XWorm Malware Exploits Follina Vulnerability in New Wave of Attacks
Cybersecurity researchers have discovered an ongoing phishing campaign that makes use of a unique attack chain to deliver the XWorm malware on targeted systems
Critical infrastructure depends on interconnected operational systems, where cyber incidents can disrupt essential services, safety, and availability.
Search across headline titles and summaries.
Background for this topic.
Critical infrastructure includes systems and assets vital for public health, safety, and economic stability, such as power grids, water treatment, transportation networks, and healthcare facilities. These systems often combine physical components with industrial control systems (ICS) and operational technology (OT) that manage essential services in real time.
From an information-security perspective, critical infrastructure faces risks like unauthorized access to control systems, disruption of service availability, and manipulation of sensor data. Defending these assets requires specialized security measures tailored to ICS environments, including network segmentation, strict access controls, and continuous monitoring for anomalies. Ensuring resilience also involves coordinated efforts between operators and government agencies to address vulnerabilities unique to legacy systems and proprietary protocols.
Cybersecurity researchers have discovered an ongoing phishing campaign that makes use of a unique attack chain to deliver the XWorm malware on targeted systems
New "Greatness" phishing-as-a-service used in attacks targeting manufacturing, healthcare, technology, and other sectors.
A previously undetected advanced persistent threat (APT) actor dubbed Red Stinger has been linked to attacks targeting Eastern Europe since 2020
Perseus to the rescue as Snake eats itself The FBI has cut off a network of Kremlin-controlled computers used to spread the Snake malware which, according to the Feds, has been used by Russia's FSB to steal sensitive documents from NATO members for almost two decades.…
The breach reportedly affected a database accessed via stolen client credentials
The suspected Pakistan-aligned threat actor known as SideCopy has been observed leveraging themes related to the Indian military research organization as part of an ongoing phishing campaign