Blog
Researchers Witness 600X Increase in P2Pinfect Botnet Traffic
The developers of P2Pinfect are actively iterating on the malware's capabilities and expanding the botnet, as seen through frequent updates and a substantial increase in activity.
Critical Infrastructure Organizations Warned of Snatch Ransomware Attacks
Prior to ransomware deployment, the Snatch threat actors spend up to three months on victims’ networks, searching for valuable data to exfiltrate and identifying systems they can encrypt. They also attempt to disable security software.
The Rise of the Malicious App
Security teams are familiar with threats emanating from third-party applications that employees add to improve their productivity. These apps are inherently designed to deliver functionality to users by connecting to a “hub” app, such as Salesforce, Google Workspace,...
Cyber Group ‘Gold Melody’ Selling Compromised Access to Ransomware Attackers
A financially motivated threat actor has been outed as an initial access broker (IAB) that sells access to compromised organizations for other adversaries to conduct follow-on attacks such as ransomware. SecureWorks Counter Threat Unit (CTU) has dubbed the e-crime...
China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers
China's Ministry of State Security (MSS) has accused the U.S. of breaking into Huawei's servers, stealing critical data, and implanting backdoors since 2009, amid mounting geopolitical tensions between the two countries. In a message posted on WeChat, the government...
UK Passes the Online Safety Bill — And No, It Doesn’t Ban End-to-End Encryption
The UK's Online Safety Bill does not ban end-to-end encryption but includes provisions for messaging platforms to use accredited technology to identify specific types of content.
UK Passes the Online Safety Bill — And No, It Doesn’t Ban End-to-End Encryption
The UK's Online Safety Bill does not ban end-to-end encryption but includes provisions for messaging platforms to use accredited technology to identify specific types of content.
Ukrainian Hacker Suspected to be Behind “Free Download Manager” Malware Attack
The maintainers of Free Download Manager (FDM) have acknowledged a security incident dating back to 2020 that led to its website being used to distribute malicious Linux software. "It appears that a specific web page on our site was compromised by a Ukrainian hacker...
LLM Guard: Open-Source Toolkit for Securing Large Language Models
The open-source toolkit provides evaluators for inputs and outputs of LLMs, offering features such as sanitization, detection of harmful language, data leakage prevention, and protection against prompt injection and jailbreak attacks.
CIO Accuses Penn State of Faking Cybersecurity Compliance
Pennsylvania State University (Penn State) is facing a lawsuit filed by a former chief information officer (CIO) who alleges that the university falsified government security compliance reports.
FREE GUIDE