‘Fog’ Hackers Troll Victims With DOGE Ransom Notes

Since January, threat actors distributing the malware have notched up more than 100 victims.

darkreading – ​Read More

‘Elusive Comet’ Attackers Use Zoom to Swindle Victims

The threat actor uses sophisticated social engineering techniques to infect a victim’s device, either with an infostealer or remote access Trojan (RAT).

darkreading – ​Read More

Texas city takes systems offline after cyberattack

The city of Abilene disconnected servers after officials detected a cyber incident last week.

The Record from Recorded Future News – ​Read More

Microsoft Purges Dormant Azure Tenants, Rotates Keys to Prevent Repeat Nation-State Hack 

Microsoft security chief Charlie Bell says the SFI’s 28 objectives are “near completion” and that 11 others have made “significant progress.”

The post Microsoft Purges Dormant Azure Tenants, Rotates Keys to Prevent Repeat Nation-State Hack  appeared first on SecurityWeek.

SecurityWeek – ​Read More

Nation-State Threats Put SMBs in Their Sights

Cyberthreat groups increasingly see small and medium-sized businesses, especially those with links to larger businesses, as the weak link in the supply chain for software and IT services.

darkreading – ​Read More

Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan

Cybersecurity researchers have flagged a new malicious campaign related to the North Korean state-sponsored threat actor known as Kimsuky that exploits a now-patched vulnerability impacting Microsoft Remote Desktop Services to gain initial access.
The activity has been named Larva-24005 by the AhnLab Security Intelligence Center (ASEC).
“In some systems, initial access was gained through

The Hacker News – ​Read More

Can Cybersecurity Weather the Current Economic Chaos?

Cybersecurity firms tend to be more software- and service-oriented than their peers, and threats tend to increase during a downturn, leaving analysts hopeful that the industry will buck a recession.

darkreading – ​Read More

Booking.com Phishing Scam Uses Fake CAPTCHA to Install AsyncRAT

Fake Booking.com emails trick hotel staff into running AsyncRAT malware via fake CAPTCHA, targeting systems with remote access…

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More

ASUS Urges Users to Patch AiCloud Router Vuln Immediately

The vulnerability is only found in the vendor’s router series and can be triggered by an attacker using a crafted request — all of which helps make it a highly critical vulnerability with a 9.2 CVSS score.

darkreading – ​Read More

SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks

A new Android malware-as-a-service (MaaS) platform named SuperCard X can facilitate near-field communication (NFC) relay attacks, enabling cybercriminals to conduct fraudulent cashouts.
The active campaign is targeting customers of banking institutions and card issuers in Italy with an aim to compromise payment card data, fraud prevention firm Cleafy said in an analysis. There is evidence to

The Hacker News – ​Read More