Subscribe
Subscribe to Newsletter

Threats

Stay informed on the latest cybersecurity threats and news to better protect your data, networks, applications, and devices. Our coverage includes emerging vulnerabilities, evolving attack techniques, and the latest security breaches to help you understand and mitigate risks.

  • Threat Group Continuously Updates Malware to Evade Antivirus Software

    Kaspersky researchers recently found evidence of an advanced threat group continuously updating its malware to evade security products, similar to a release cycle for developers. Kaspersky revealed that APT10, also known as the Cicada hacking group, has successfully deployed the LODEINFO malware in government, media, public sector, and diplomatic organizations in Japan. LODEINFO has been…

  • The History of Computer Viruses & Malware

    If you’ve used a computer for more than 5 minutes, you probably know a thing or two about computer viruses and malware. On the modern Internet, malware is a near-constant presence. Whether it’s infected emails stealing employee access credentials or the plague of ransomware that has menaced the business world in recent years, there are…

  • Heartbleed 2.0? OpenSSL Warns of Second-Ever Critical Security Flaw

    The OpenSSL project this week announced plans to release version 3.0.7 on November 1 to patch a critical security flaw affecting versions 3.0 and later. Co-founder Mark J. Cox noted it’s only the second critical patch “since we started rating flaws back in 2014.” OpenSSL identifies critical issues as those affecting common configurations and likely…

  • Cybercriminals Use Fake Public PoCs to Spread Malware and Steal Data

    GitHub proofs of concept (PoCs) for known vulnerabilities could themselves contain malware as often as 10% of the time, security researchers have found. Researchers at the Leiden Institute of Advanced Computer Science have alerted security professionals about risks associated with GitHub and other platforms like pastebin that host public PoCs of exploits for known vulnerabilities.…

  • New Version of Fodcha DDoS Botnet Adds Extortion

    Back in April of this year, 360 Netlab researchers reported on a new DDoS botnet with more than 10,000 daily active bots and over 100 DDoS victims per day, dubbed Fodcha due to its command and control (C2) domain name folded.in and its use of the ChaCha encryption algorithm. In response to 360 Netlab’s report,…

  • Data Exfiltration: Symantec Warns of Exbyte Threat as Hive Group Leaks Tata Data

    Symantec researchers are warning that a BlackByte ransomware affiliate has begun using a custom data exfiltration tool, Infostealer.Exbyte, to steal data from victims’ networks as part of their attacks. Still, as a recent breach of an Indian power company by a different ransomware group demonstrates, the extra effort of stealing data doesn’t always pay off…

  • How to Recover From a Ransomware Attack

    Ransomware response and recovery can broken down into four steps: 1. Isolate, Assess, Call for Help: 2. Recover what can be recovered, replace what cannot be recovered. 3. Apply lessons-learned and block future attacks. 4. Revise (or create) the ransomware incident response plan. 1. Isolate, Assess, Call for Help The initial incident response requires the…

  • Ransomware Group Bypasses Windows 10 Warnings

    A ransomware family targeting individual computer users is using a zero-day Windows bug to infect users, ANALYGENCE senior vulnerability analyst Will Dormann has found. HP Wolf Security researchers recently published a blog post on the Magniber ransomware campaign’s ability to use JavaScript to disguise a malicious file as an antivirus or Windows 10 update. Magniber…

  • Time-Consuming Remediation: Assessing the Impact of Text4Shell

    Security researcher Alvaro Muñoz recently warned of a critical vulnerability in versions 1.5 through 1.9 of Apache Commons Text. The flaw, dubbed “Text4Shell” and identified as CVE-2022-42889, can enable remote code execution via the StringSubstitutor API. In response, version 1.10 was released, which disables script interpolation by default. While the flaw carries a very high…

  • Fully Undetectable PowerShell Backdoor Found by Security Researchers

    SafeBreach Labs researchers recently uncovered a new fully undetectable (FUD) PowerShell backdoor that uses a novel approach to disguise itself as part of the Windows update process. “The covert self-developed tool and the associated C2 commands seem to be the work of a sophisticated, unknown threat actor who has targeted approximately 100 victims,” SafeBreach director…

Get the free newsletter

Subscribe to Cybersecurity Insider for top news, trends & analysis

This field is required This field is required

IT Security Resources

Top Cybersecurity Companies

See Full List