A new campaign using catfishing techniques with fake aerobics-instructor profiles has been discovered in a supply-chain attack attempt originating from an Iranian APT, TA456. The threat actors created convincing profiles of objectively attractive women to charm victims into downloading malware. According to a new report from Proofpoint, the campaign allegedly

Sophos researchers have detailed a new Racoon Stealer campaign that underscores the evolution of the information-stealer. According to Sophos, the Racoon Stealer has been distributed through a dropper campaign with the goal of stealing cryptocurrencies, cookies, and other valuable information located on target machines. Researchers confirmed that the campaign had

Researchers at Cybereason Nocturnus recently published a report disclosing three cyber espionage campaigns seeming to come from China targeting networks belonging to major telecommunications companies. The attackers are referred to as DeadRinger in the report and are believed to be working for Chinese state interests. The cybersecurity firm reported that

A new update to the SolarWinds attack has revealed that hackers breached the email accounts of US prosecutors, boasting access to the accounts for several months. Several top US intelligence agencies have confirmed that the attacks were likely the work of Russian state-sponsored hackers. US President Joe Biden has initiated

Despite controversy over whether businesses and organizations who fall victim to ransomware should meet criminals’ demands, the US government is likely to make it illegal for victims of ransomware attacks to pay the ransom. According to the US Department of Justice, banning this act will only wreak further havoc. Oftentimes,

No More Ransom, a company that looks to prevent ransomware victims from paying millions of dollars to malicious hacking groups, has allegedly saved victims more than €1 billion over the past five years. No More Ransom wants to prevent incentivizing ransomware groups with large payouts and to protect victims from

Researchers at cybersecurity company SentinelOne recently released a report detailing a recent cyberattack on Iran’s train system. The report identifies a new threat actor dubbed MeteorExpress and a previously unknown wiper. The attack was initially reported by local news outlets on July 9, stating that hackers were defacing display screens

Reports have emerged that Kaseya has obtained a master decryptor key to mitigate the effects of a REvil ransomware attack that disrupted and locked up the systems of at least 60 of its customers. It is unclear if the ransom demand was paid to access the decryption key. Kaseya stated

A new widespread software supply-chain attack has been discovered by researchers, this time consisting of a password stealer harvesting credentials from Chrome on Windows systems via a tool called ChromePass. According to researchers, the campaign was discovered after professionals caught the malware stealing credentials, listening for incoming commands from the

Saudi Aramco has denied allegations of a cyberattack despite claims made by ZeroX, a threat actor who reports having stolen 1T of sensitive data from the company. Saudi Aramco is one of the largest oil companies in the world. Cybercriminals allegedly contact news outlets claiming to have stolen data ranging