Akira Ransomware Racks Up 30+ Victims in a Single Day
Of the numerous victims, at least three refused to pay the demanded ransom, with the rest seemingly in talks with the cybercriminal group.
darkreading – Read More
VMware Discloses Exploitation of Hard-to-Fix vCenter Server Flaw
The saga of VMWare’s critical CVE-2024-38812 vCenter Server bug has reached the “exploitation detected” stage.
The post VMware Discloses Exploitation of Hard-to-Fix vCenter Server Flaw appeared first on SecurityWeek.
SecurityWeek – Read More
AI company tells SEC that $250,000 stolen in cyberattack
An artificial intelligence company said a hacker breached its network and stole a $250,000 wire payment in an incident likely to have a material impact on the firm’s bottom line.
The Record from Recorded Future News – Read More
New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers
Cybersecurity researchers have shed light on a new stealthy malware loader called BabbleLoader that has been observed in the wild delivering information stealer families such as WhiteSnake and Meduza.
BabbleLoader is an “extremely evasive loader, packed with defensive mechanisms, that is designed to bypass antivirus and sandbox environments to deliver stealers into memory,” Intezer security
The Hacker News – Read More
US Government Agencies Impersonated in Aggressive DocuSign Phishing Scams
DocuSign phishing scams surged by 98%, with hundreds of daily attacks impersonating US government agencies like HHS and…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Palo Alto Networks Patches Critical Zero-Day Firewall Bug
The security vendor’s Expedition firewall appliance’s PAN-OS interface tool has racked up four critical security vulnerabilities under active attack in November, leading tit to advise customers to update immediately or and take them off the Internet.
darkreading – Read More
CISA director Jen Easterly to depart agency on January 20
CISA’s director will depart the agency after three years at the helm, as part of the “seamless transition” of government power.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
AI training software firm iLearningEngines says it lost $250,000 in recent cyberattack
The US-based firm said hackers misdirected a $250,000 wire transfer payment that it hasn’t been able to recover.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Cyber Resilience Act: Security Requirements in Development
On October 10th, 2024, the EU Parliament mandated security standards for connected software with the enactment of the Cyber Resilience Act (CRA). The act mandates that full compliance needs to be achieved within 36 months. However, according to Article 14, vulnerability reporting obligations must be met within 21 months of enactment. Because the regulation applies to products with digital…
TechSplicer – Read More
Why Custom IOCs Are Necessary for Advanced Threat Hunting and Detection
The ability to internalize and operationalize customized threat intelligence as part of a holistic security system is no longer a luxury; it’s a necessity.
The post Why Custom IOCs Are Necessary for Advanced Threat Hunting and Detection appeared first on SecurityWeek.
SecurityWeek – Read More