Blog
Russian APT28 Hackers Targeting 13 Nations in Ongoing Cyber Espionage Campaign
The Russian APT28 threat actor, also known as ITG05, is using authentic documents related to the Israel-Hamas war as lures to deliver a custom backdoor called HeadLace against targeted entities in 13 countries, primarily in Europe.
Over 1,450 pfSense Servers Exposed to RCE Attacks via Bug Chain
Around 1,450 instances of pfSense, an open-source firewall and router software, are vulnerable to command injection and cross-site scripting flaws. These flaws, if exploited together, could allow attackers to execute remote code on the system.
Russian APT28 Hackers Targeting 13 Nations in Ongoing Cyber Espionage Campaign
The Russian nation-state threat actor known as APT28 has been observed making use of lures related to the ongoing Israel-Hamas war to facilitate the delivery of a custom backdoor called HeadLace. IBM X-Force is tracking the adversary under the name ITG05, which is...
Threat Actor TA4557 Targets Recruiters With Malware
The threat actor uses techniques such as sending URLs to fake resume websites or attachments containing instructions to visit the website, leading to the download of malicious files.
Gamers Warned of Potential CS2 Exploit That can Reveal IP Addresses
The exploit, which is an XSS vulnerability, allows players to display GIFs using HTML code blocks in-game. This poses a potential security threat to players, as the exploit can access player IP addresses and potentially execute code on their PCs.
Long-Running Clearview AI Class Action Biometric Privacy Case Settles
Clearview AI has reached a settlement in a class-action privacy lawsuit, which alleged that the company violated Illinois' Biometric Information Privacy Act (BIPA) by using online images without consent for its facial recognition technology.
Security Automation Gains Traction, Prompting a “Shift Everywhere” Philosophy
According to Synopsys, the use of automated security technology is on the rise, as organizations increasingly embrace the "shift everywhere" philosophy to improve the effectiveness and reduce the cost of security activities.
Non-Human Access is the Path of Least Resistance: A 2023 Recap
2023 has seen its fair share of cyber attacks, however there’s one attack vector that proves to be more prominent than others - non-human access. With 11 high-profile attacks in 13 months and an ever-growing ungoverned attack surface, non-human identities are the new...
New MrAnon Stealer Malware Targeting German Users via Booking-Themed Scam
A phishing campaign has been observed delivering an information stealer malware called MrAnon Stealer to unsuspecting victims via seemingly benign booking-themed PDF lures. "This malware is a Python-based information stealer compressed with cx-Freeze to evade...
Nearly 130,000 Affected by Ransomware Attack on Cold Storage Company Americold
The cyberattack resulted in the leak of sensitive data, including names, addresses, Social Security numbers, financial account information, and employment-related health insurance and medical information.
FREE GUIDE