Collaborate Disseminate
Cuba ransomware attacks on critical infrastructure have continued in 2022, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) warn.
read more Continue reading Over 100 Organizations Hit by Cuba Ransomware: CISA, FBI
Mobile security firm Zimperium is warning of an Android trojan that may have stolen Facebook credentials from a large number of users.
read more Continue reading ‘Schoolyard Bully’ Android Trojan Targeted Facebook Credentials of 300,000 Users
Pangea Cyber, an early stage startup working on technology in the API security services space, has banked $26 million in a new funding round led by Google Ventures.
read more Continue reading Investors Double Down on Pangea Cyber API Security Bet
Almost exactly a year after the Log4Shell security crisis sent defenders scrambling to reduce attack surfaces, new data shows that remediation has been a long, slow, painful slog for most organizations around the world.
read more Continue reading One Year Later: Log4Shell Remediation Slow, Painful Slog
Venture capital investors have invested another $31 million into Sphere Technology Solutions, a New Jersey startup building technology to help defenders manage identities and access to sensitive data.
read more Continue reading Investors Bet $31 Million on Sphere for Identity Hygiene Tech
A China-linked cyberespionage group tracked as UNC4191 has been observed using self-replicating malware on USB drives to infect targets, and the technique could allow them to steal data from air-gapped systems, Google-owned Mandiant reports.
read more Continue reading Self-Replicating Malware Used by Chinese Cyberspies Spreads via USB Drives
Vulnerability researchers at Google Project Zero are calling attention to the ongoing “patch-gap” problem in the Android ecosystem, warning that downstream vendors continue to be tardy at delivering security fixes to Android-powered devices.
read more Continue reading Project Zero Flags ‘Patch Gap’ Problems on Android
Security researchers at Proofpoint are calling attention to the discovery of a commercial red-teaming tool called Nighthawk, warning that the command-and-control framework is likely to be abused by threat actors.
read more Continue reading Proofpoint: Watch Out for Nighthawk Hacking Tool Abuse
Aurora, a multi-purpose botnet being advertised on underground forums since April, has been adopted by multiple cybercriminals over the past few months, cybersecurity firm Sekoia.io reports.
read more Continue reading Multi-Purpose Botnet and Infostealer ‘Aurora’ Rising to Fame
A threat actor tracked as DEV-0569 and known for the distribution of various malicious payloads was recently observed updating its delivery methods, Microsoft warns.
read more Continue reading Microsoft Warns of Cybercrime Group Delivering Royal Ransomware, Other Malware