Latest Cybersecurity News and Articles

Hackers set Monday deadline for LAUSD to pay up or have private data posted on dark web

A criminal syndicate has set a Monday deadline for the Los Angeles public school system to pay a ransom or have its data released on the dark web, which could potentially expose the confidential information of students and employees.

CISA: Hackers exploit critical Bitbucket Server flaw in attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has added three more security flaws to its list of bugs exploited in attacks, including a Bitbucket Server RCE and two Microsoft Exchange zero-days.

SolarMarker Attack Leverages Weak WordPress Sites, Fake Chrome Browser Updates

Researchers have discovered the group behind the SolarMarker malware targeting a global tax consulting organization with a presence in the US, Canada, the UK, and Europe, which is using fake Chrome browser updates as part of watering hole attacks.

Cybercriminals See Allure in BEC Attacks Over Ransomware

While published trends in ransomware attacks have been contradictory — with some firms tracking more incidents and other fewer — business email compromise (BEC) attacks continue to have proven success against organizations.

Update: Vice Society raises ransomware pressure on Los Angeles school district

The threat, which was discovered and published on Twitter by Brett Callow from Emsisoft, effectively gives the Los Angeles school district less than four days to respond. Vice Society did not include any details about the data it plans to publish.

Dissecting BlueSky Ransomware Payload

BlueSky is a ransomware firstly spotted in May 2022. The group behind the ransomware doesn’t adopt the double-extortion model and their targets are even normal users because the ransomware has been discovered inside cracks of programs and games.

Fake CISO Profiles on LinkedIn Target Fortune 500s – Krebs on Security

The fabricated LinkedIn identities are confusing search engine results for CISO roles at major companies, and they are being indexed as gospel by various downstream data-scraping sources.

Fired admin cripples former employer's network using old credentials

The U.S. Department of Justice says in a press release that the defendant pled guilty yesterday to accessing his former employer's website and making configuration changes to redirect web and email traffic to external computers.

Cisco Patches High-Severity Vulnerabilities in Networking Software

Cisco announced IOS and IOS XE software updates that address 12 security vulnerabilities. The bugs were resolved as part of Cisco’s semiannual bundle patches for its networking software, which it releases in March and September.

'Disgruntled insider' shared REvil information with researchers, helped law enforcement

The insider went on to help researchers understand the inner workings of the group that became known as REvil, whose antics and crimes made headlines after attacking beef producer JBS.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags