Russian organizations have been targeted as part of an ongoing campaign that delivers a previously undocumented Windows spyware called Batavia. The activity, per cybersecurity vendor Kaspersky, has been active since July 2024. “The targeted attack begins with bait emails containing malicious links, sent under the pretext of signing a contract,” the Russian company said. “The…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of flaws is as follows – CVE-2014-3931 (CVSS score: 9.8) – A buffer overflow vulnerability in Multi-Router Looking Glass (MRLG) that could allow remote…
The threat actors trick victims into opening a malicious script, leading to the execution of the BroaderAspect .NET loader.
The new ransomware strain’s aggressive multithreading and cross-platform capabilities make it a potent threat to enterprise environments.
Researchers observed North Korean threat actors targeting cryptocurrency and Web3 platforms on Telegram using malicious Zoom meeting requests.
The outage began shortly before the July 4 holiday weekend and caused disruptions for customer ordering and other services provided by the IT distributor.
The announcement comes just months after security researchers observed that the group was making the transition to rebrand to World Leaks, a data theft outfit.
Cybersecurity researchers have disclosed a malicious campaign that leverages search engine optimization (SEO) poisoning techniques to deliver a known malware loader called Oyster (aka Broomstick or CleanUpLoader). The malvertising activity, per Arctic Wolf, promotes fake websites hosting trojanized versions of legitimate tools like PuTTY and WinSCP, aiming to trick software professionals
A color picker for Google’s browser with more than 100,000 downloads hijacks sessions every time a user navigates to a new webpage and also redirects them to malicious sites.
Enhanced vulnerability management delivered as a managed service.