In the first half of 2023, we observed a threefold increase in the number of attacks using infected USB drives to steal secrets.
Microsoft blocks a new batch of system drivers, but the loophole empowering them remains.
In December 2022, Microsoft published their monthly Windows Update packages that included an advisory about malicious drivers, signed by Microsoft and other code-signing authorities, that Sophos X-…
Microsoft Corp. today released software updates to quash 130 security bugs in its Windows operating systems and related software, including at least five flaws that are already seeing active exploitation. Meanwhile, Apple customers have their own zero-day woes again this…
Apple has issued a new round of Rapid Security Response (RSR) updates to address a new zero-day bug exploited in attacks and impacting fully-patched iPhones, Macs, and iPads.
The Microsoft Windows Hardware Compatibility Program (WHCP) certifies that drivers, and other products, run reliably on Windows and on Windows certified hardware. First reported by Sophos, and later Trend Micro and Cisco, Microsoft has investigated and confirmed a list of third-party WHCP-certified drivers used in cyber threat campaigns. Because of the drivers’ intent and functionality, Microsoft has added them to the Windows Driver.STL revocation list.
Microsoft has identified a phishing campaign conducted by the threat actor tracked as Storm-0978 targeting defense and government entities in Europe and North America. The campaign involved the abuse of CVE-2023-36884, which included a zero-day remote code execution vulnerability exploited via Microsoft Word documents.
The health-care giant claimed no "clinical" information was breached by the hackers, a claim undercut by sample data provided to an industry analyst.
Malicious packages on PyPI copy W4SP attacks to steal users’ credentials and crypto wallet data. This incident illustrates issues in open-source ecosystems.
As they say, when it rains, it pours. Recently, we observed more than 3,000 phishing emails containing phishing URLs abusing services at workers.dev and pages.dev domains.
Two UK teenagers were accused of being key members of the notorious hacking group Lapsus$, with prosecutors alleging that the pair were involved in attacks on companies including Nvidia Corp., Rockstar Games Inc., and Uber Technologies Inc.
A flaw in Revolut’s payment system in the US allowed criminals to steal more than $20mn of its funds over several months last year before the company could close the loophole, according to multiple people with knowledge of the episode.
In a recent investigation by Microsoft Incident Response of a BlackByte 2.0 ransomware attack, we found that the threat actor progressed through the full attack chain, from initial access to impact, in less than five days, causing significant business disruption for the victim organization.
Read Uptycs' analysis of the newly discovered Meduza Stealer malware targeting Windows users, revealing capabilities, potential impact & mitigation steps.
This week, our engine detected two spyware hiding on the Google Play Store and affecting up to 1.5 million users.
“Write once, infect everywhere” might be the new cybercrime motto, with newly discovered campaigns showing malicious npm packages powering phishing kits and supply chain attacks.
One incident affected the OCR and Pearson Edexcel examiners, and another hit AQA, Britain's largest exam board.
The bureau is trying to take the fight to foreign ransomware gangs, even if it means giving up on bringing some of them behind bars.
Japan’s biggest port, the Port of Nagoya, has been shut down after a cyberattack by the LockBit ransomware gang. The Russian cybercriminals have been on a crime spree this week, claiming ten new victims in the last five days.
Threat actors are using increasingly sophisticated forms of evasion and anti-analysis as they respond to increased attention to macOS security in the enterprise.
