Ten years ago, ransomware actors mainly worked alone or in small groups, targeting home computer users through spam emails to encrypt personal files and demand relatively small amounts of cryptocurrency for their safe return. Today, many ransomware gangs operate like…
Category: Information Security Buzz
Lazarus Group Targets Developers with Fake Coding Tests
A fresh wave of attacks tied to North Korea’s infamous Lazarus Group is targeting software developers through fraudulent job recruitment schemes. These attacks are part of the VMConnect campaign, first uncovered in August last year. Malicious actors pretend to be…
DragonRank SEO Manipulator is Targeting Asia and Europe
A new cyber threat dubbed “DragonRank” is actively targeting countries across Asia and Europe. Discovered by Cisco Talos, the sophisticated campaign leverages malicious tools like PlugX and BadIIS to exploit web application services and manipulate SEO rankings. DragonRank primarily focuses…
Behind the Power of the Cloud
It takes up to 7,500 liters of water to manufacture a single pair of jeans. All the work required to soften denim to a texture that consumers will buy, as well as the addition of sandblasting to distress them to…
Unveiling Hidden APIs and Securing Vulnerabilities in the Healthcare Sector
Healthcare is no longer just about treating the sick; it’s about safeguarding their most personal information. Unfortunately, today, a slew of threats target this sector, including ransomware, phishing, API vulnerabilities, and the significant complexities of securing interconnected systems and supply…
RansomHub Serves Up LaZagne
New Attack Technique Using TDSSKiller and LaZagne Disables EDR The RansomHub ransomware group has debuted a novel attack strategy, using a combination of tools to disable endpoint detection and response (EDR) systems and steal credentials. This is a change in…
The Biggest Cyber Warfare Attacks in Global Geopolitics
As governments, businesses, and organizations increasingly rely on digital systems, cyberattacks have become more systematic and widespread. These coordinated attacks can disrupt a country’s operations just as much as a physical offensive, making it crucial to understand their possible impact.…
Strengthening Healthcare Cybersecurity: Lessons from Recent Supplier Attacks
The global healthcare system has become increasingly integrated with third-party medical suppliers in recent years. These suppliers are vital in providing essential services, medical equipment, pharmaceuticals, and digital tools that healthcare organizations depend on to operate efficiently. However, while these…
Payment Gateway Breach Exposes 1.7 Million Customers
A significant data breach at the payment gateway provider SLIM CD has exposed over 1.7 million customers to the risk of identity theft and financial fraud. The breach, which took place between August 2023 and June 2024, compromised sensitive personal…
The Role of SIEM in Regulatory Compliance
Organizations of every size and in every industry must adhere to stringent compliance standards. Regulations like the Health Insurance Portability and Accountability Act (HIPAA), the General Data Protection Regulation (GDPR), and the Payment Card Industry Data Security Standard (PCI DSS)…