Legal Industry Faces Double Jeopardy as a Favorite Cybercrime Target
Hackers are increasingly tantalized by the troves of sensitive data held by lightly protected law firms and legal services organizations.
Unpatched ZeroDay Bugs in Smart Intercom Allow Remote Eavesdropping
A video-enabled smart intercom made by Chinese company Akuvox has major security vulnerabilities that allow audio and video spying, and the company has so far been unresponsive to the discoveries.
US Lawmakers Face Cyberattacks Potential Physical Harm After DC Health Link Breach
The threat actor who posted the data for sale has claimed credit for multiple other breaches, including one at grocery platform Weee! that exposed data on more than 1.1 million customers.
IceFire Ransomware Portends a Broader Shift From Windows to Linux
IceFire has changed up its OS target in recent cyberattacks, emblematic of ransomware actors increasingly targeting Linux enterprise networks, despite the extra work involved.
Medusa Gang Video Shows Minneapolis School Districts Ransomed Data
Much like a hostages proof-of-life video, the ransomware gang offers the film as verification that it has the goods, and asks $1 million for the data.
Iranian APT Targets Female Activists With Mahsa Amini Protest Lures
A top Iranian, state-sponsored threat is a spear-phishing campaign that uses a fake Twitter persona to target women interested in Iranian political affairs and human rights.
Critical RCE Bug Opens Fortinets Secure Web Gateway to Takeover
Users should patch an unauthenticated remote code execution bug impacting FortiOS and FortiProxy administrative interfaces ASAP, Fortinet says.
Emotet Resurfaces Yet Again After 3Month Hiatus
More than two years after a major takedown by law enforcement, the threat group is once again proving just how impervious it is against disruption attempts.
TSA Issues Urgent Directive to Make Aviation More Cyber Resilient
Will stricter cybersecurity requirements make flying safer? The TSA says yes, and sees it as a time-sensitive imperative.
AIPowered BlackMamba Keylogging Attack Evades Modern EDR Security
Researchers warn that polymorphic malware created with ChatGPT and other LLMs will force a reinvention of security automation.