As critical Microsoft software vulnerabilities decline, attackers will need to chain together less severe exploits to achieve code execution, elevate system privilege levels, and move around victim networks.
Organisations in Asia-Pacific countries including Indonesia, the Philippines, Thailand, and India are generally more prepared for cyberattacks than their peers in more economically developed nations, according to a new Cisco report.
The shift in the operating model comes as a result of Avast’s release of a decryption tool that allowed a victim of BianLian ransomware gang to decrypt and recover their files without paying the ransom.
The Phoenix group claims to have access to all hospitals in India and information on hospital employees and chief physicians.
Security researchers have found that threat actors have already registered suspicious domains and pages to carry out the attacks.
The company detected unauthorised access to its systems in May 2020 that impacted 13,000 customers.
The company’s marketing vendor suffered a security failure in January and exposed CPNI data that included first names, wireless account numbers, wireless phone numbers, and email addresses.
While open source software is the bedrock of modern software development, it is also the weakest link in the software supply chain, according to a report by Endor Labs.
Data centre access credentials from some of the world's biggest companies, including financial organisations and tech vendors, have been leaked on the dark web, according to Resecurity.
The US Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory about stepped-up Russian 'disruptive' actions right after Ukraine detected a cyberattack on government websites.
Almost all applications contain at least some open source code, and 48% of code bases contained high-risk vulnerabilities.
The new V3G4 variant of Mirai, which creates botnets for DDoS attacks, exploited 13 different vulnerabilities in three campaigns over a six-month period, Palo Alto Network’s Unit 42 team reports.
Cyberthreat group DEV-0147 is deploying the ShadowPad RAT to hit diplomatic targets in South America, expanding from its traditional attack turf in Asia and Europe, Microsoft says.
The stolen information includes personal information of employees, including financial account information, state and federal government-issued ID numbers, driver’s license numbers, ID cards, social security numbers, and digital signatures.
Cyber security agencies globally, including in Singapore, have issued alerts about a ransomware attack targeting the VMware ESXi hypervisor.Aourva.