While Israel and Iranian proxies fight it out IRL, their conflict in cyberspace has developed in parallel. These days attacks have decelerated, but advanced in sophistication. Go to Source Author: Nate Nelson, Contributing Writer
Category Archives: Uncategorized
Threat hunters are warning of a sophisticated web skimmer campaign that leverages a legacy application programming interface (API) from payment processor Stripe to validate stolen payment information prior to exfiltration. “This tactic ensures that only valid card data is sent to the attackers, making the operation more efficient and potentially harder to detect,” Jscrambler researchers […]
In one of the largest coordinated law enforcement operations, authorities have dismantled Kidflix, a streaming platform that offered child sexual abuse material (CSAM). “A total of 1.8 million users worldwide logged on to the platform between April 2022 and March 2025,” Europol said in a statement. “On March 11, 2025, the server, which contained around […]
By using fake references and building connections with recruiters, some North Korean nationals are landing six-figure jobs that replenish DPRK coffers. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
While the House Committee on Government Reform was looking for retaliatory options, cybersecurity experts pointed them toward building better defenses. Go to Source Author: Alexander Culafi, Senior News Writer, Dark Reading
The US military and law enforcement learned to outthink insurgents. It’s time for cybersecurity to learn to outsmart and outmaneuver threat actors with the same framework. Go to Source Author: Mike McNerney
Cybersecurity researchers have disclosed details of a now-patched privilege escalation vulnerability in Google Cloud Platform (GCP) Cloud Run that could have allowed a malicious actor to access container images and even inject malicious code. “The vulnerability could have allowed such an identity to abuse its Google Cloud Run revision edit permissions in order to pull […]
Attackers target a familiar industry, law professionals, by hiding the infostealer in ads delivered via Google-based malvertising. Go to Source Author: Elizabeth Montalbano, Contributing Writer
Introduction As the cybersecurity landscape evolves, service providers play an increasingly vital role in safeguarding sensitive data and maintaining compliance with industry regulations. The National Institute of Standards and Technology (NIST) offers a comprehensive set of frameworks that provide a clear path to achieving robust cybersecurity practices. For service providers, adhering to NIST Go to […]
Cybersecurity researchers have shed light on an “auto-propagating” cryptocurrency mining botnet called Outlaw (aka Dota) that’s known for targeting SSH servers with weak credentials. “Outlaw is a Linux malware that relies on SSH brute-force attacks, cryptocurrency mining, and worm-like propagation to infect and maintain control over systems,” Elastic Security Labs said in a new analysis […]