Devices from Cisco, Netgear and others at risk from the multi-stage malware, which has been active since April 2020 and shows the work of a sophisticated threat actor.
Oliver Tavakoli, CTO at Vectra AI, gives us hope that surviving a ransomware attack is possible, so long as we apply preparation and intentionality to our defense posture.
Researchers warn threat actors are using a novel remote code execution exploit to gain initial access to victim’s environments.
CISA warns that threat actors are ramping up attacks against unpatched Log4Shell vulnerability in VMware servers.
The APT is pairing a known Microsoft flaw with a malicious document to load malware that nabs credentials from Chrome, Firefox and Edge browsers.
The threat actor targets institutions and companies in Europe and Asia.
Researchers have discovered that a Kazakhstan government entity deployed sophisticated Italian spyware within its borders.
Evidence suggests that a just-discovered APT has been active since 2013.
Symbiote, discovered in November, parasitically infects running processes so it can steal credentials, gain rootlkit functionality and install a backdoor for remote access.
The dangerous malware appears to be well and truly back in action, sporting new variants and security-dodging behaviors in a wave of recent phishing campaigns.
Ransomware attackers often strike targets twice, regardless of whether the ransom was paid.
The novel cybercriminal group tapped the ever-evolving info-stealing trojan to move laterally on a network in a recent attack, researchers have found.
Deja-Vu data from this year’s DBIR report feels like we are stuck in the movie ‘Groundhog Day.’
The cybercriminal group is distancing itself from its previous branding by shifting tactics and tools once again in an aim to continue to profit from its nefarious activity.
The info-stealing trojan used SMS messages and lifted contact credentials to spread with unprecedented speed across Android devices globally since December 2020.
Malware borrows generously from code used by other botnets such as Mirai, Qbot and Zbot.
Malware loads itself from remote servers and bypasses Microsoft’s Defender AV scanner, according to reports.
Actors claiming to be the defunct ransomware group are targeting one of Akami’s customers with a Layer 7 attack, demanding an extortion payment in Bitcoin.
A slip-up by a malware author has allowed researchers to taxonomize three ransomware variations going by different names.
2022’s DBIR also highlighted the far-reaching impact of supply-chain breaches and how organizations and their employees are the reasons why incidents occur.