“We know who are” says AFP to Medibank hackers

The AFP has identified those responsible for the Medibank hack...

New “Earth Longzhi” APT Targets Ukraine and Asian Countries with Custom Cobalt Strike Loaders

Entities located in East and Southeast Asia as well as Ukraine have been targeted at...

Performance Measurement Guide for Information Security: Annotated Outline Available for Comment

Summary NIST has released a working draft of NIST Special Publication (SP) 800-55 Revision 2,...

Over 15,000 WordPress Sites Compromised in Malicious SEO Campaign

A new malicious campaign has compromised over 15,000 WordPress websites in an attempt to redirect visitors to...

What is an External Penetration Test?

A penetration test (also known as a pentest) is a security assessment that simulates the...

1 Comment

New KmsdBot Malware Hijacking Systems for Mining Crypto and Launch DDoS Attacks

A newly discovered evasive malware leverages the Secure Shell (SSH) cryptographic protocol to gain entry...

Worok Hackers Abuse Dropbox API to Exfiltrate Data via Backdoor Hidden in Images

A recently discovered cyber espionage group dubbed Worok has been found hiding malware in seemingly innocuous image...

Experts Uncover Two Long-Running Android Spyware Campaigns Targeting Uyghurs

Two long-running surveillance campaigns have been found targeting the Uyghur community in China and elsewhere...

These Two Google Play Store Apps Spotted Distributing Xenomorph Banking Trojan

Google has removed two new malicious dropper apps that have been detected on the Play...

VPN vs. DNS Security

When you are trying to get another layer of cyber protection that would not require...

Multiple High-Severity Flaw Affect Widely Used OpenLiteSpeed Web Server Software

Multiple high-severity flaws have been uncovered in the open source OpenLiteSpeed Web Server as well...

ESET Antivirus: Advanced Protection Solutions for Home Users and Businesses

It’s no secret that antivirus software is as essential to your computer as a power...

Russian-Canadian National Charged Over Involvement in LockBit Ransomware Attacks

The U.S. Department of Justice (DoJ) has announced charges against a dual Russian and Canadian...

Microsoft Blames Russian Hackers for Prestige Ransomware Attacks on Ukraine and Poland

Microsoft on Thursday attributed the recent spate of ransomware incidents targeting transportation and logistics sectors...

1 Comment

Threat Report 11th November 2022

The NCSC’s threat report is drawn from recent open source reporting....

1 Comment

IOTW: Everything we know about the Medibank data leak

An up-to-date timeline of the Medibank data leak that saw 9.7 million people’s data stolen...

Warning: New Massive Malicious Campaigns Targeting Top Indian Banks’ Customers

Cybersecurity researchers are warning of “massive phishing campaigns” that distribute five different malware targeting banking...

Hacker Rewarded $70,000 for Finding Way to Bypass Google Pixel Phones’ Lock Screens

Google has resolved a high-severity security issue affecting all Pixel smartphones that could be trivially...

Researchers Uncover PyPI Package Hiding Malicious Code Behind Image File

A malicious package discovered on the Python Package Index (PyPI) has been found employing a...

Is Cybersecurity Awareness Month Anything More Than PR?

Cybersecurity Awareness Month has been going on since 2004. This year, Cybersecurity Awareness Month urged the public,...

Winners Announced in First Phase of UK-US Privacy-Enhancing Technologies Prize Challenges

Winning ideas would tackle financial crime and public health emergencies....

Citrix Issues Patches for Critical Flaw Affecting ADC and Gateway Products

Citrix has released security updates to address a critical authentication bypass flaw in the application delivery controller...

High-Severity Flaw Reported in Critical System Used in Oil and Gas Companies

Cybersecurity researchers have disclosed details of a new vulnerability in a system used across oil...

Re-Focusing Cyber Insurance with Security Validation

The rise in the costs of data breaches, ransomware, and other cyber attacks leads to...

New UEFI Firmware Flaws Reported in Several Lenovo Notebook Models

PC maker Lenovo has addressed yet another set of three shortcomings in the Unified Extensible...

1 Comment

Hacker releases stolen Medibank data on the dark web

The company has warned customers to “stay vigilant” against fraud attempts...

APT29 Exploited a Windows Feature to Compromise European Diplomatic Entity Network

The Russia-linked APT29 nation-state actor has been found leveraging a “lesser-known” Windows feature called Credential...

Several Cyber Attacks Observed Leveraging IPFS Decentralized Network

A number of phishing campaigns are leveraging the decentralized Interplanetary Filesystem (IPFS) network to host...

Understanding Threat Actors

A threat actor or “malicious actor” is defined as either a person or a group...

Software Supply Chain and DevOps Security Practices: Implementing a Risk-Based Approach to DevSecOps: Final Project Description Released

The National Cybersecurity Center of Excellence (NCCoE) has released the final project description, Software Supply...