In an eleventh-hour scramble before a key contract was set to expire on Tuesday night, the United States Cybersecurity and Infrastructure Security Agency renewed its funding for the longtime software-vulnerability-tracking project known as the Common Vulnerabilities and Exposures Program. Managed… Read More "‘Stupid and Dangerous’: CISA Funding Chaos Threatens Essential Cybersecurity Program"
On February 21, the largest crypto heist ever started to unfold. Hackers gained control of a crypto wallet belonging to the world’s second-largest cryptocurrency exchange, Bybit, and stole almost $1.5 billion of digital tokens. They quickly shunted the money between… Read More "TraderTraitor: The Kings of the Crypto Heist"
One of the most prominent of the smishing actors is often referred to as the Smishing Triad—although security researchers group Chinese-speaking threat actors and affiliates in different ways—which has impersonated organizations and brands in at least 121 countries, according to… Read More "Smishing Triad: The Scam Group Stealing the World’s Riches"
The pecking order of ransomware gangs is always shifting and evolving, with the most aggressive and reckless groups netting big payouts from vulnerable targets—but often ultimately flaming out. Russian-speaking group Black Basta is the latest example of the trend having… Read More "Black Basta: The Fallen Ransomware Gang That Lives On"
As China continues its digital gambit around the world, researchers are warning that hacking activity from long-tracked groups is evolving and blending together. On top of that, attackers are hiding their campaigns more effectively and blurring the lines between cybercriminals… Read More "Brass Typhoon: The Chinese Hacking Group Lurking in the Shadows"
Around the same time, CyberAv3ngers also posted on Telegram that it had hacked into the digital systems of more than 200 Israeli and US gas stations—incidents which Claroty says did occur in some cases, but were largely limited to hacking… Read More "CyberAv3ngers: The Iranian Saboteurs Hacking Water and Gas Systems Worldwide"
Understanding system vulnerabilities, threats, and countermeasures is essential for maintaining a secure computing environment. In this regard, this article discusses some of the key vulnerabilities and threats that concern emanations, covert channels, backdoors, malicious code, server-side and client-side attacks, web… Read More "Overview of System Vulnerabilities and Threats"
