A recently discovered and patched Windows vulnerability, CVE-2024-43461, has been seen used in the wild by the advanced persistent threat (APT) group Void Banshee. Microsoft describes the vulnerability as a "Windows MSHTML spoofing vulnerability" and first disclosed it to the public following Septem
In what is most likely the first criminal case involving artificially increasing music streams, one musician has been charged with fraudulently inflating music streams. Michael Smith was charged with developing a scheme to create hundreds of thousands of songs with artificial intelligence and using
MacroPack, a framework developed by security researchers for red team exercises, has been abused by various threat actors to deliver several malware payloads to victims. Cisco Talos discovered that threat actors were using MacroPack to deploy malicious payloads that included Havoc, Brute Ratel, and
In a recent filing to the U.S. Securities and Exchange Commission (SEC), oil and gas services giant Halliburton revealed they had suffered a cyberattack that disrupted the company's IT systems and business operations. According to the filing, the company reported the attack on August 21, 2024.
In recently published research, researchers at security firm ESET discovered a zero-day vulnerability impacting WPS Office for Windows. WPS Office, developed by Chinese firm Kingsoft, is incredibly popular in Asia. Reportedly, it has over 500 million active users worldwide. ESET researchers discove
Threat actors have begun using progressive web applications (PWA) to impersonate banking apps with the goal of tricking victims into unwillingly handing over online banking credentials. PWAs have been defined as, ...an app that's built using web platform technologies, but that provides a us
Kootenai Health, a not-for-profit healthcare provider in Idaho, operating the largest hospital in the region, offering a wide range of medical services, including emergency care, surgery, cancer treatment, cardiac care, and orthopedics, disclosed they had suffered a data breach. Approximately over
A recent article published by Reuters shows a marked increase in GPS Spoofing attacks targeting airlines. GPS spoofing is a malicious attack in which Global Positioning System (GPS) data is manipulated to mislead a GPS receiver about its actual location. This could cause significant disruptions, as
In a statement released by INTERPOL, it was revealed the international policing agency helped recover 40 million USD stolen from a victim who suffered a Business Email Compromise (BEC) attack. These are attacks where threat actors compromise an enterprises' email service, then trick employees to pa
A recent report by Zscaler revealed that the Dark Angels ransomware gang received a record-breaking 75 million USD ransom payment from a Fortune 50 company. The report stated, In early 2024, ThreatLabz uncovered a victim who paid Dark Angels $75 million, higher than any publicly known amoun