Latest News: Cybersecurity

A new phishing campaign has been exposed involving a fileless variant of the Remcos RAT malware, which is being spread via an exploit in Microsoft Excel. Cybersecurity experts at Fortinet recently highlighted the methods used by the attackers. The attack begins with a phishing email disguised as

In a recent advisory, the FBI warned US-based tech companies about a rising cybercriminal tactic involving fraudulent “emergency data requests” (EDRs), aimed at accessing sensitive user data without the typical legal protocols. The advisory, first reported by PCMag, highlights how hackers are

Windows gamers are facing a significant cyber threat thanks to the Winos4.0 malware framework, which is spreading via malicious game-related applications. Fortinet’s recent report reveals that this advanced malware, hidden within apps like speed boosters and game optimization tools, grants

LastPass has issued a warning regarding scammers promoting a counterfeit support phone number in the reviews of its Chrome extension. These scammers aim to gain access to users’ computers and steal sensitive data. The scammers are using 5-star reviews to promote a phone number, 805-206-2892,

In a major discovery, cybersecurity firm HUMAN Security has uncovered a sophisticated phishing campaign, dubbed “Phish n' Ships”. This elaborate scheme targeted over 1,000 legitimate e-commerce websites, leading to estimated losses of tens of millions of dollars. Active since at least 2019, it has

Fog and Akira ransomware gangs are targeting SonicWall VPNs to infiltrate corporate networks, exploiting the critical CVE-2024-40766 flaw recently revealed in SonicWall’s SSL VPN system. Discovered and patched in August 2024, this flaw remains a risk as some organizations have yet to apply the

Russian-linked cyber espionage group UNC5812 has been targeting Ukrainian military conscripts with Windows and Android malware in a sophisticated campaign. Disguised as recruitment avoidance tools, the malware has been distributed via a Telegram channel named “Civil Defense” and a website

Kaspersky’s Global Research and Analysis Team (GReAT) uncovered a critical Google Chrome zero-day vulnerability, tracked as CVE-2024-4947, that was being exploited by the North Korean Lazarus hacking group. The attackers used a fake decentralized finance (DeFi) game called DeTankZone to target

APT41, a Chinese state-sponsored hacking group, has targeted the gambling and gaming industry in a sophisticated cyberattack. The attack spanned several months and saw hackers collect sensitive data from their victims’ infrastructure, including network configurations and passwords. APT41, also

An ongoing malware campaign has compromised over 6,000 WordPress sites, installing malicious plugins that push infostealing malware. The campaign, known as ClearFake, began in 2023 and tricks users into installing malware through fake browser error messages. As reported by BleepingComputer, the