Mysterious Rorschach Ransomware Doubles Known Encryption Speeds
The malware is one of the most sophisticated ransomwares ever seen in the wild, and marks a leap ahead for cybercrime.
Proxyjacking Cybercriminals Exploit Log4J in Emerging Lucrative Cloud Attacks
Proxyjacking is an emerging, low-effort and high-reward attack for threat actors, with the potential for far-reaching implications.
15M Services Apps Remain Sitting Ducks for Known Exploits
Scans of the Internet find that millions of computers, virtual machines, and containers are vulnerable to one or more of the hundreds of cyberattacks currently used in the wild, despite being patchable.
What RASP Should Have Been
When runtime application self-protection is held to a higher standard, it can secure thousands of applications and prevent burnout in security teams.
3CX Breach Widens as Cyberattackers Drop SecondStage Backdoor
Gopuram is a backdoor that North Koreas Lazarus Group has used in some campaigns dating back to 2020, some researchers say.
For Cybercrime Gangs Professionalization Comes With Corporate Headaches
They rake in millions, but now, as much as zero-days and ransoms, cybercriminals are dealing with management structures and overhead.
4 Steps for Shifting Left Winning the Cybersecurity Battle
If companies prioritize communications and make the DevOps process more transparent, team members will better know what vulnerabilities to look for.
ProIslam Anonymous Sudan Hacktivists Likely a Front for Russias Killnet Operation
Anonymous Sudan has been claiming that its DDoS attacks are in retaliation for anti-Islamic activities, but at least one security vendor is suspicious about its true motives.
The FDAs Medical Device Cybersecurity Overhaul Has Real Teeth Experts Say
The physical and cyber safety issues surrounding medical devices like IV pumps is finally being meaningfully addressed by a new policy taking effect this week.
Vulkan Playbook Leak Exposes Russias Plans for Worldwide Cyberwar
Russian intelligence services, together with a Moscow-based IT company, are planning worldwide hacking operations that will also enable attacks on critical infrastructure facilities.