Since 2017, at least 11 state-sponsored threat groups have actively exploited a Microsoft zero-day issue that allows for abuse of Windows shortcut files to steal data and commit cyber espionage against organisations across multiple industries. Threat analysts from Trend…
Category: CySecurity News – Latest Information Security and Hacking Incidents
Hackers Exploit Fortinet Firewall Bugs to Deploy Ransomware
Cybersecurity researchers have uncovered a new attack campaign in which hackers are exploiting vulnerabilities in Fortinet firewalls to breach corporate networks and deploy ransomware. The hacking group, tracked as “Mora_001,” is leveraging two specific flaws in Fortinet’s firewall software…
Albabat Ransomware Evolves with Cross-Platform Capabilities and Enhanced Attack Efficiency
Cybersecurity researchers at Trend Micro have uncovered new variants of the Albabat ransomware, designed to target multiple operating systems and optimize attack execution. Albabat ransomware 2.0 now extends beyond Microsoft Windows, incorporating mechanisms to collect system data and streamline…
Why Unencrypted Files Pose a Serious Security Risk
It is becoming increasingly common for digital communication to involve sharing files, whether for professional or personal reasons. Some file exchanges are trivial, such as sending humorous images by email, while others contain highly sensitive information that needs to…
The Growing Threat of Infostealer Malware: What You Need to Know
Infostealer malware is becoming one of the most alarming cybersecurity threats, silently stealing sensitive data from individuals and organizations. This type of malware operates stealthily, often going undetected for long periods while extracting valuable information such as login credentials,…
Microsoft Warns of Malvertising Campaign Impacting Over 1 Million Devices Worldwide
Microsoft has revealed details of a large-scale malvertising campaign that is believed to have impacted over one million devices worldwide as part of an opportunistic attack aimed at stealing sensitive information. The tech giant, which discovered the activity in…
Huge Spike in Social Media and Email Hacks – Simple Ways to Protect Yourself
There has been a worrying rise in the number of people losing control of their social media and email accounts this year. According to recent data from Action Fraud, the UK’s national cybercrime reporting center, over 35,000 cases were…
Chinese APT Volt Typhoon Target U.S. Power Utility in Prolonged Cyberattack
Chinese hackers involved in the Volt Typhoon attack spent over a year inside the networks of a major utility company in Littleton, Massachusetts. In a report published last week, Dragos, an operational technology (OT) cybersecurity firm, described their work…
Deauthentication Attacks Leave Wi-Fi Networks at Risk
A recent report from Nozomi Networks has revealed that the vast majority of Wi-Fi networks are highly vulnerable to deauthentication attacks, a common form of denial-of-service (DoS) attack. After analyzing telemetry from hundreds of operational technology (OT) and internet…
Lazarus Group Intensifies Attacks on South Korean Web Servers
Researchers have uncovered a series of highly sophisticated cyberattacks by the notorious Lazarus group, targeting web servers in South Korea. The attackers have been infiltrating IIS servers to deploy ASP-based web shells, which serve as the first-stage Command and…