Mar 03, 2025Ravie LakshmananRansomware / Vulnerability Threat actors have been exploiting a security vulnerability in Paragon Partition Manager’s BioNTdrv.sys driver in ransomware attacks to escalate privileges and execute arbitrary code. The zero-day flaw (CVE-2025-0289) is part of a set of… Read More "Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks"
Mar 03, 2025Ravie LakshmananCloud Security / Email Security Threat actors are targeting Amazon Web Services (AWS) environments to push out phishing campaigns to unsuspecting targets, according to findings from Palo Alto Networks Unit 42. The cybersecurity company is tracking the… Read More "Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail"
Mar 03, 2025Ravie LakshmananData Privacy / Compliance The U.K.’s Information Commissioner’s Office (ICO) has opened an investigation into online platforms TikTok, Reddit, and Imgur to assess the steps they are taking to protect children between the ages of 13 and… Read More "U.K. ICO Investigates TikTok, Reddit, and Imgur Over Children’s Data Protection Practices"
Mar 03, 2025Ravie LakshmananCybercrime / Malware Cybersecurity researchers are calling attention to a new phishing campaign that employs the ClickFix technique to deliver an open-source command-and-control (C2) framework called Havoc. “The threat actor hides each malware stage behind a SharePoint… Read More "Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites"
In 2024, global ransomware attacks hit 5,414, an 11% increase from 2023. After a slow start, attacks spiked in Q2 and surged in Q4, with 1,827 incidents (33% of the year’s total). Law enforcement actions against major groups like LockBit… Read More "The New Ransomware Groups Shaking Up 2025"
Mar 03, 2025Ravie LakshmananMobile Security / Botnet Brazil, South Africa, Indonesia, Argentina, and Thailand have become the targets of a campaign that has infected Android TV devices with a botnet malware dubbed Vo1d. The improved variant of Vo1d has been… Read More "Vo1d Botnet’s Peak Surpasses 1.59M Infected Android TVs, Spanning 226 Countries"
Mar 01, 2025Ravie LakshmananPrivacy / Data Protection Firefox browser maker Mozilla on Friday updated its Terms of Use a second time within a week following criticism overbroad language that appeared to give the company the rights to all information uploaded… Read More "Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language"
Feb 28, 2025Ravie LakshmananFinancial Fraud / Cyber Espionage The threat actor known as Sticky Werewolf has been linked to targeted attacks primarily in Russia and Belarus with the aim of delivering the Lumma Stealer malware by means of a previously… Read More "Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus"
Cybersecurity researchers have uncovered a widespread phishing campaign that uses fake CAPTCHA images shared via PDF documents hosted on Webflow’s content delivery network (CDN) to deliver the Lumma stealer malware. Netskope Threat Labs said it discovered 260 unique domains hosting… Read More "Fake CAPTCHA PDFs Spread Lumma Stealer via Webflow, GoDaddy, and Other Domains"
Remote Desktop Protocol (RDP) is an amazing technology developed by Microsoft that lets you access and control another computer over a network. It’s like having your office computer with you wherever you go. For businesses, this means IT staff can… Read More "a Double-Edged Sword for IT Teams – Essential Yet Exploitable"
