Experts discovered a new hacker hacker-for-hire group that is targeting organizations worldwide with malware hidden inside malicious 3Ds Max plugins. Security researchers from Bitdefender discovered a new hacker group that is currently targeting companies across the world with malware hidden

TLS and VPN Flaws Offer Most Pen Tester Access Vulnerabilities in transport layer security and exposure to a 10-year-old botnet are the most common findings from penetration testing engagements. According to data from investigations between June 2019 to June 2020

Security Flaws in Two Popular TV Set-Top Boxes Expose Customers to Attack Serious security flaws have been discovered in two popular TV set-top boxes, potentially leaving customers at risk cyber-attack. According to an investigation by Avast, the THOMSON THT741FTA and

FBI/CISA Warn US Firms of State-Mandated Tax Malware The US government has been forced to issue another warning to organizations doing business in China after reports of a potentially widespread attempt to remotely target them with powerful malware hidden in

Click Fraud Risk as Smartphone Discovered with Pre-Installed Malware Security researchers have discovered malware pre-installed on a Chinese smartphone and designed to facilitate mobile ad fraud on a massive scale. Upstream’s Secure-D Lab said it recorded 19.2 million suspicious transactions,

New Mercenary APT Group Targeted Autodesk Software Security researchers have uncovered yet another hacker-for-hire group armed with APT-style capabilities, which has targeted at least one high-value victim in the real estate sector. Bitdefender revealed details of the unnamed group in

A hack-for-hire group, tracked as DeathStalker, has been targeting organizations in the financial sector since 2012 Kaspersky researchers say. DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since

North Korea-linked Lazarus APT group targets cryptocurrency organizations with fake job offers in an ongoing spear-phishing campaign. North Korea-linked Lazarus APT group (aka HIDDEN COBRA) has been observed while using LinkedIn lures in a spear-phishing campaign targeting the cryptocurrency organizations worldwide, including

A researcher disclosed technical details of an unpatched vulnerability in Apple’s Safari web browser that can be exploited to steal files from the targeted system. An expert disclosed the details of an unpatched vulnerability in Apple’s Safari web browser that

A cyber-attack has shut down virtual classes in a Los Angeles school district two weeks after the FBI issued a cybersecurity warning to schools offering online learning. In a grim foreshadowing of what was to come, FBI supervisory special agent

Registration for the fall season of the National Cyber League (NCL) opened yesterday. The league provides an exciting virtual environment in which students of all levels can apply their cybersecurity skills to real-world scenarios encountered by professionals in the cybersecurity

Nearly half (47%) of UK IT leaders have not updated their security strategies to account for their move to cloud environments, putting their organizations at higher risk of cyber-attack, according to a new study by Trend Micro commissioned for CLOUDSEC

Palo Alto Networks has announced its intention to acquire consultancy Crypsis Group. The two companies have entered into a definitive agreement which will see Palo Alto Networks acquire the incident response, risk management and digital forensics consulting firm for a

Popular stock photo site Freepik has disclosed a major data breach affecting over eight million customers. The incident also affected users of the sister site Flaticon, which claims to run the world’s largest database of free icons. In a breach

Security researchers have urged organizations to upskill incident detection and response teams, after revealing a new Lazarus Group attack which managed to bypass advanced EDR and network security at a cryptocurrency firm. The tactical intelligence report details an attack which

A group of “newbie” Iranian hackers have been blamed for attacks using the Dharma ransomware variant on targets in Russia and Asia. The threat actors’ relative inexperience was highlighted by several characteristics of the attacks against companies in Russia, Japan,