Cybersecurity researchers have uncovered a new set of malicious Python packages that target software developers under the guise of coding assessments. "The new samples were tracked to GitHub projects that have been linked to previous, targeted attacks in which developers are lured using fake job interviews," ReversingLabs researcher Karlo Zanki said. The activity has been assessed to be part of an ongoing VMConnect campaign that first came to light in August 2023. There are indications that i
All Articles (2533)
Sort by
When the Heritage Foundation’s nearly 1,000-page Project 2025 report was published earlier this year, cybersecurity experts focused on its radical suggestion to drastically diminish the Cybersecurity and Infrastructure Security Agency (CISA) and other reimagining of cybersecurity policy. But despite the buzz the report has caused in Washington cybersecurity circles, interviews with five former senior Trump administration officials demonstrate a much more moderate vision for cyber if he wins a s
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are alerting the public of false claims that the US voter registration data has been compromised in cyber-attacks. The two agencies note that malicious actors spread disinformation to manipulate public "opinion and undermine confidence in US democratic institutions."
According to public service awareness, the actors present publicly accessible data as evidence of the hacks. "Malicious acto
Radio Geretsried, a local station in southern Bavarian Germany, has blamed “unknown attackers from Russia” after an apparent ransomware incident left it broadcasting music from emergency backups. The attack is the latest incident to disrupt a German organization, with the country’s Federal Office for Information Security (BSI) warning: “The extortion of companies and public institutions through ransomware is the fastest growing area of cybercrime and is now a major problem.”
According to a stat
Cybersecurity researchers have warned of ongoing phishing campaigns that abuse refresh entries in HTTP headers to deliver spoofed email login pages designed to harvest users' credentials. Unlike other phishing webpage distribution behavior through HTML content, these attacks use the response header sent by a server, which occurs before the processing of the HTML content. Malicious links direct the browser to automatically refresh or reload a web page immediately without requiring user interact
In the months before his attackers tracked him down, the exiled Iranian journalist had been moved in and out of safe houses by London’s Metropolitan Police, given a secret way to signal rescue units and had monitoring devices installed in his home.
British authorities had done even more to protect Iran International, the London-based satellite news channel that airs the weekly program of the journalist, Pouria Zeraati, and has built an audience of millions in Iran despite being outlawed by the I
After two years of being beaten down with memory-safety warnings, the C++ community has published a proposal to help developers write less vulnerable code. The Safe C++ Extensions proposal addresses the vulnerable programming language's Achilles' heel, ensuring that code is free of memory safety bugs. "This is a revolutionary proposal that adds memory safety features to the C++ programming language," said the president and executive director of the C++ Alliance last week. "This collaboration
After the city of Columbus, Ohio, experienced a ransomware attack in July 2024 and disclosed the event, it sued a researcher who claimed the breach was more significant than the city let on. Ohio's largest city first fell victim to an attack on 18 July 2024 and quickly informed the public, claiming that it had stopped the attack before malware had infected its systems.
In early August 2024, the Rhysida ransomware gang leaked 3.1TB of data on its Tor-based site, information it claimed to have st
A Chinese national has been accused of conducting a years-long spear-phishing campaign that aimed to steal source code from the US Army and NASA, plus other highly sensitive software used in aerospace engineering and military applications. At least some of the spears hit their targets, and some of this restricted software made its way to China, according to a US Department of Justice (DOJ) announcement and an indictment. The accused, Song Wu, 39, remains at large and has been charged with 14 c
Crypto took a major hit last year with losses exceeding $5.6 billion, mainly driven by investment fraud, tech support scams, and social engineering via government impersonation. Latest findings published by the FBI’s Internet Crime Complaint Center (IC3), the product of almost 70,000 reports, marks this 45% rise as a new record high for the industry. The US alone accounts for $4.8 billion of these reported cases, followed by the Cayman Islands, Mexico, Canada, the UK, India, and Australia.
(So
Cybercriminals have been masquerading as sellers of GlobalProtect,[1] a virtual private network (VPN) software from Palo Alto Networks, and delivering a new variant of WikiLoader malware through search engine optimization (SEO) poisoning.
See: https://redskyalliance.org/xindustry/shifts-in-cyber-attack-tactics
WikiLoader, also known as WailingCrab, is a downloader malware first discovered in 2022 by Proofpoint. It's sold in underground marketplaces by initial access brokers, and hackers typica
The underground market for large illicit language models is lucrative, said academic researchers who called for better safeguards against artificial intelligence misuse. Academics at the Indiana University Bloomington[1] identified 212 malicious LLMs on underground marketplaces from April through September 2024. The financial benefit for the threat actor behind one of them, WormGPT, is calculated at US$28,000 over two months, underscoring the allure for harmful agents to break artificial intel
After nearly three weeks of identifying unauthorized activity on its network, the Port of Seattle continues to recover from a suspected cyberattack that impacted various operations. The travel experience at Seattle-Tacoma International Airport is now “normal,” the airport announced last week, with all flight and baggage information showing up on digital screens. However, the airport and Port’s websites are still down. Other services such as the airport’s lost and found and visitor pass progra
Slim CD, a company that provides software to merchants for processing electronic payments, said the credit card information of nearly 1.7 million people was exposed to an “unauthorized actor” in mid-June. The breached data potentially included “name, address, credit card number, and card expiration date,” but there is “no evidence that any such information has been used to commit identity theft or fraud,” the Florida-based company said in a notification letter filed September 6 with regulators.
Poland’s security services reported that they had broken up an alleged cyber sabotage group linked to Russia and Belarus that had attempted to “paralyze” the country through cyberattacks. The group, whose members were not publicly identified, extorted information from Polish local government agencies and state companies related to military and security matters, Poland’s Minister of Digital Affairs, Krzysztof Gawkowski, said during a press briefing on 10 September 2024. He referred to the group
The US Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm since at least 2020. GRU Unit 29155 cyber actors began deploying the destructi
In August 2024, FortiGuard Labs observed a python infostealer we call Emansrepo that is distributed via emails that include fake purchase orders and invoices. Emansrepo compresses data from the victim’s browsers and files in specific paths into a zip file and sends it to the attacker’s email. According to our research, this campaign has been ongoing since November 2023. The attacker sent a phishing mail containing an HTML file, which was redirected to the download link for Emansrepo. PyInsta
I never thought I would write an article about OnlyFans, the website where you can view naked celebrities. In a recent investigation, Veriti's cyber research team uncovered a deceptive operation targeting aspiring OnlyFans hackers. A user on a notorious hacking forum, Bilalkhanicom, offered a tool to "check" OnlyFans accounts. What appeared to be an opportunity for cybercriminals was a trap. The supposed hacking tool was, in fact, malware known as Lummac stealer, designed to infect the devi
In an era where digital threats loom large, the world finds itself grappling with an unprecedented surge in cyber-attacks. Yeah, no kidding. The landscape of digital security has become a battlefield, with corporate networks experiencing a staggering 30% increase in weekly attacks in the second quarter of 2024 compared to the same period in 2023. Yet, a recent study by Kiteworks, a provider of secure content communication solutions, has revealed a significant knowledge gap in the US regarding
North Korean threat actors are expected to launch imminent attacks aimed at stealing funds from "organizations with access to large quantities of cryptocurrency-related assets or products," the FBI is warning, adding that the attacks will use particularly deceptive social engineering tactics, including highly personalized targeting that will appear extremely convincing. In the last several months, federal officials have observed various state-sponsored actors from the DPKR conducting research o
