker News
  • Cryptojacking Campaign Infected Online Thesaurus With Over 5 Million Visitors
    Students, authors, and anybody else wishing to improve their vocabulary and language abilities frequently utilize Thesaurus, one of the well-known platforms with 5 million monthly visitors. Cybersecurity analysts at Group-IB recently found a cryptojacking scheme on a popular Thesaurus site, infecting visitors with malware to mine cryptocurrency and potentially deploy more harmful software. Group-IB’s 24/7 […]
  • Gold Melody Attacking Organizations With Burp Extension, Mimikatz, and Other Tools
    The financially motivated GOLD MELODY threat group has been active at least since 2017, attacking organizations by taking advantage of flaws in unpatched internet-facing servers. A threat group serves as an initial access broker (IAB) by selling access to organizations that have been compromised to other cybercriminals for their gain. “The victimology suggests opportunistic attacks […]
  • MOVEit Transfer SQL Injection Let the Attacker Gain Unauthorized Access to the Database
    MOVEit transfer service pack has been discovered with three vulnerabilities associated with SQL injections (2) and a Reflected Cross-Site Scripted (XSS). The severity for these vulnerabilities ranges between 6.1 (Medium) and 8.8 (High). Progress-owned MOVEit transfer was popularly exploited by threat actors who attacked several organizations as part of a ransomware campaign. The organizations previously […]

Join Our Newsletter

ADDRESS

Two Twins Oaks,
227 North Loop 1604,
E Suite 150, San Antonio,
Texas 78232.

Privacy Policy

© 2023 DIGISSLLC All Rights Reserved.