Between late January and early March, Forescout Research – Vedere Labs identified a series of intrusions based on two Fortinet vulnerabilities. It began with the exploitation of Fortigate firewall appliances — culminating in the deployment of a newly discovered ransomware strain we have dubbed SuperBlack.
Domain system overseer plans to retire .su in 2030. ICANN has notified the operator of the legacy Soviet Union country code domain, .su, of its plans to retire the domain in five years, Domain Name Wire has learned. The .su namespace, which remains open for new registrations and currently has around 100,000 domain names, is […]
Threat actors have claimed a cyber attack on two businesses owned by US President Donald Trump, allegedly bringing down their websites.
The new algorithm will serve as a backup for the general encryption needed to protect data from quantum computers developed in the future
Discover how the ClickFix social engineering attack exploits human psychology to bypass security. Learn how hackers use this tactic and how to protect against it.
Cybersecurity firm Lookout found several samples of a North Korean spyware it calls KoSpy.
Lookout researchers have discovered a novel Android surveillance tool dubber KoSpy. It is attributed to APT 37 aka ScarCruft
Dans cette quatrième édition du panorama de la menace, l’Agence nationale de la sécurité des systèmes d’information (ANSSI) revient sur les grandes tendances de la menace informatique ainsi que sur les éléments et incidents marquants dont elle a eu connaissance en 2024.
Dans la continuité des années précédentes, l’ANSSI estime aujourd’hui que les attaquants liés à l’écosystème cybercriminel ou réputés liés à la Chine et la Russie constituent les trois principales menaces tant pour les systèmes d’information les plus critiques que pour l’écosystème national de manière systémique.
L’année 2024 aura également été marquée par l’organisation des Jeux Olympiques et Paralympiques de Paris ainsi que par le nombre et l’impact des vulnérabilités affectant les équipements de sécurité situés en bordure de SI.
Affected staff say more than 100 employees working to protect U.S. government networks were ‘axed’ with no prior warning
Attacks using this ransomware have displayed consistent TTPs and grown steadily since 2023.
GreyNoise data confirms that exploitation of CVE-2024-4577 extends far beyond initial reports. Attack attempts have been observed across multiple regions, with notable spikes in the United States, Singapore, Japan, and other countries throughout January 2025.
Google paid almost $12 million in bug bounty rewards to 660 security researchers who reported security bugs through the company's Vulnerability Reward Program (VRP) in 2024.
Switzerland's National Cybersecurity Centre (NCSC) has announced a new reporting obligation for critical infrastructure organizations in the country, requiring them to report cyberattacks to the agency within 24 hours of their discovery.
En collaboration avec "L'Œil du 20 heures", franceinfo a enquêté sur des données de géolocalisation de millions de téléphones en France, permettant d'identifier la vie privée de salariés de l'armée, de la DGSE, de lieux de pouvoir ou d'autres sites sensibles.
The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains an undocumented
DPRK IT workers exploit GitHub to pose as Asian developers, securing remote jobs to fund missile and nuclear programs.
Nisos has found six personas leveraging new and existing GitHub accounts to get developer jobs in Japan and the US
Japanese telecommunication services provider NTT Communications Corporation (NTT) is warning almost 18,000 corporate customers that their information was compromised during a cybersecurity incident.
While analyzing threats targeting WordPress frameworks, we found an attack where a single 3rd party JavaScript file was used to inject four separate backdoors into 1,000 compromised websites using cdn.csyndication[.]com/.
Silk Typhoon is a Chinese state actor focused on espionage campaigns targeting a wide range of industries in the US and throughout the world. In recent months, Silk Typhoon has shifted to performing IT supply chain attacks to gain access to targets. In this blog, we provide an overview of the threat actor along with insight into their recent activity as well as their longstanding tactics, techniques, and procedures (TTPs), including a persistent interest in the exploitation of zero-day vulnerabilities in various public-facing appliances and moving from on-premises to cloud environments.
