Among others, developers of the infamous Lumma, an infostealer malware, are already using the exploit by employing advanced tactics like token manipulation and encryption in targeted attacks. CloudSEK’s threat research team has reported a critical exploit affecting Google services, allowing threat actors to generate Google cookies continuously while ensuring continuous access to Google services even […]

5 pivotal cybersecurity trends for 2024 In 2023, cyberattacks surged both in terms of frequency and sophistication. The proliferation of cutting-edge hacking tools and technologies – now more accessible than ever thanks to advances in generative AI – created an environment conducive for cyber threats to flourish, forcing organizations to adopt proactive measures to keep

Unveiling the true cost of healthcare cybersecurity incidents As healthcare organizations increasingly rely on interconnected systems, electronic health records, and telemedicine, the industry becomes a prime target for malicious actors seeking to exploit vulnerabilities. The consequences of a cybersecurity breach in healthcare are not only measured in compromised data but also in jeopardized patient safety

Merry Christmas! We have made it – almost – through another year without being churned into paste by a super-intelligent AI, conscripted into a Martian work camp by an insane billionaire or forced offline by a Carrington event. Even in the absence of civilisation-altering events it’s been a busy year. But the advantage of a

The exploited WinRAR vulnerability was a zero-day flaw identified in August 2023 – Despite subsequent patching efforts, unpatched systems remain at risk and continue to be targeted. Cybersecurity researchers at Deep Instinct Lab have revealed a new series of cyberattacks carried out by ‘UAC-0099,’ specifically targeting Ukrainians. These attacks employ common tactics such as using

Indian government entities and the defense sector have been targeted by a phishing campaign that’s engineered to drop Rust-based malware for intelligence gathering. The activity, first detected in October 2023, has been codenamed Operation RusticWeb by enterprise security firm SEQRITE. “New Rust-based payloads and encrypted PowerShell commands have been utilized to exfiltrate confidential documents to

St Vincent’s – Australia’s largest not-for-profit health and aged care provider – has confirmed it has fallen victim to a cyber-attack and hackers have stolen some of its data. In a statement, St Vincent’s Health Australia confirmed it began responding to a cybersecurity incident on Tuesday. It discovered late on Thursday that data had been

The threat actor known as UAC-0099 has been linked to continued attacks aimed at Ukraine, some of which leverage a high-severity flaw in the WinRAR software to deliver a malware strain called LONEPAGE. “The threat actor targets Ukrainian employees working for companies outside of Ukraine,” cybersecurity firm Deep Instinct said in a Thursday analysis. UAC-0099

AI’s efficacy is constrained in cybersecurity, but limitless in cybercrime Bringing artificial intelligence into the cybersecurity field has created a vicious cycle. Cyber professionals now employ AI to enhance their tools and boost their detection and protection capabilities, but cybercriminals are also harnessing AI for their attacks. Security teams then use more AI in response

Initially, the data breach was thought to affect only 4.3 million current customers, but now the impact has extended to an additional 10 million. In a new cybersecurity incident, Coppell, Texas-based mortgage and loan giant Mr. Cooper has become the latest victim of a cyberattack that may have compromised the sensitive personal information of more