Data SecurityFBI and CISA warn of continued cyberattacks on US telecomsSteve ZurierNovember 20, 2024China’s campaign against U.S. telecoms has been ongoing for years.
RansomwareHelldown ransomware evolves to target VMware systems via LinuxSteve ZurierNovember 19, 2024Security pros say Helldown aims for maximum impact by targeting VMware systems.
PhishingOne in five DocuSign spoofs targeting businesses found to be impersonations of regulatory agenciesSteve ZurierNovember 18, 2024Spoofs from government agencies target businesses that regularly run DocuSign transactions with U.S. state, municipal and licensing authorities.
Critical Infrastructure SecurityDrinking water systems for 26M Americans face high cybersecurity risksSteve ZurierNovember 15, 2024Even more alarming: the EPA does not have a notification system for cybersecurity incidents.
MalwareNorth Korea’s Lazarus observed testing new macOS trojan in the wildSteve ZurierNovember 14, 2024Group-IB says the "RustyAttr" trojan could potentially be used in future attacks once the attackers make it more robust.
MalwareIranian threat group targets aerospace workers with fake job luresSteve ZurierNovember 13, 2024Researchers say the Iranian threat actors impersonated the North Koreans to hide their activities.
RansomwareMillions of records from MOVEit hack released on dark webSteve ZurierNovember 12, 2024Reportedly 2.8 million Amazon records alone were exposed.
Malware‘Top 10’ malware strain, Remcos RAT, now exploiting Microsoft Excel filesSteve ZurierNovember 11, 2024Research underscores that many systems remain unpatched and are vulnerable to bugs that were patched several years ago.
Network SecurityPalo Alto Expedition bug with 9.3 rating exploited by attackers, CISA warnsSteve ZurierNovember 8, 2024CISA urges security teams to run the patch right away and don’t let devices running Palo Alto Expedition software on the public internet.
Cloud SecurityMalicious Python package collects AWS credentials via 37,000 downloadsSteve ZurierNovember 7, 2024Socket researchers say malicious package "Fabrice" has been live on PyPI since 2021.
