The infamous North Korean hacking collective known as Lazarus Group is using a sophisticated new attack technique in order to compromise macOS systems, a security researcher has discovered. In the first stage of the campaign, the threat actors set up a front company, called JMT Trading. The hackers then wrote

French media empire M6 Group was hit by ransomware on Saturday, leading to disruptions of its phone and email systems. However, the incident did not impact any of the group’s TV channels, radio stations and film studios, which include M6, the largest private French TV channel. The firm said that

Recent research by ESET has uncovered some of the tactics and tools used by the Winnti hacking group that has been carrying out supply-chain attacks against gaming companies since at least 2011. The attackers usually target game developers in order to embed backdoors in video games. In March of this

Shipping tech firm Pitney Bowes has suffered a ransomware attack that forced it to take down a great number of internal systems, resulting in major service disruptions. The company said that it “has seen no evidence that customer or employee data has been improperly accessed,” but did not elaborate on

Last month, AdaptiveMobile Security warned that threat actors are actively exploiting a security weakness in SIM cards in order to covertly collect the location information of thousands of users. The attacked, dubbed Simjacker,involves sending malicious SMS messages to vulnerable devices and it was estimated that it could put over 1

New research by FireEye’s Mandiant group shows that the infamous FIN7 cybercrime group is using new hacking tools in order to target ATMs produced by NCR Corporation. The new tools include a malware dropper called BOOSTWRITE that is designed to deliver multiple payloads. The malware delivered by BOOSTWRITE consists of

Iranian state-backed hacking group APT 25 (also known as Charming Kitten, Phosphorus, Ajax Security Team, NewsBeef and Newscaster) has updated its attack techniques to carry out a spearphishing campaign targeting US President Donald Trump’s re-election campaign, according to recent research[pdf] by ClearSky Cyber Security. The report states that the new attack

A new Tripwire study reveals that the overwhelming majority (93%) of ICS security professionals are worried about disruptive cyberattacks impacting business operations or resulting in downtime of customer-facing services. 77% of companies have invested in ICS cybersecurity in the last 2 years in order to mitigate these threats. However, about

In order to mitigate application security risk, organizations often use a ‘spaghetti on the wall’ approach, meaning that they use lots of different tools and hope for the best, a new Radware report indicates. The most common AppSec solutions are Web Application Firewalls (WAFs, used by 75% of firms), cloud WAF services

Security researchers with Morphisec are warning the BitPaymer ransomware actors have been exploiting a security flaw in the Bonjour updater for the Windows version of Apple iTunes in order to avoid detection by anti-malware solutions on targeted systems. Bonjour contains an “unquoted path vulnerability,” that can enable threat actors to