Hackers prefer phishing as it exploits human vulnerabilities rather than technical flaws which make it a highly effective and low-cost attack method.  Phishing attacks can be easily scaled to target a large number of individuals, increasing the likelihood of success. Recently, cybersecurity analysts at Abnormal Security discovered that hackers are actively exploiting DocuSign with customizable … Read more

A very important message from the Norwegian National Cyber Security Centre (NCSC) says that Secure Socket Layer/Transport Layer Security (SSL/TLS) based VPN solutions, like SSLVPN and WebVPN, should be replaced with safer options. Bad people are still taking advantage of flaws in these VPN services, which is why this suggestion was made. ANYRUN malware sandbox’s … Read more

Linux is widely used in numerous servers, cloud infrastructure, and Internet of Things devices, which makes it an attractive target for gaining unauthorized access or spreading malware.  Besides this, its open-source nature allows threat actors to study the code and identify new vulnerabilities in it closely. Cybersecurity researchers at Symantec recently identified a new Linux … Read more

ViperSoftX malware, known for stealing cryptocurrency information, now leverages Tesseract, an open-source OCR engine, to target infected systems, which extracts text from images, and the malware scans these extracted strings for phrases related to passwords or cryptocurrency wallets.  If a match is found, the malware exfiltrates the corresponding image by building upon existing functionalities like … Read more

Santander has confirmed that there was a major data breach that affected its workers and customers in Spain, Uruguay, and Chile. Concerns have been made about data security and privacy following the breach, which was found to have started with someone breaking into a database hosted by a third-party provider. Immediate Response and Containment Measures … Read more

The U.S. government has offered a prize of up to $5 million for information that leads to the arrest and severance of North Korean IT workers working around the world. This plan, which was announced on Thursday, is meant to stop these workers from doing illegal things that are thought to be making the North … Read more

Russia leverages a mix of state-backed Advanced Persistent Threat (APT) groups and financially motivated cybercriminals to achieve its strategic goals, as APT groups conduct espionage to gather valuable political and economic information.  The Russian government may recruit financially motivated groups, despite their apparent independence, for malicious operations, resulting in a complex threat landscape where the … Read more

Researchers discovered four significant vulnerabilities in the ThroughTek Kalay Platform, which powers 100 million IoT-enabled devices. Notably, ThroughTek Kalay’s influence emphasizes the importance of protecting homes, companies, and integrators alike with its widespread presence in security cameras and other devices. The affected cameras are the Roku Indoor Camera SE, Wyze Cam v3, and Owlet Cam … Read more