HACKRead
Popular Cyber Crime Forum Breach Forums Seized by Police
The cybercrime and hacker forum Breach Forums has been seized by the Federal Bureau of Investigation (FBI) and the Department of Justice.
Cyber Security News
10 Best Network Security Providers for Healthcare Industry in 2024
Best Network Security Providers for the Healthcare Industry - 1. Perimeter 81, 2. Palo Alto Networks, 3. Fortinet, 4. Cisco, 5. Trend Micro
SecurityWeek
Zscaler Confirms Only Isolated Test Server Was Hacked
Zscaler has completed its investigation into the recent hacking claims and found that only an isolated test environment was compromised.
SecurityWeek
Europol Investigating Breach After Hacker Offers to Sell Classified Data
Europol is investigating a data breach, but says no core systems are impacted and no operational data has been compromised.
CSO
IntelBroker steals classified data from the Europol website
The agency said core operations remain unaffected even as IntelBroker claimed to possess classified, law enforcement data.
Cyber Security News
Notorious Hacker IntelBroker Claims that Europol has Suffered a Data Breach
The European Union's law enforcement agency, Europol, has confirmed a security breach of its web portal but says no operational data was compromised.
Security Affairs
Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Security Affairs
Notorius threat actor IntelBroker claims the hack of the Europol
Notorius threat actor IntelBroker claims that Europol has suffered a data breach that exposed FOUO and other classified data.
Bleeping Computer
Europol confirms web portal breach, says no operational data stolen
Europol, the European Union's law enforcement agency, confirmed that its Europol Platform for Experts (EPE) portal was breached and is now investigating the incident after a threat actor claimed they stole For Official Use Only (FOUO) documents containing classified data.
The Cyber Express
The Top 10 Cybersecurity Unicorns in The World
The ever-evolving digital landscape presents a constant challenge for businesses and individuals alike: staying secure in the face of increasingly
HACKRead
Europol Hacked? IntelBroker Claims Major Law Enforcement Breach
The notorious IntelBroker hacker claims to have successfully breached the European Union Agency for Law Enforcement Cooperation (Europol).
SecurityWeek
Healthcare Giant Ascension Hacked, Hospitals Diverting Emergency Service
Ascension is scrambling to contain a significant hack causing disruption and “downtime procedures” at hospitals around the country.
CyberNews
Claimed by hackers, Zscaler says there’s no impact or compromise
Cloud security company Zscaler is continuing an investigation into an alleged breach.
The Cyber Express
Lenovo Joins Secure by Design Pledge, Enhancing Cybersecurity Standards
Lenovo takes a bold step towards fortifying cybersecurity by joining the Secure by Design pledge, initiated by the US Cybersecurity
DarkReading
Aggressive Cloud-Security Player Wiz Scores $1B in Funding Round
The latest round of investment prices the fast-growing cloud native application protection platform (CNAPP) at $12 billion with a simple mandate: Grow quickly through acquisition.
The Hacker News
New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation
Researchers have uncovered a vulnerability (CVE-2024-3661) that allows threat actors to snoop on your VPN traffic.
SecurityWeek
Dell Says Customer Names, Addresses Stolen in Database Breach
Tech giant notifies millions of customers that full names and physical mailing addresses were stolen during a security incident.
Security Affairs
Zscaler is investigating data breach claims
Cybersecurity firm Zscaler is investigating claims of a data breach after hackers offered access to its network.
The Cyber Express
(SOLD) IntelBroker Traded $20K Crypto For Alleged Unauthorized Cybersecurity Company Access
IntelBroker has asserted a massive breach, and has now sold the access to a cybersecurity entity with a hefty annual
SecurityWeek
Zscaler Investigates Hacking Claims After Data Offered for Sale
Zscaler says its customer, production and corporate environments are not impacted after a notorious hacker offers to sell access.
CSO
Zscaler shuts down exposed system after rumors of a cyberattack
Initially dismissing rumors, Zscaler now says it did have a system exposed but nothing important has been accessed.
Cyber Security News
Zscaler Investigating Data Breach After Hacker Claims Access for Sale
In response, Zscaler posted a statement on its trust portal saying it has launched an investigation but has not found evidence of a breach.
Bleeping Computer
Zscaler says it was not hacked after rumors circulate online
Zscaler says that today's rumors it was breached are false after a threat actor claimed to be selling access to one of the "largest cyber security companies."
Bleeping Computer
Zscaler takes "test environment" offline after rumors of a breach
Zscaler says that they discovered an exposed "test environment" that was taken offline for analysis after rumors circulated that a threat actor was selling access to the company's systems.
SecurityWeek
RSA Conference 2024 – Announcements Summary (Day 2)
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
The Hacker News
Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version
A newer version of the Hijack Loader malware has been observed with updated anti-analysis techniques to evade detection.
Cyber Security News
HijackLoader Using Weaponized PNG Files To Deliver Multiple Malware
HijackLoader, a modular malware loader observed in 2023, is evolving with new evasion techniques, as it is a variant using a PNG image to
SecurityWeek
RSA Conference 2024 – Announcements Summary (Day 1)
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
SecurityWeek
Cybersecurity M&A Roundup: 33 Deals Announced in April 2024
Thirty-three cybersecurity-related merger and acquisition (M&A) transactions were announced by companies in April 2024.
SecurityWeek
Permira to Acquire Majority Stake in BioCatch at $1.3 Billion Valuation
Permira has agreed to acquire a majority of BioCatch shares, primarily from Bain Capital Tech Opportunities and Maverick Ventures.
Security Affairs
ZLoader Malware adds Zeus's anti-analysis feature
Zloader continues to evolve, its authors added an anti-analysis feature that was originally present in the Zeus banking trojan.
Cyber Security News
Top 8 SSPM Tools to Secure Your SaaS Stack in 2024
The explosion of cloud-based applications, or SaaS (Software-as-a-Service), has transformed the way businesses operate.
The Hacker News
ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan
ZLoader modular malware trojan has resurfaced with anti-analysis feature that prevents execution on machines different from the original infection.
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
Welcome to this week's edition of the Cyber Security News Weekly Round-Up. This issue covers the latest vulnerabilities, cyber attacks, and emerging threats that have been making headlines. Stay informed and stay secure!
Cyber Security News
Hackers Exploit Google Ads to Spread IP Scanner with Concealed Backdoor
Malicious actors are distributing a new backdoor, MadMxShell, through a Google Ads campaign that impersonates an IP scanner.
Cyber Security News
Hackers Employ Black Hat SEO Techniques To Deliver Malware
Black hat SEO methods are used by hackers to manipulate search engine rankings and make malicious or fraudulent websites more visible.
HACKRead
Malvertising: Fake Popular Software Ads Deliver New MadMxShell Backdoor
Cybersecurity researchers at Zscaler ThreatLabz believe that the primary target of the MadMxShell backdoor seems to be IT professionals.
.webp)
Cyber Security News
TransparentTribe Hackers Weaponize Websites & Documents to Attack Indian Orgs
The hacker group known as TransparentTribe, also referred to as APT-36, has intensified its cyber espionage activities.
Infosecurity News
New Cyber-Threat MadMxShell Exploits Typosquatting and Google Ads
Zscaler also confirmed MadMxShell uses DLL sideloading and DNS tunneling for C2 communication
.webp)
Cyber Security News
Poisoned Google Ads Targeting Infra Teams with Weaponized IP Scanners
Security researchers uncovered a sophisticated malvertising campaign targeting IT professionals, particularly those in security.
The Hacker News
Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor
Hackers are using fake domains of popular IP scanners like Advanced IP Scanner & ManageEngine in a Google Ads malvertising scheme to spread malware.
SC Magazine
‘MadMxShell’ leverages Google Ads to deploy malware via Windows backdoor
Security pros say using Windows backdoor in a malvertising campaign could expose companies to other malware attacks.
SecurityWeek
Virtual Event Tomorrow: Ransomware Resilience & Recovery Summit
Virtual summit will help companies best prepare to defend and recover from relentless ransomware attacks.
The Cyber Express
Sean Connelly Departs CISA to Join Zscaler’s Global Zero Trust Efforts
Sean Connelly, a prominent member of the Cybersecurity and Infrastructure Security Agency (CISA) and manager of the Trusted Internet Connections
.webp)
Cyber Security News
Zscaler Acquires Airgap Networks to Enhance Zero Trust SASE
This acquisition is set to redefine the way enterprises protect their internal traffic, particularly in IT and OT environments.
SecurityWeek
Zscaler to Acquire Network Segmentation Tech Startup Airgap Networks
Zscaler announces plans to acquire Airgap Networks, a venture-backed startup selling network segmentation and secure access technologies.
SecurityWeek
Cybersecurity M&A Roundup: 27 Deals Announced in March 2024
Twenty-seven cybersecurity-related merger and acquisition (M&A) deals were announced in March 2024, same as in February.
Security Affairs
Russia-linked APT29 targeted German political parties with WINELOADER backdoor
Russia-linked threat actors employ the WINELOADER backdoor in recent attacks targeting German political parties.
The Hacker News
Russian Hackers Use 'WINELOADER' Malware to Target German Political Parties
ybersecurity firm Mandiant links recent cyber attacks on diplomatic entities to Midnight Blizzard, a group with ties to Russia's SVR.
Bleeping Computer
Russian hackers target German political parties with WineLoader malware
Researchers are warning that a notorious hacking group linked to Russia's Foreign Intelligence Service (SVR) is targeting political parties in Germany for the first time, shifting their focus away from the typical targeting of diplomatic missions.
Security Affairs
BunnyLoader 3.0 surfaces in the threat landscape - Security Affairs
Researchers found a new variant of the BunnyLoader malware with a modular structure and new evasion capabilities.
The Hacker News
New BunnyLoader Malware Variant Surfaces with Modular Attack Features
New threat: BunnyLoader 3.0 malware variant emerges with advanced modules for data theft, keylogging, and evasion tactics.
SecurityWeek
Zscaler Acquires Avalor for $350 Million
Zscaler acquires Avalor, a risk management platform powered by Data Fabric for Security, for $350 million.
The Hacker News
DarkGate Malware Exploits Recently Patched Microsoft Flaw in Zero-Day Attack
A new DarkGate malware campaign uses a recently patched #MicrosoftWindows flaw (CVE-2024-21412) to deploy malicious software via bogus installers.
.webp)
Cyber Security News
Tweaks Stealer Attacks Online Game Users Abusing YouTube & Discord
A new malicious campaign has been unveiled, targeting the vast user base of the online gaming platform Roblox.
CSO
Google’s Security Command Center Enterprise fills gaps across cloud security lifecycle
Google Cloud's SCC Enterprise aims to streamline response to threats and misconfigurations across IaaS platforms, including AWS and Azure.
Infosecurity News
RATs Spread Via Fake Skype, Zoom, Google Meet Sites
Zscaler’s ThreatLabz discovered malware spreading SpyNote RAT to Android and NjRAT/DCRat to Windows
HACKRead
Fake Skype, Zoom, Google Meet Sites Infecting Devices with Multiple RATs
In December, a fake Skype site, was created to trick users into downloading the application, leading to a BAT file and a WinRAR archive file.
Security Affairs
New SPIKEDWINE APT group is targeting officials in Europe
A new threat actor, tracked as dubbed SPIKEDWINE, has been observed targeting officials in Europe with a previously undetected backdoor.
Security Affairs
Is the LockBit gang resuming its operation?
Experts warn that the LockBit ransomware group has started using updated encryptors in new attacks, after recent law enforcement operation.
The Hacker News
New Backdoor Targeting European Officials Linked to Indian Diplomatic Events
SPIKEDWINE cyber group targets European officials with sophisticated WINELOADER backdoor.
Bleeping Computer
LockBit ransomware returns to attacks with new encryptors, servers
The LockBit ransomware gang is once again conducting attacks, using updated encryptors with ransom notes linking to new servers after last week's law enforcement disruption.
DarkReading
Cyberattackers Lure EU Diplomats With Wine-Tasting Offers
A targeted attack aiming to exploit geopolitical relations between India and Europe delivers previously undocumented, uniquely evasive backdoor malware.
HACKRead
SpyNote Android Spyware Poses as Legit Crypto Wallets, Steals Funds
The SpyNote Android spyware returns, exploiting Accessibility APIs to target crypto wallets and users, ultimately stealing their cryptocurrency.
The Hacker News
Why We Must Democratize Cybersecurity
Cybersecurity breaches are not just a concern for big companies anymore. Learn how NTT Security is bridging the gap, making cybersecurity accessible
Bleeping Computer
New Qbot malware variant uses fake Adobe installer popup for evasion
The developer of Qakbot malware, or someone with access to the source code, seems to be experimenting with new builds as fresh samples have been observed in email campaigns since mid-December.
Bleeping Computer
Bumblebee malware attacks are back after 4-month break
The Bumblebee malware has returned after a four-month vacation, targeting thousands of organizations in the United States in phishing campaigns.
The Hacker News
PikaBot Resurfaces with Streamlined Code and Deceptive Tactics
PikaBot malware undergoes a dramatic transformation, simplifying its code and communication methods
Cyber Security News
CISA Warns Of Active Attacks on Roundcube Webmail XSS Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has warned about ongoing attacks targeting a XSS vulnerability in Roundcube Webmail.
The Hacker News
Alert: CISA Warns of Active 'Roundcube' Email Attacks - Patch Now
CISA has identified a medium-severity security flaw affecting Roundcube email software, categorized as CVE-2023-43770.
The Hacker News
U.S. DoJ Dismantles Warzone RAT Infrastructure, Arrests Key Operators
U.S. shut down Warzone RAT, a tool used for data theft and remote control. Two individuals face charges.
Cyber Security News
Top 10 Security Service Edge (SSE) Solutions for Network Security - 2024
Best Security Service Edge (SSE) Solutions: 1. Perimeter 81 2. wingate 3. Cisco Umbrella 4. Forcepoint 5. Skyhigh Security 6. Netskope.
The Hacker News
HijackLoader Evolves: Researchers Decode the Latest Evasion Methods
HijackLoader, a loader malware, has undergone updates to its defense evasion techniques, making it stealthier and more complex.
SC Magazine
New HijackLoader variant evades detection, enhances persistence
Security pros say it almost looks like the malware developers have an EDR product manager on staff.
Bleeping Computer
Police disrupt Grandoreiro banking malware operation, make arrests
The Federal Police of Brazil and cybersecurity researchers have disrupted the Grandoreiro banking malware operation, which has been targeting Spanish-speaking countries with financial fraud since 2017.
The Hacker News
New ZLoader Malware Variant Surfaces with 64-bit Windows Compatibility
ZLoader malware resurfaces after 2 years, targeting Windows systems with ransomware.
The DFIR Report
Buzzing on Christmas Eve: Trigona Ransomware in 3 Hours - The DFIR Report
Key Takeaways In late December 2022, we observed threat actors exploiting a publicly exposed Remote Desktop Protocol (RDP) host, leading to data exfiltration and the deployment of Trigona ransomware. On … Read More
Cyber Security News
10 Best Network Security Providers for Ecommerce - 2024
Network Security Providers for Ecommerce: 1. Perimeter81 2. Fortinet 3. Palo Alto Networks 4. Cisco 5. Sophos 6. Trend Micro 7. Trend Micro.
The Record
Aviation leasing company AerCap investigates ransomware incident
AerCap, a global company that leases aircraft, engines and helicopters, reported this week that it was responding to a ransomware attack.
SecurityWeek
Oleria Secures $33M Investment to Grow ID Authentication Business
Seattle identity and authentication startup Oleria has attracted renewed interest from venture capital investors.
The Cyber Express
Beyond Convenience: Can You Trust Your Smart Home?
You settle into your cozy armchair for a movie night, your smart lights dimming automatically as you fire up the
The Hacker News
Webinar – Leverage Zero Trust Security to Minimize Your Attack Surface
Explore how Zero Trust Security can minimize your attack surface and safeguard against sophisticated attacks.
Security Affairs
Phishing attacks use an old MS Office flaw to spread Agent Tesla
Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware
The Hacker News
Hackers Exploiting Old MS Excel Vulnerability to Spread Agent Tesla Malware
Beware of phishing emails with invoice-themed attachments! Attackers are using an old Office vulnerability (CVE-2017-11882) to spread the Agent Tesla
SecurityWeek
Okta to Acquire Israeli Startup Spera Security
Okta has agreed to acquire Spera Security in a move broaden Okta’s Identity threat detection and security posture management capabilities.
DarkReading
Attackers Exploit 6-Year-Old Microsoft Office Bug to Spread Spyware
Malicious attachments that exploit an RCE flaw from 2017 are propagating Agent Tesla, via socially engineered emails and an evasive infection method.
The Cyber Express
Top 25 Cybersecurity CEOs to Watch in 2024
In an era marked by relentless technological evolution and the omnipresence of cyber threats, the role of cybersecurity professionals has
Infosecurity News
Qakbot’s Low-Volume Resurgence Targets Hospitality
Researchers observed malicious files advancing through email, PDF, URL and MSI
The Hacker News
Russian APT28 Hackers Targeting 13 Nations in Ongoing Cyber Espionage Campaign
APT28, the Russian nation-state threat actor, is using lures related to the Israel-Hamas war to distribute the HeadLace backdoor.
The Hacker News
DarkGate and PikaBot Malware Resurrect QakBot's Tactics in New Phishing Attacks
New high-volume phishing campaigns mimic tactics of defunct QakBot trojan, hijacking email threads and using unique URLs to deliver DarkGate & PikaBot
Bleeping Computer
Yamaha Motor confirms ransomware attack on Philippines subsidiary
Yamaha Motor's Philippines motorcycle manufacturing subsidiary was hit by a ransomware attack last month, resulting in the theft and leak of some employees' personal information.
CSO
Top cybersecurity product news of the week
New product and service announcements from Wiz, Palo Alto Networks, Sophos, SecureAuth, Kasada, Lacework, Noname Security, and more.
The Hacker News
New Jupyter Infostealer Version Emerges with Sophisticated Stealth Tactics
Jupyter Infostealer is back with stealthy changes. Cyber attackers use manipulated SEO tactics to trick users into downloading malware.
SecurityWeek
Microsoft Temporarily Disables SketchUp Support After Discovery of 117 Vulnerabilities
Zscaler identified 117 vulnerabilities in Microsoft 365’s support for SketchUp files and bypassed initial patches.
The Hacker News
DoNot Team's New Firebird Backdoor Hits Pakistan and Afghanistan
Discover the latest cyber threat: DoNot Team's Firebird backdoor targeting Pakistan and Afghanistan.
DarkReading
Cloud Security Demand Drives Better Cyber-Firm Valuations — and Deals
Cisco's $28 billion purchase of Splunk was the biggest story, but there were other big security acquisitions and investments during a richer-than-expected quarter.
-1-1.webp)
Cyber Security News
Top 10 Best SaaS Security Tools
Top 10 Best SaaS Security Tools. 1. DoControl, 2. Splunk, 3. Zscaler, 4. Qualys, 5. Proofpoint, 6. Veracode, 7. Okta, 8. Trend Micro.
DarkReading
Reasonable Valuations Drove Mergers and Acquisition Activity in Q3, 2023
Cisco's $28 billion purchase of Splunk was the biggest story, but other security majors made strategic acquisitions as well in a better-than-expected quarter.
SecurityWeek
Beyond the Front Lines: How the Israel-Hamas War Impacts the Cybersecurity Industry
Israel's war with Hamas terrorists will inevitably absorb manpower and focus from the cybersecurity sector.
Bleeping Computer
New BunnyLoader threat emerges as a feature-rich malware-as-a-service
Security researchers discovered a new malware-as-a-service (MaaS) named 'BunnyLoader' advertised on multiple hacker forums as a fileless loader that can steal and replace the contents of the system clipboard.
Loading more articles....