Security
Stay informed with the latest developments in cybersecurity through our Security category. Discover in-depth news, analysis, and updates on emerging cyber threats, malware incidents, and major data breaches. Whether you’re a cybersecurity professional or just keen on protecting your digital footprint, find insights and trends that are shaping the future of online security here.
Kaspersky is shutting down its business in the United States
Russian cybersecurity company and antivirus software provider Kaspersky Lab will start shutting down operations in the United States on July 20. Company also confirmed that it will lay off its U.S.-based employees. Independent cybersecurity journalist Kim Zetter first reported that this will affect “less than 50 employees in the U.S.” This comes after the U.S. Treasury Department’s […]
Attackers Exploit URL Protections to Disguise Phishing Links
Cybercriminals are abusing legitimate URL protection services to disguise malicious phishing links, Barracuda researchers have revealed. The firm observed phishing campaigns using three different URL protection services to mask phishing URLs and send victims to websites designed to harvest their credentials. The researchers believe these campaigns have targeted hundreds of companies to date, if not […]
Hackers use PoC exploits in attacks 22 minutes after release
Threat actors are quick to weaponize available proof-of-concept (PoC) exploits in actual attacks, sometimes as quickly as 22 minutes after exploits are made publicly available. That is according to Cloudflare’s Application Security report for 2024, which covers activity between May 2023 and March 2024 and highlights emerging threat trends. Cloudflare, which currently processes an average […]
Netgear warns users to patch auth bypass, XSS router flaws
Netgear warned customers to update their devices to the latest available firmware, which patches stored cross-site scripting (XSS) and authentication bypass vulnerabilities in several WiFi 6 router models. The stored XSS security flaw (fixed in firmware version 1.0.0.72 and tracked as PSV-2023-0122) impacts the XR1000 Nighthawk gaming router. While the company didn’t disclose any details regarding […]
New phishing tactic hijacks email protections to mask links
Email security company Barracuda exposed a recent phishing campaign that uses legitimate URL protection services to mask malicious email links. The new phishing tactic was revealed in a Barracuda blog post Monday, and has been leveraged in attacks beginning around mid-May 2024. The attacks take advantage of the legitimacy of URL protection services used by […]
Indiana County Files Disaster Declaration Following Ransomware Attack
A County in Indiana, US, has filed a disaster declaration following a ransomware attack on local government networks, which has prevented the administration of critical services. Clay County made the declaration after confirming the incident has resulted in an inability to operate Clay County Courthouse and Clay County Probation/Community Corrections facilities. The July 11 declaration […]
DoNex ransomware decoded: How to use Avast decryptor
Avast released a decryptor for DoNex ransomware, offering a free recovery solution for victims of DoNex and its predecessors. DoNex, Muse, DarkRace and fake LockBit 3.0 are all names for a ransomware family that has been active since April 2022, mostly targeting businesses in the United States, Italy and Belgium, according to Avast’s telemetry data. […]
Microsoft Fixes Four Zero-Days in July Patch
Sysadmins have a busy time ahead this month after Microsoft issued updates for over 140 CVEs, including four zero-day vulnerabilities. The zero-days are as follows: RCE Vulnerabilities Microsoft patched five critical RCE vulnerabilities in this July’s Patch Tuesday. First, a SharePoint vulnerability CVE-2024-38023 has been identified. “[It] could allow an authenticated attacker with site owner […]
Hackers Downloaded Call Logs from Cloud Platform in AT&T Breach
Telecommunications giant AT&T has revealed that customer data has been illegally downloaded by threat actors. Hackers have downloaded the data from AT&T’s its workspace on a third-party cloud platform, the company confirmed in a statement published on July 12. According to a filing with the US Securities and Exchange Commission (SEC), the company first learned […]
NATO Set to Build New Cyber Defense Center
NATO’s members have agreed to the construction of a new cyber-defense facility designed to help the military alliance build resilience and better respond to digital threats. As the alliance celebrated its 75th anniversary with a summit in Washington DC from 9 to 11 July, it revealed plans for a new NATO Integrated Cyber Defence Centre […]