According to ecrime.ch data, confirmed ransomware incidents occurred in 105 countries, originating from 58 ransomware groups. This number is relatively consistent with last year’s data, in which we calculated that incidents impacted organizations in 109 countries and documented at least 60 distinct ransomware families. Though the overall statistics remain relatively consistent from last year to this year, there is more to the story: new trends in the ecosystem include the shifting dynamics of ransomware groups, the rise of the education sector as a key target, and the trends in geographic distribution of attacks.
A threat actor that security researchers call Prolific Puma has been providing link shortening services to cybercriminals for at least four years while keeping a sufficiently low profile to operate undetected.
Undisclosed requests may bypass configuration utility authentication, allowing an attacker with network access to the BIG-IP system through the management port…
Australian software company Atlassian warned admins to immediately patch Internet-exposed Confluence instances against a critical security flaw that could lead to data loss following successful exploitation.
The U.S. Securities and Exchange Commission has charged SolarWinds and its top cybersecurity executive Timothy Brown with fraud and internal control
Check Point’s Harmony Email team has reported a startling increase of 587% in QR code phishing or Quishing attacks.
An international law enforcement operation coordinated by Europol resulted in the dismantling of one of the largest groups involved in the distribution of
Elastic Security Labs reveals details of a new campaign leveraging defense evasion capabilities to infect vicitms with malicious MSIX executables.
Learn about the fake Google Chrome update malware, a common form of website malware that tricks users into downloading a remote access trojan disguised as a browser update. Understand how it works, its impact on websites, and how to protect your site from such threats. Stay updated on the latest malware trends with Sucuri.
CVE-2023-5043, CVE-2023-5044 and CVE-2022-4886 can be exploited by attacker to steal secret credentials from the cluster. Read all about it!
As a follow-up to the most recent Okta breach, we are making a HAR file sanitizer available to everyone, not just Cloudflare customers, at no cost.
HackerOne has announced that its bug bounty programs have awarded over $300 million in rewards to ethical hackers and vulnerability researchers since the platform's inception.
While poking around Parallels Desktop I found a script which is invoked by a setuid-root binary, which has the following snippet: local prl_dir="${usr_home}/Library/Parallels" if [ -e "$prl_dir" -a ! -d "$prl_dir" ]; then log warning "'${prl_dir}' is not a directory. Renaming it." mv -f "$prl_dir"{,~} continue fi Here ${usr_home} represents the home directory of the user for which Parallels Desktop is installed. The code says if ~/Library/Parallels exists and is not a directory then move it to ~/Library/Parallels~, presumably to back it up before creating this path as a directory.
Hackers connected to “the Comm,” a nebulous group that includes SIM swappers, are working with ALPHV, a ransomware group that has impacted some of the biggest companies on the planet, including MGM Casinos.
CVE-2023-45498/CVE-2023-45499 advisory
Our team identified a request smuggling vulnerability that led to complete compromise of an F5 system with the TMUI exposed.
Untruths spouted by chatbots ended up on the web—and Microsoft's Bing search engine served them up as facts. Generative AI could make search harder to trust.
CCleaner, a popular software for cleaning files and Windows Registry entries, has confirmed that attackers accessed some of its customer data.
The Winter Vivern Russian hacking group has been exploiting a Roundcube Webmail zero-day since at least October 11 to attack European government entities and think tanks.
We unveil a Lazarus campaign exploiting security company products and examine its intricate connections with other campaigns
