CISA Adds Twilio Authy and IE Flaws to Exploited Vulnerabilities List
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of...
Chinese Hackers Target Taiwan and US NGO with MgBot Malware
Organizations in Taiwan and a U.S. non-governmental organization (NGO) based in China have been targeted by a Beijing-affiliated state-sponsored hacking group called Daggerfly using...
New ICS Malware ‘FrostyGoop’ Targeting Critical Infrastructure
Cybersecurity researchers have discovered what they say is the ninth Industrial Control Systems (ICS)-focused malware that has been used in a disruptive cyber attack...
How to Securely Onboard New Employees Without Sharing Temporary Passwords
The initial onboarding stage is a crucial step for both employees and employers. However, this process often involves the practice of sharing temporary first-day...
Magento Sites Targeted with Sneaky Credit Card Skimmer via Swap Files
Threat actors have been observed using swap files in compromised websites to conceal a persistent credit card skimmer and harvest payment information.The sneaky technique,...
Meta Given Deadline to Address E.U. Concerns Over ‘Pay or Consent’ Model
Meta has been given time till September 1, 2024, to respond to concerns raised by the European Commission over its "pay or consent" advertising...
Ukrainian Institutions Targeted Using HATVIBE and CHERRYSPY Malware
The Computer Emergency Response Team of Ukraine (CERT-UA) has alerted of a spear-phishing campaign targeting a scientific research institution in the country with malware...
Google Abandons Plan to Phase Out Third-Party Cookies in Chrome
Google on Monday abandoned plans to phase out third-party tracking cookies in its Chrome web browser more than four years after it introduced the...
Experts Uncover Chinese Cybercrime Network Behind Gambling and Human Trafficking
A Chinese organized crime syndicate with links to money laundering and human trafficking across Southeast Asia has been using an advanced "technology suite" that...
PINEAPPLE and FLUXROOT Hacker Groups Abuse Google Cloud for Credential Phishing
A Latin America (LATAM)-based financially motivated actor codenamed FLUXROOT has been observed leveraging Google Cloud serverless projects to orchestrate credential phishing activity, highlighting the...
