Security Bulletin

Attackers distributed phishing emails with malicious file download links to facilitate compromise with SnipBot, which includes support for more commands than the previous iteration of RomCom RAT.

Intrusions by Kimsuky involved the delivery of spear-phishing emails luring ZIP file downloads and malicious file extraction to facilitate the deployment of the payloads, which are suspected to be of the same author due to source code similarities.

Thousands of Ukrainian devices have been compromised by Gamaredon between 2022 and 2023, primarily through spear-phishing campaigns, an analysis from ESET showed.

Both exchanges are associated with Russian Sergey Sergeevich Ivanov, also known as Taleon, who has allegedly provided money laundering services to threat actors in the last 20 years.

These five best practices are the blocking and tackling of network data security that never go out of style.

More than half of employees report receiving no training on secure AI use.

In Putin’s Russia, Google regulates you.

The number of memory bugs in Android declined sharply after Google began transitioning to Rust for new features in its mobile OS.

The vendor says there are no reports of the flaws being exploited in the wild nor any public exploit codes currently available.