cybercriminals

Scammers have found a new way to steal money using legitimate services. DocuSign is at the center of a new type of cyberattack: attackers use its API to send fake invoices that look like real ones. Unlike standard phishing attacks, which use fake links and emails, these incidents use real...

A critical vulnerability gives hackers access to your data. Google has warned of a serious vulnerability in the Android operating system that is already being exploited by attackers. The vulnerability, known as CVE-2024-43093, is found in the Android Framework component and can lead to...

How a modest building in the center of Reykjavik became the focus of cyber threats. The modern office building next to the harbor in Iceland's capital, Reykjavík, is better known as the home of the Icelandic Phallological Museum, which exhibits 320 specimens of mammalian penises. However, for...

Positive Technologies has compiled a digest of 7 trending mistakes that you need to pay attention to urgently. In September 2024, Positive Technologies specialists identified 7 key vulnerabilities that have become trending. Among them are security problems in Microsoft, Veeam, VMware, Roundcube...

Another legal tool becomes the key to your data. Experts from the AhnLab Security Intelligence Center (ASEC) have discovered new attacks on MS-SQL servers that use unprotected accounts and weak passwords. As part of the malicious campaign, the attackers used a legitimate remote control tool...

$9.3 million in cryptocurrency disappeared from the hands of attackers in a matter of seconds. As part of Operation Kraken, the Australian Federal Police (AFP) has arrested $9.3 million in cryptocurrency linked to the alleged head of an international criminal organization. The operation was...

Attackers combine viruses and social engineering in attacks on smartphones. Cybercriminals are actively using combined attacks that combine malicious software and social engineering techniques. According to SafeTech CEO Denis Kalemberg, attackers use Trojan viruses in combination with phone...

Attackers combine viruses and social engineering in attacks on smartphones. Cybercriminals are actively using combined attacks that combine malicious software and social engineering techniques. According to SafeTech CEO Denis Kalemberg, attackers use Trojan viruses in combination with phone...

The new Embargo ransomware software threatens data security. Microsoft has identified a new hacker unit tracked under the ID Storm-0501. Previously, this group collaborated with well-known ransomware gangs such as Hive, BlackCat (ALPHV), Hunters International, LockBit, and Embargo. Now...

Fake Microsoft pages are becoming the new tools of hackers. Cyberattacks are becoming more sophisticated, and one of the latest trends shows how attackers disguise themselves as HR departments of large companies. A recent example of a phishing attack reviewed by Cofense was found in secure...

What is HexForge – a security boon or a threat in the wrong hands? Elastic has published the source code of the HexForge plugin for IDA Pro. The new tool is designed to extend the capabilities of working with assembly and hexadecimal data representation in IDA, a popular software analysis tool...

How educational institutions become an easy target for hackers. The U.S. Highline Public Schools District, which includes more than 17,500 students and 34 schools in Washington state, recently reported a cyberattack on its systems. As a result of the incident on September 9, Monday, all schools...

Hacks of DeFi platforms have reached a new level, exceeding all expectations. The rise in popularity of Web3 has opened up new opportunities for cybercriminals, especially in the decentralized finance (DeFi) space, where the scale of theft has surpassed traditional bank robberies. According to...

New domains have found their place not only in business, but also in cybercrime. Over the past year, 19 new top-level domains (TLDs) have been issued, and a study by Palo Alto Networks found that these domains are actively used for a variety of cyberattacks. Among the identified threats are...

Cyberattacks are getting smarter: employees are on the front lines of threats. In the second quarter of 2024, Positive Technologies experts recorded an increase in the activity of cybercriminals, who are increasingly using social engineering methods and malicious software to attack...

Blockchain Engineers Find Themselves at the Epicenter of Hackers Interests. Cybersecurity researchers have discovered a new macOS malware called TodoSwift, which they believe shares similarities with known malware used by hacker groups from North Korea. As noted by Christopher Lopez, a...

A Singapore court has formally charged members of a group that developed a major malicious campaign against residents of the country with fraud. Local media reported that two Malaysian citizens aged 26 and 47 were in the dock. The campaign began in June 2023. Cybercriminals tricked their...

25+ resources promise to bypass the kicksharing rules. F. A. C. C. T specialists found at least 25 resources that suggest circumventing the rules of kicksharing services. These resources include groups in social networks, channels, and messenger bots that offer users various ways to illegally...

Did the hackers actions help reduce student stress before grading? Or has the situation only worsened? Billericay School in Essex, United Kingdom, was forced to close after a large-scale cyber attack that severely affected the internal systems of the school. Parents were informed that the...

"Operation Endgame" deals a powerful blow to IcedID, Pikabot, Smokeloader and other digital threats. From May 27 to May 29, 2024, an international law enforcement operation codenamed "Operation Endgame" captured more than 100 servers used for major malware campaigns using programs such as...