SecurityWeek

Weaver Ant, a cyberespionage-focused APT operating out of China, is targeting telecom providers for persistent access.

Threats themselves change very little, but the tactics used are continually revised to maximize the criminals’ return on investment and effort.

Frank Trezza is fairly typical of most hackers. Early pranks sometimes leading to something more serious.

Authorities in seven African countries arrested 300 suspects in an international crackdown on cybercriminal networks targeting businesses.

Critical remote code execution vulnerabilities found by Wiz researchers in Ingress NGINX Controller for Kubernetes.

The effects of the backlog are already being felt in vulnerability management circles where NVD data promises an enriched source of truth.

Oracle has denied that Cloud systems have been breached after a hacker claimed to have stolen millions of records.

A Russian exploit acquisition firm is offering up to $4 million for a full-chain exploit targeting messaging service Telegram.

The US Department of the Treasury has removed sanctions against the fully decentralized cryptocurrency mixer service Tornado Cash.

The FCC is investigating whether Chinese firms such as Huawei, ZTE and China Telecom are still operating in the US.

The Medusa ransomware relies on a malicious Windows driver to disable the security tools running on the infected systems.

NetSfere Integrates ML-KEM and AES into its text, voice and video messaging platform to meet 2027 NSA Quantum Security mandates.

New versions of the Albabat ransomware target Windows, Linux, and macOS, and retrieve configuration files from GitHub.

Public officials and private citizens are consistently warned about hacking and data leaks, but technologies designed to increase privacy often decrease government transparency.

Noteworthy stories that might have slipped under the radar: Capital One hacker’s sentence reversed, Google patches critical Chrome vulnerability, the story of an Expat flaw. 

The Cloak ransomware group has claimed responsibility for a February cyberattack on Virginia Attorney General’s Office.

Join the virtual event as we explore of the critical nature of software and vendor supply chain security issues.

Cato Networks discovers a new LLM jailbreak technique that relies on creating a fictional world to bypass a model’s security controls.

The FishMonger APT group, a subdivision of Chinese cybersecurity firm I-Soon, compromised seven organizations in a 2022 campaign.

Industry professionals comment on Google acquiring cloud security giant Wiz for $32 billion in cash.