Qilin ransomware steals credentials stored in Google Chrome

Sophos researchers investigated a Qilin ransomware breach attack that led to the theft of credentials stored in Google Chrome browsers. Sophos researchers investigated a Qilin ransomware attack where operators... Read more »

Cybercriminals Deploy New Malware to Steal Data via Android’s Near Field Communication (NFC)

A new malware called NGate allows cybercriminals to steal near field communication data from Android phones via sophisticated social engineering. The data is relayed to the fraudsters before being... Read more »

Phishing attacks target mobile users via progressive web applications (PWA)

Cybercriminals use progressive web applications (PWA) to impersonate banking apps and steal credentials from mobile users. ESET researchers detailed a phishing campaign against mobile users that uses Progressive Web Applications... Read more »

Member of cybercrime group Karakurt charged in the US

The Russian national Deniss Zolotarjovs has been charged in a U.S. court for his role in the Karakurt cybercrime gang. Deniss Zolotarjovs (33), a Russian cybercriminal, has been charged... Read more »

Another critical SolarWinds Web Help Desk bug fixed (CVE-2024-28987)

A week after SolarWinds released a fix for a critical code-injection-to-RCE vulnerability (CVE-2024-28986) in Web Help Desk (WHD), another patch for another critical flaw (CVE-2024-28987) in the company’s IT... Read more »

New malware Cthulhu Stealer targets Apple macOS users

Cato Security found a new info stealer, called Cthulhu Stealer, that targets Apple macOS and steals a wide range of information. Cado Security researchers have discovered a malware-as-a-service (MaaS)... Read more »

China-linked APT Velvet Ant exploited zero-day to compromise Cisco switches

China-linked APT group Velvet Ant exploited a recently disclosed zero-day in Cisco switches to take over the network appliance. Researchers at cybersecurity firm Sygnia reported that the China-linked APT... Read more »

Drawbridge expands cyber risk assessment service

Drawbridge released its next generation cyber risk assessment service. Provided as a suite of modules, the solution combines a set of analytics with Drawbridge’s client service. Clients can now... Read more »

Vulnerability prioritization is only the beginning

To date, most technology solutions focused on vulnerability management have focused on the prioritization of risks. That usually took the shape of some risk-ranking structure displayed in a table... Read more »

Fraud tactics and the growing prevalence of AI scams

In the first six months of 2024, Hiya flagged nearly 20 billion calls as suspected spam – more than 107 million spam calls everyday. The data showed spam flag... Read more »
Subscribe to our Newsletter