Author Info

Recently, the SmokeLoader malware has re-emerged, targeting key industries in Taiwan, including manufacturing, healthcare, and information technology. This latest threat highlights the malware's capacity to conduct complex attacks through its modular design. Fortinet FortiGuard Labs reports that SmokeLoader is exploiting its flexibility to execute attacks autonomously by downloading

A cybersecurity group aligned with North Korea, known as Kimsuky, has been identified in a series of sophisticated phishing attacks designed to steal user credentials. The method involves deploying emails that seemingly originate from Russian senders. Shift in Tactics Initially utilizing Japanese and Korean email services, Kimsuky shifted in mid-September

A Moscow court has handed a life sentence to Stanislav Moiseyev, identified as the orchestrator of Hydra Market, a globally notorious dark web marketplace. The court also imposed a fine of four million roubles on him, while fifteen of his associates received prison terms ranging from 8 to 23 years,

Cisco has issued a new advisory concerning the active exploitation of a ten-year-old security flaw in its Adaptive Security Appliance (ASA) software. The vulnerability, identified as CVE-2014-2120, poses a potential risk for cross-site scripting (XSS) attacks through ASA's WebVPN. Vulnerability Overview CVE-2014-2120, with a CVSS score of 4.

In a major step forward in the fight against cybercrime, INTERPOL's global initiative, Operation HAECHI V, has led to the arrest of over 5,500 cybercriminals and the recovery of more than $400 million in stolen funds. This operation, which spanned five months from July to November 2024,

The growing reliance on Chinese-manufactured LiDAR (Light Detection and Ranging) sensors in U.S. defense systems and critical infrastructure has raised alarms about national security vulnerabilities. These sensors, which use laser pulses to generate high-resolution 3D maps, are critical to applications ranging from autonomous vehicles to missile guidance systems. However,

A sophisticated phishing-as-a-service platform named Rockstar 2FA has recently surfaced, designed to conduct extensive adversary-in-the-middle (AiTM) attacks targeting Microsoft 365 credentials. Rockstar 2FA, a newly identified PhaaS platform, enables cybercriminals to execute large-scale phishing operations. This service is specifically engineered to exploit two-factor authentication (2FA) by intercepting and capturing sensitive

Mikhail Pavlovich Matveev, a Russian national known by aliases such as Wazawaka, Uhodiransomwar, m1x, and Boriselcin, has been apprehended in Russia for his alleged connections to several notorious hacking groups. Matveev is accused of developing ransomware aimed at encrypting data from commercial entities to demand a ransom for decryption. Arrest

In a recent security development, U.S. telecom giant T-Mobile discovered efforts by cybercriminals to breach its network. However, the company assured that no sensitive information was accessed during these attempts. According to Jeff Simon, T-Mobile's Chief Security Officer, the intrusions were traced back to a wireline provider&