Blog
Credit Card Skimming on the Rise for the Holiday Shopping Season
A credit card skimming campaign called Kritec has recently picked up in activity, compromising numerous online stores and stealing credit card information from unsuspecting shoppers.
U.S. Takes Down IPStorm Botnet, Russian-Moldovan Mastermind Pleads Guilty
The U.S. government on Tuesday announced the takedown of the IPStorm botnet proxy network and its infrastructure, as the Russian and Moldovan national behind the operation pleaded guilty. "The botnet infrastructure had infected Windows systems then further expanded to...
File-Transfer Services, Rich With Sensitive Data, are Under Attack
Compliance requirements drive the use of these services, making them attractive targets for ransomware groups looking to exploit the systems used for sending sensitive data.
New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar
Cybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary code execution in memory. Tracked as CVE-2023-46604 (CVSS score: 10.0), the vulnerability is a remote code execution bug that...
Cyber Espionage Operation on Embassies Linked to Russia’s Cozy Bear Hackers
The Cozy Bear APT utilized a legitimate tool called Ngrok to obfuscate their activities and communicate with compromised systems, making detection and attribution more challenging.
Info Stealers Thrive in Hot Market for Stolen Data
Browser data, especially website credentials, remains the most frequently stolen information by info stealers, followed by cryptocurrency wallet credentials and chat app credentials.
Azerbaijan Agencies Sign Cyber-Partner Deals
The agreement, which focuses on information security, was made between the State Service for Special Communication and Information Security of Azerbaijan and the Turkmenistan agency of Transport and Communications.
Truepill Mail-Order Pharmacy Hack Affects Nearly 2.4 Million People
The breach, which occurred between August 30 and September 1, resulted in the unauthorized access of files containing patient names, medication type, demographic information, and prescribing physician names.
Three Ways Varonis Helps You Fight Insider Threats
What do basketball teams, government agencies, and car manufacturers have in common? Each one has been breached, having confidential, proprietary, or private information stolen and exposed by insiders. In each case, the motivations and methods varied, but the risk...
Microsoft Releases Patch Updates for Five New Zero-Day Vulnerabilities
The three actively exploited zero-day vulnerabilities, including a Windows SmartScreen bypass and privilege escalation flaws, emphasize the need for users to exercise caution when interacting with internet shortcuts and hyperlinks.
FREE GUIDE