News

Earth Hundun, a notable Asia-Pacific malware organization, uses Waterbear and Deuterbear. We first encountered Deuterbear in Earth Hundun’s arsenal in October 2022, signaling its implementation. This report describes the ultimate Remote Access Trojan (RAT) we recovered from a C&C server from an …

Cybersecurity experts have identified a new malware, dubbed WaveStealer, that is being actively distributed through popular messaging platforms Telegram and Discord. This sophisticated malware masquerading as video game installers poses a significant threat to users by targeting their sensitive data. How WaveStealer …

According to the Federal Communications Commission (FCC), the Royal Tiger Group and its employees are a Consumer Communications Information Services Threat (C-CIST). This is a crucial step for the FCC in its ongoing work to protect U.S. customers from sophisticated …

A major mistake in setup caused Google Cloud and UniSuper to delete the financial service provider’s private cloud account. This event has caused a lot of worry about the security and dependability of cloud services, especially for big financial companies. The outage …

Google has released an urgent update for its popular Chrome web browser. The update fixes a critical zero-day vulnerability that malicious attackers are actively exploiting. The vulnerability is considered to be high-risk, and if left unpatched, attackers can gain unauthorized …

The Federal Bureau of Investigation (FBI) has warned about a sophisticated phishing and smishing (SMS phishing) campaign orchestrated by a cybercriminal group known as STORM-0539, or Atlas Lion. This group has been actively targeting the gift card departments of major …

The automotive industry is experiencing a surge in BEC and VEC attacks, a type of email scam designed to trick employees into transferring money or revealing sensitive information. A recent incident where a fraudster stole $37 million from Toyota Boshoku …

Kapeka, also known as KnuckleTouch, is a sophisticated backdoor malware that has been making waves in the cybersecurity world. Initially appearing in mid-2022, it wasn’t until 2024 that Kapeka was formally tracked due to its involvement in limited-scope attacks, particularly in Eastern …

A severe vulnerability has been discovered in the PuTTY client and related components, allowing attackers to fully recover NIST P-521 private keys. The PuTTY client generates heavily biased ECDSA nonces when using the NIST P-521 elliptic curve, causing the vulnerability …

The City of Wichita, Kansas, experienced a disruption when it fell victim to a ransomware attack. This cyber assault encrypted data across various city systems, prompting officials to shut down the affected networks as a containment measure. The attack has impacted several …