DataBreaches
FTC Publishes Blog Post on Data Security Practices for Complex Systems
Caleb Skeath, Shayan Karbassi, and Ashden Fein of Covington & Burling write: In February, the Federal Trade Commission (“FTC”) published a blog...
DataBreaches
Caleb Skeath, Shayan Karbassi, and Ashden Fein of Covington & Burling write: In February, the Federal Trade Commission (“FTC”) published a blog...
CyberNews
The ALPHV/BlackCat ransom gang exposes intimate details about the UnitedHealth Group cyberattack it claims to have carried out against UHG subsidiary Change Healthcare.
DataBreaches
AlphV wasn’t the only group experiencing some disruption this week In August, “The Five Families” announced the collaboration of ThreatSec,...
DataBreaches
Joseph Lazarrotti of JacksonLewis writes: On May 20, 2022, the Federal Trade Commission’s Team CTO and the Division of Privacy and Identity Protection...
Ars Technica
Google: "There are bound to be some oddities and errors" in system that told people to eat rocks.
CyberNews
NHS Scotland was posted on INC Ransom's dark web blog.
Infosecurity News
Microsoft's Digital Threat Analysis Center shared the findings last Friday in a blog post
Trend Micro
This three-part blog series explores the risks associated with CNC machines
Trend Micro
This three-part blog series explores the risks associated with CNC machines
Infosecurity News
Security experts at Guardio Labs discussed the findings in a new blog post
Infosecurity News
Guardio Labs detected the campaign and detailed its findings in a technical blog post
Trend Micro
This three-part blog series explores the risks associated with CNC machines
Infosecurity News
The bug was discovered by developer Jeff Johnson, who detailed his findings in a blog post
SecurityWeek
Adobe patches critical code execution vulnerability in ColdFusion for which a proof-of-concept (PoC) blog exists.
Infosecurity News
Trellix cybersecurity researchers discussed the implications of these flaws in a new blog post published on Sunday
HACKRead
Although the main dark web domain of the ALPHV Ransomware has been seized, the blog remains online.
Security Affairs
Happy BirthDay Security Affairs! Eleven years together! I launched Security Affairs for passion in November 2011 and since then the blog was visited by tens of millions of readers. Thank you! Eleven years ago I decided to launch Security Affairs, a blog that is considered today one of the most valuable sources of the cybersecurity […]
DataBreaches
Hunton Andrews Kurth blog reports: On October 28, 2021, the European Parliament’s Committee on Industry, Research and Energy adopted a draft directive on...
CyberNews
Platformer, a popular technology blog, said it was leaving Substack over its moderation policy that does not explicitly ban pro-Nazi content.
DataBreaches
Connor Jones reports: ….. Some researchers noted the return of REvil’s ‘happy blog’ – the place where it announced its hacks – on 19...
Trend Micro
Our blog entry provides an in-depth analysis of Earth Hundun's Waterbear and Deuterbear malware.
DataBreaches
From Microsoft’s Blog: The Microsoft Threat Intelligence Center (MSTIC) has observed and taken actions to disrupt campaigns launched by SEABORGIUM, an...
The Cyber Express
The National Cyber Security Centre (NCSC) in the UK has issued a comprehensive blog aimed at educating individuals and organizations
DataBreaches
A detailed blog on Analysis of the Global Malware Trend: Exploiting Undocumented OAuth2 Functionality to Regenerate Google Service Cookies Regardless of IP or...
Bleeping Computer
The REvil ransomware operation has likely shut down once again after an unknown person hijacked their Tor payment portal and data leak blog.
DataBreaches
Brett Callow of Emsisoft broke the unpleasant news on Twitter last night — REvil’s dedicated leak site, “The Happy Blog,” which had...
Trend Micro
This blog entry looks at the characteristics of a new WannaRen ransomware variant, which we named Life ransomware after its encryption extension.
The Record
In a blog post, the FTC gave special attention to the sale of geolocation data and what the agency called the “surreptitious disclosure of sensitive information" by automakers.
DataBreaches
Lawrence Abrams reports: In a new blog post published tonight, Microsoft has confirmed that one of their employee’s accounts was compromised by Lapsus$,...
DataBreaches
Yan Luo, Zhijing Yu, and Vicky Liu of Covington & Burling write: In Part 1 of this blog series (see here), we discussed recent data protection...
DataBreaches
A new blog post by Resecurity indicates that BlackCat’s average ransom demand is now over $2 million. They write: Based on the recently compromised...
DataBreaches
On their dark web blog, Quantum threat actors claim to have acquired 32 GB of files from Tehama County Social Services in California. Quantum describes the...
Trend Micro
This blog post analyzes a stealthy and expeditious ransomware called BabLock (aka Rorschach), which shares many characteristics with LockBit.
Cyber Security News
In a recent blog post, Google Cloud has shared details about an incident that impacted one of its Australian customers, UniSuper, a pension fund.
DataBreaches
The “Happy Blog” leak site belonging to the Sodinokibi threat actors known as “REvil” (“Are Evil”) is offline, and their...
DataBreaches
Intel471 has an interesting blog post on KillNet, a group that has declared itself pro-Russian and has been attacking detractors or enemies of Russia. Since...
DataBreaches
Mark Keierleber’s article on The 74, noted on this blog yesterday and discussed by some of us on infosec.exchange, has apparently resulted in the...
DataBreaches
Seen on Resecurity’s blog: a reminder that our current defenses fall rapidly as nimble criminals find a work-around and that some developments enable...
CyberNews
A TikTok blog post, released Thursday, aims to dispel accusations that the social app is pushing a political agenda regarding the still unfolding Israel-Hamas conflict.
DataBreaches
There’s a fascinating blog post out today by Gemini Advisory. Here are just the key findings to give you a sense of it all: The cybercriminal group...
DataBreaches
From today’s update to the LockBit3.0 blog, now under the control of law enforcement, we read claims that law enforcement knows who and where LockBitSupp...
DataBreaches
As seen on Intel471’s blog: There’s been a shift in the ransomware-as-a-service ecosystem. Be it due to law enforcement, infighting amongst groups or...
Trend Micro
In this blog entry, we will provide details on Rhysida, including its targets and what we know about its infection chain.
Infosecurity News
As a critical infrastructure service for cybercriminals, bulletproof hosting should be tracked and blocked by defenders, Intel471 argued in a new blog post
DataBreaches
Mullvad reports on their blog: On April 18 at least six police officers from the National Operations Department (NOA) of the Swedish Police visited the Mullvad...
The Record
A group that operates through a data leak blog called Ransomed tells its alleged victims that shelling out an extortion payment is smarter than facing a government fine for a data breach.
Trend Micro
In June 2023, Trend Micro observed an upgrade to the evasion techniques used by the Batloader initial access malware, which we’ve covered in previous blog entries.
Trend Micro
In the second part of our Water Labbu blog series, we explore how the threat actor exploits Electron-based applications using Cobalt Strike to deploy backdoors.
DataBreaches
Every day, I compile data on breaches or leaks involving medical or health data. Many of them never appear on this blog at all. Others will appear on this...
Trend Micro
This blog entry details a scheme that exploits the recent Morocco earthquake by impersonating the domain name of a well-known humanitarian organization for financial fraud.
DataBreaches
Rachel Monroe has an interesting profile of a ransom negotiator in The New Yorker. But the piece also provides an answer to a puzzling claim in a blog post by...
Trend Micro
In this blog series our team examined various ICS vulnerabilities using the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for ICS.
Trend Micro
The first of a series of blog posts examines the security risks of Codex, a code generator powered by the GPT-3 engine.
DataBreaches
MX: LV threat actors claim to have hacked UnitedAuto On November 19, LV BLog added UnitedAuto, a Mexican automotive company, to its leak site, claiming to have...
The Hacker News
Navigating cybersecurity compliance just got easier. Our latest blog taps into the wisdom of CISOs to share strategies for managing data security requ
Trend Micro
In part two of this blog entry, we further investigate the innings of smspva.net and discuss the impact and implications of such services.
DataBreaches
On Monday afternoon, LockBit3.0’s dark web blog was replaced by a 404 message and then a seizure notice: The notice reads: The Site is Now Under Control...
The Hacker News
MuddyWater, linked to Iran's MOIS, strikes again with DarkBeatC2. Our latest blog unpacks the latest tactics in cyber warfare.
Cyber Security News
Microsoft has published a blog detailing BlackCat Ransomware, also called ALPHV, a prevalent threat and a major example of the growing ransomware-as-a-service (RaaS) gig economy.
DataBreaches
As previously noted by this site and others, REvil threat actors appear to have re-emerged after disappearing in July.. Their dedicated leak site and blog are...
Trend Micro
In this blog entry, we discuss predictions from Trend Micro’s team of security experts about the drivers of change that will figure prominently in 2024.
Trend Micro
Our blog entry provides a look at an attack involving the LV ransomware on a Jordan-based company from an intrusion analysis standpoint
Trend Micro
This blog introduces discussions from S4x23, the ICS security conference in Miami over several posts. The first installment will cover two topics from the academic interviews.
Trend Micro
In this three-part blog entry, our team explored SMS PVA, a service built on top of a global bot network that compromises smartphone cybersecurity as we know it.
Trend Micro
This blog discusses how CVE-2021-4034 can be detected and blocked using Trend Micro™ Vision One™ and Trend Micro Cloud One™.
Trend Micro
In this blog entry, we focus on Earth Preta's campaign that employed a variant of the DOPLUGS malware to target Asian countries.
The Hacker News
Learn more about the risks and vulnerabilities affecting your e-commerce web application this holiday season in our latest blog.
DataBreaches
One of the recurring themes in this site’s blog posts this year has been the fact that way too many entities not only store old data, but fail to secure...
Trend Micro
In the final chapter of our blog series, we discuss mitigating strategies and recommendations to keep DDS protected from malicious actors.
Trend Micro
Two vulnerabilities in PaperCut have been found, and one of them is being actively exploited in the wild. This blog entry provides a summary of the vulnerabilities, and includes security guidance for IT and SOC professionals.
Trend Micro
This blog entry aims to highlight the dangers of internet-facing routers and elaborate on Pawn Storm's exploitation of EdgeRouters, complementing the FBI's advisory from February 27, 2024.
Trend Micro
This blog entry details our investigation of CVE-2019-8561, a vulnerability that exists in the macOS PackageKit framework, a component used to install software installer packages (PKG files).
Trend Micro
From articles to hackathons, cybercriminals are resorting to crowdsourcing to find more ways to exploit systems. In this blog, we discuss our takeaways and summarize the results of these contests.
Trend Micro
This blog entry discusses the Agenda ransomware group's use of its latest Rust variant to propagate to VMWare vCenter and ESXi servers.
Trend Micro
In this blog entry, we discuss a malicious campaign that targets Alibaba Cloud’s OSS buckets with leaked credentials for malware distribution and cryptojacking.
Trend Micro
In this blog entry, we’d like to highlight our findings on Vice Society, which includes an end-to-end infection diagram that we were able to create using Trend Micro internal telemetry.
Trend Micro
This blog entry explores the effectiveness of ChatGPT's safety measures, the potential for AI technologies to be misused by criminal actors, and the limitations of current AI models.
Trend Micro
Pikabot is a loader with similarities to Qakbot that was used in spam campaigns during most of 2023. Our blog entry provides a technical analysis of this malware.
Trend Micro
This blog entry discusses the technical details of how we exploited CVE-2022-22583 using a different method. We also tackle the technical details of CVE-2022-32800, another SIP-bypass that we discovered more recently, in this report.
Trend Micro
This 3-part blog series takes an in-depth look at the evolution of ransomware business models, from the early stages to current trends.
Trend Micro
This 3-part blog series takes an in-depth look at the evolution of ransomware business models, from the early stages to current trends.
Trend Micro
This 3-part blog series takes an in-depth look at the evolution of ransomware business models, from the early stages to current trends.
Trend Micro
This blog entry details how Trend Micro Cloud One™ – Workload Security and Trend Micro Vision One™ effectively detected and blocked the abuse of the CVE-2020-14882 WebLogic vulnerability in affected endpoints.
Latest Hacking News
A new threat has emerged that exploits a vulnerability in Microsoft Teams. This attack, known as the GIFShell attack, allows threat actors to execute commands and steal data using GIFs. This blog post delves into
Latest Hacking News
Microsoft researchers discovered a serious vulnerability in TikTok that threatened user accounts’ security. Specifically, they found an account hijacking vulnerability in the TikTok Android app. TikTok App Account Hijacking Vulnerability As elaborated in a recent blog post,
Latest Hacking News
Researchers found numerous vulnerabilities affecting Peloton Treadmill systems that allow malware attacks. An adversary may exploit the flaws to access sensitive device data, including users’ information. Multiple Vulnerabilities Affected Peloton Treadmill Firmware According to a recent blog
Trend Micro
In this blog post, we discuss different configuration scenarios that may lead to security issues with Azure Service Fabric, a distributed platform for deploying, managing, and scaling microservices and container applications.
Latest Hacking News
A researcher found a severe cross-site scripting (XSS) vulnerability in the Zoom Whiteboard app. Zoom patched the flaw in time, preventing any malicious exploitation. Zoom Whiteboard Vulnerability Sharing the details in a blog post, Eugene Lim, aka
Trend Micro
This blog entry delves into MxDR's unraveling of the AsyncRAT infection chain across multiple cases, shedding light on the misuse of aspnet_compiler.exe, a legitimate Microsoft process originally designed for precompiling ASP.NET web applications.
Trend Micro
In this blog entry, we shine a spotlight on some of the most critical cybersecurity concerns of 2022, which we discuss in full in our annual cybersecurity report, “Rethinking Tactics: 2022 Annual Security Report.”
Trend Micro
In this blog entry, we discuss the technical details of CVE-2023-50164, a critical vulnerability that affects Apache Struts 2 and enables unauthorized path traversal.
Latest Hacking News
Shortly after last month’s announcement, Google has now rolled out PassKeys for Google Account supporting passwordless sign-in. Google Account PassKeys Arrive For Passwordless Logins According to a recent blog post from Christiaan Brand, Google’s Group Product Manager,
Trend Micro
This blog discusses how threat actors abuse Discord’s content delivery network (CDN) to host and spread Lumma Stealer, and talks about added capabilities to the information stealing malware.
Trend Micro
This blog delves into the Phemedrone Stealer campaign's exploitation of CVE-2023-36025, the Windows Defender SmartScreen Bypass vulnerability, for its defense evasion and investigates the malware's payload.
Trend Micro
More than two years ago, a researcher, A2nkF demonstrated the exploit chain from root privilege escalation to SIP-Bypass up to arbitrary kernel extension loading. In this blog entry, we will discuss how we discovered 3 more vulnerabilities from the old exploit chain.
Trend Micro
This blog entry discusses what an OPA is and what it’s for, what we’ve discovered after identifying 389 exposed OPA servers via Shodan, and how exposed OPAs can negatively impact your applications’ overall security.
Saga Security
I have been wanting to write a set of blog posts about this for a while, possibly I will one day turn this into a book! But for now, it can live here. Over the last years , I have given a few presentations and lectures about incident response, some of which live on our
Trend Micro
In this blog, we investigate how threat actors used information-stealing malware with EV code signing certificates and later delivered ransomware payloads to its victims via the same delivery method.
Trend Micro
In this blog entry, we discuss Trend Micro's contributions to an Interpol-coordinated operation to help Brazilian and Spanish law enforcement agencies analyze malware samples of the Grandoreiro banking trojan.
Trend Micro
In this blog entry, we discuss CVE-2023-22527, a vulnerability in Atlassian Confluence that has a CVSS score of 10 and could allow threat actors to perform remote code execution.
Loading more articles....