Security Bulletin

Infiltration of an internal secure file platform between Oct. 31 and Nov. 8 enabled the threat actor to pilfer a limited number of individuals' names and financial account details, said Finastra in its notification letter given to the Massachusetts...

Insight Partners disclosed immediately acting to contain and remediate the breach of some of its systems upon its discovery on Jan. 16, adding that an investigation has revealed no evidence suggesting persistent access to the impacted systems while...

Aside from impacting printed publication distribution, such an intrusion — which was not acknowledged as a ransomware attack — also interrupted billing, collections, and vendor payments, while temporarily limiting online operations, according to Lee...

TA2727's attack campaign, which were discovered in late January, entailed the insertion of malicious "Update" buttons on legitimate websites, which when clicked trigger automated DMG file downloads and the evasion of macOS Gatekeeper to eventually...

Despite featuring the same keystroke logging, screenshot capturing, and clipboard data gathering capabilities as earlier versions, such novel Snake Keylogger variant leverages an AutoIT-compiled binary as an executable file, which allows more...

Attacks conducted by BlackLock, which could be this year's most active ransomware group, involve the distribution of proprietary malware against Windows, VMware ESXi, and Linux systems for double extortion, an analysis from Reliaquest revealed.

By taking several proactive steps, boards can improve their organization's resilience against cyberattacks and protect their critical OT assets.

Today, CISA—in partnership with the Federal Bureau of Investigation (FBI) and Multi-State Information Sharing and Analysis Center (MS-ISAC)—released a joint Cybersecurity Advisory, #StopRansomware: Ghost (Cring) Ransomware. This advisory provides...

Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include...

How can digitization maximize patient benefits while strengthening the security and resilience of European healthcare? This blog explores three key areas: cybersecurity, digital skills, and connectivity.

While hunting, I spent some time trying to deobfuscate a malicious file discovered on VT. It triggered my PowerShell rule. At the end, I found two files that look close together:

The campaign heavily uses Dropbox folders and PowerShell scripts to evade detection and quickly scrapped infrastructure components after researchers began poking around.