Microsoft security researchers say the operators of the well-established Mozi IoT botnet have upgraded the malware, enabling it to achieve persistence on network gateways manufactured by Netgear, Huawei and ZTE.
The Cybersecurity and Infrastructure Security Agency is warning organizations to immediately patch the ProxyShell vulnerabilities in Microsoft Exchange email servers because security researchers say ransomware gangs are exploiting these flaws.
The U.S. and Singapore have announced three agreements to expand their collaborative efforts - including shoring up information sharing, research and training - to address global cybersecurity issues.
Two large healthcare organizations - Memorial Health System in Ohio and University Medical Center of Southern Nevada - continue to mop up after recent cyberattacks apparently involving ransomware. The Ohio organization admits negotiating "a settlement" with attackers to obtain a decryptor.
The U.S. State Department reportedly recently sustained a cyber incident that prompted a notice to the Defense Department's Cyber Command. The report of the incident follows a congressional report that gave the State Department a "D" grade for its cybersecurity defenses.
Researchers at Mnemonics Labs have found a vulnerability in the server name indication, or SNI, of the TLS Client Hello extension. Exploitation could enable attackers to bypass the security protocol of many security products, leading to stealthy exfiltration of data, researchers say.
Security firm Cloudflare says it detected and mitigated a 17.2 million request-per-second distributed denial-of-service attack, almost three times larger than any previously reported HTTP DDoS attack.
John "Chris" Inglis says one of his first priorities as national cyber director within the White House is focusing on issues of cyber resiliency. Battling ransomware and coordinating government responses with the private sector are also top issues he's tackling.
The Aggah APT group, believed to be of Pakistani origin, apparently was behind a recent spear-phishing campaign targeting manufacturing firms in Taiwan and South Korea, according to the Anomali Threat Research Team.
As ransomware-as-a-service operations continue to compete for affiliates, the operators behind LockBit have unveiled a new version of their crypto-locking malware boasting fresh features, some borrowed from rivals. Separately, a relatively unsophisticated newcomer called Hive has debuted.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the evolution of fraud trends and the challenges in implementing the "zero trust" framework in the OT environment.
An Ohio man has pleaded guilty to operating an illegal bitcoin "mixer" service to launder more than $300 million in cryptocurrency for users of darknet marketplaces, according to the Justice Department. Larry Dean Harmon faces up to a 20-year federal prison sentence.
The World Bank has launched a cybersecurity fund for low- and middle-income nations to support public sector efforts to conduct cybersecurity maturity assessments, offer technical assistance and support training and staff development.
Researchers at cybersecurity firm ClearSky say an Iranian APT group, dubbed "Siamesekitten," is targeting Israeli companies in a supply chain attack campaign. The attackers are luring victims with fake job offer emails that direct recipients to websites that download malware.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.