“Cyber warfare is as much about psychological strategy as technical prowess.”
― James Scott
-
Secret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow Embassies [email protected] (The Hacker News)
The Russian nation-state threat actor known as Secret Blizzard has been observed orchestrating a new cyber espionage campaign targeting foreign embassies located in Moscow by means of an adversary-in-the-middle (AitM) attack at the Internet Service Provider (ISP) level and delivering a custom malware dubbed ApolloShadow. “ApolloShadow has the capability to install a trusted root certificate…
-
Experts Detect Multi-Layer Redirect Tactic Used to Steal Microsoft 365 Login Credentials [email protected] (The Hacker News)
Cybersecurity researchers have disclosed details of a new phishing campaign that conceals malicious payloads by abusing link wrapping services from Proofpoint and Intermedia to bypass defenses. “Link wrapping is designed by vendors like Proofpoint to protect users by routing all clicked URLs through a scanning service, allowing them to block known malicious destinations at the…
-
N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto [email protected] (The Hacker News)
The North Korea-linked threat actor known as UNC4899 has been attributed to attacks targeting two different organizations by approaching their employees via LinkedIn and Telegram. “Under the guise of freelance opportunities for software development work, UNC4899 leveraged social engineering techniques to successfully convince the targeted employees to execute malicious Docker containers in theirRead More
-
How to remove ransomware, step by step
Prevention is the best weapon against a ransomware infection. But in the event of compromise, consider these responses to contain and remove ransomware.Read More
-
How liveness detection catches deepfakes and spoofing attacks
Biometric liveness detection can stop fake users in their tracks. Learn how the technology works to distinguish real humans from deepfakes and other spoofing attacks.Read More
-
AI-Driven Trends in Endpoint Security: What the 2025 Gartner® Magic Quadrant™ Reveals [email protected] (The Hacker News)
Cyber threats and attacks like ransomware continue to increase in volume and complexity with the endpoint typically being the most sought after and valued target. With the rapid expansion and adoption of AI, it is more critical than ever to ensure the endpoint is adequately secured by a platform capable of not just keeping pace,…
-
UNC2891 Breaches ATM Network via 4G Raspberry Pi, Tries CAKETAP Rootkit for Fraud [email protected] (The Hacker News)
The financially motivated threat actor known as UNC2891 has been observed targeting Automatic Teller Machine (ATM) infrastructure using a 4G-equipped Raspberry Pi as part of a covert attack. The cyber-physical attack involved the adversary leveraging their physical access to install the Raspberry Pi device and have it connected directly to the same network switch as…
-
Alert Fatigue, Data Overload, and the Fall of Traditional SIEMs [email protected] (The Hacker News)
Security Operations Centers (SOCs) are stretched to their limits. Log volumes are surging, threat landscapes are growing more complex, and security teams are chronically understaffed. Analysts face a daily battle with alert noise, fragmented tools, and incomplete data visibility. At the same time, more vendors are phasing out their on-premises SIEM solutions, encouraging migration to…
-
Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install [email protected] (The Hacker News)
Threat actors are actively exploiting a critical security flaw in “Alone – Charity Multipurpose Non-profit WordPress Theme” to take over susceptible sites. The vulnerability, tracked as CVE-2025-5394, carries a CVSS score of 9.8. Security researcher Thái An has been credited with discovering and reporting the bug. According to Wordfence, the shortcoming relates to an arbitrary…
-
Hackers Use Facebook Ads to Spread JSCEAL Malware via Fake Cryptocurrency Trading Apps [email protected] (The Hacker News)
Cybersecurity researchers are calling attention to an ongoing campaign that distributes fake cryptocurrency trading apps to deploy a compiled V8 JavaScript (JSC) malware called JSCEAL that can capture data from credentials and wallets. The activity leverages thousands of malicious advertisements posted on Facebook in an attempt to redirect unsuspecting victims to counterfeit sites that instructRead…
“Security used to be an inconvenience sometimes, but now it’s a necessity all the time.”
― Martina Navratilova