A previously undetected, suspected Chinese-state threat actor has been targeting governments in the South China Sea for years with a remote access Trojan that has been a favorite of Chinese hackers since its creation almost two decades ago, say security researchers from Bitdefender.
Kevin Mandia will vacate the CEO position at his namesake company 20 months after Google bought the threat intelligence and incident response titan. Mandia's May 31 transition into an advisory role at Google will cap off two decades of private sector leadership for the U.S. Air Force veteran.
It's not just the critical cybersecurity vulnerabilities; it's the speed at which adversaries are attacking them. This is one of the key findings of Fortinet's new FortiGuard Labs Global Threat Landscape Report. Fortinet's Derek Manky shares takeaways and analysis.
Intel 471 bought a threat hunting startup led by a Raytheon and Swimlane leader to help clients more effectively address complex cyberthreats. Buying Cyborg Security will bring threat hunting and threat intelligence together to beef up security posture and take proactive measures against hackers.
How do data breaches happen? The latest annual Verizon Data Breach Investigations Report, which aims to help defenders answer that question, points in part to the ever-present threat of ransomware and data extortion and charts a surge in attackers exploiting zero-day and known vulnerabilities.
Threat actors are sending SMS texts to trick banking customers into downloading new and improved Vultur banking malware that interacts with infected devices and alters files. Vultur typically misuses legitimate applications, enabling remote access to the VNC server on targeted devices.
Major technology vendors keep being hacked by the nation-state hacking group Midnight Blizzard. Essential defenses to combat such attacks begin with implementing log monitoring across multiple platforms to find red flags, said John Fokker, head of threat intelligence at Trellix.
The Treasury Department announced sanctions against Intellexa, the maker of a popular package of spyware tools and technologies known as Predator that has been used to target U.S. officials, journalists and policy experts, according to a news release on Tuesday.
North Korea's Lazarus hackers exploited a Windows AppLocker driver zero-day to gain kernel-level access and turn off security tools that could detect the group's bring-your-own-vulnerable-driver exploitation techniques. Microsoft fixed the bug in its February patch dump.
Chinese threat actors are continuing to persist after exploiting the recent Ivanti Connect Secure VPN vulnerability even after factory resets, system upgrades and patches. The threat actor, UNC5325, is adept at "living off the land" techniques, warned threat intelligence firm Mandiant.
Cybersecurity researchers identified a suspected Iranian espionage campaign targeting aerospace, aviation and defense industries across the Middle East. Hackers targeted employees within the aviation and defense sectors with fake job offers for tech and defense-related positions.
While overall ransomware profits might remain high, many of the remaining or rebooted top-tier groups are "really struggling" with scarce talent, trauma from the Russia-Ukraine war and repeated disruptions by law enforcement, say researchers from threat intelligence firm RedSense.
The novel variant of the banking Trojan Mispadu is targeting Latin American countries, especially Mexico, by exploiting a flaw in Windows SmartScreen. In this latest distribution method, the attackers send spam emails that deliver deceptive URL files that circumvent the SmartScreen banner warning.
In times of conflict, such as the Israel-Hamas war, intelligence becomes even more important than it is in peacetime. Red Curry, chief marketing officer at Tautuk, and his brother, Sam Curry, CISO at Zscaler, discuss the need for a combined intelligence strategy and better resilience in wartime.
In the wake of an apparently weak password being harvested by information-stealing malware and used to disrupt telecommunications giant Orange Spain's internet traffic, an expert is warning all organizations to beware of copycat attacks - and to lock down their internet registry accounts.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.