Blog
Operation RusticWeb: Rust-Based Malware Targets Indian Government Entities
Indian government entities and the defense sector have been targeted by a phishing campaign that's engineered to drop Rust-based malware for intelligence gathering. The activity, first detected in October 2023, has been codenamed Operation RusticWeb by enterprise...
BidenCash Dark Web Marketplace Leaks 1.6 Million Credit Card Details
Unlike a previous leak, this one does not include names or emails of cardholders. While the absence of names reduces the risk of identity theft, the leaked financial details still pose a significant risk for unauthorized transactions.
Iran’s Peach Sandstorm Group Deploys FalseFont Backdoor Against Defense Sector
FalseFont is a custom backdoor with various capabilities that allow operators to remotely access compromised systems, execute files, and transmit information to Command and Control servers.
BattleRoyal Threat Cluster Spread DarkGate RAT via Email and Fake Browser Updates
The BattleRoyal cluster, using DarkGate and NetSupport malware, demonstrates the use of multiple attack chains and social engineering techniques to deliver payloads via email and fake update lures.
CISA Seeks Comment on Secure by Design Principles to Boost Global Software Security
The Biden administration is pushing for secure-by-design principles to be embraced by the tech industry, aiming to make security a core feature of software development to prevent attacks exploiting vulnerabilities.
FTC Proposes Tougher Children’s Data Privacy Rules for First Time in a Decade
The proposed changes to the Children's Online Privacy Protection Rule (COPPA) would hold service providers responsible for ensuring the safety of digital experiences for children, rather than relying solely on parents.
UAC-0099 Using WinRAR Exploit to Target Ukrainian Firms with LONEPAGE Malware
The threat actor known as UAC-0099 has been linked to continued attacks aimed at Ukraine, some of which leverage a high-severity flaw in the WinRAR software to deliver a malware strain called LONEPAGE. "The threat actor targets Ukrainian employees working for...
NIST Report Identifies Significant Privacy Gaps in Genomic Data Handling
Breaches of genomic data not only pose risks to individuals but also have implications for their families, while sharing such data is crucial for research and development in the biotechnology field.
Yahoo Survivor Football Bug Let Players Pick Winners After NFL Games Were Over
A bug on Yahoo's sports betting platform allowed users to cheat by placing bets after the games had already been decided, potentially impacting the outcome of survivor pools with real money involved.
Microsoft Warns of New ‘FalseFont’ Backdoor Targeting the Defense Sector
Organizations in the Defense Industrial Base (DIB) sector are in the crosshairs of an Iranian threat actor as part of a campaign designed to deliver a never-before-seen backdoor called FalseFont. The findings come from Microsoft, which is tracking the activity under...
FREE GUIDE