One Click, Total Shutdown: The "Patient Zero" Webinar on Killing Stealth Breaches
The hardest part of cybersecurity isn't the technology, it’s the people
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The hardest part of cybersecurity isn't the technology, it’s the people
Some customer orgs tell staff to block inbound email from the provider Autovista confirms that it called in outside support to help clean up a ransomware infection currently affecting systems in Europe and Australia.…
Continuous investigation on the Water Saci campaign reveals innovative email-based C&C system, multi-vector persistence, and real-time command capabilities that allow attackers to orchestrate coordinated botnet operations, gather detailed campaign intelligence, and dynamically control malware activity across multiple infected machines.
Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell
Stolen credentials edge out email tricks for cloud break-ins because they're so easy to get Criminals used stolen credentials more frequently than email phishing to gain access into their victims' IT systems last year, marking the first time that compromised login details claimed the number two spot in Mandiant's list of most common initial infection vectors.…
A spear-phishing email campaign has been observed targeting recruiters with a JavaScript backdoor called More_eggs, indicating persistent efforts to single out the sector under the guise of fake job applicant lures
Cybersecurity researchers have shed light on a new phishing campaign that has been identified as targeting people in Pakistan using a custom backdoor
Cybersecurity researchers have observed a spike in email phishing campaigns starting early March 2024 that delivers Latrodectus, a nascent malware loader believed to be the successor to the IcedID malware
Cybersecurity researchers have discovered an intricate multi-stage attack that leverages invoice-themed phishing decoys to deliver a wide range of malware such as Venom RAT, Remcos RAT, XWorm, NanoCore RAT, and a stealer that targets crypto wallets
Cybersecurity researchers are warning about a spike in email phishing campaigns that are weaponizing the Google Cloud Run service to deliver various banking trojans such as Astaroth (aka Guildma), Mekotio, and Ousaban (aka Javali) to targets across Latin America (LATAM) and Europe
Phishing campaigns delivering malware families such as DarkGate and PikaBot are following the same tactics previously used in attacks leveraging the now-defunct QakBot trojan
The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday said it thwarted a cyber attack against an unnamed critical energy infrastructure facility in the country
That patch we issued? Yeah, it wasn't enough Barracuda has now told customers to "immediately" replace infected Email Security Gateway (ESG) appliances — even if they have received a patch to fix a critical bug under exploit.…
'Serious breach of trust' says ICO, 'stakes too high' for mistakes in cases like this In a classic email snafu NHS Highland sent messages to 37 patients infected with HIV and inadvertently used carbon copy (CC) instead of Blind Carbon Copy meaning the recipients could see each other’s email addresses.…
We analyze an infection campaign targeting organizations in the Middle East for cyberespionage in December 2022 using a new backdoor malware. The campaign abuses legitimate but compromised email accounts to send stolen data to external mail accounts controlled by the attackers.
Hope the name Hackspace doesn't stick Rackspace has admitted a ransomware infection was to blame for the days-long email outage that disrupted services for customers. …
Initial infection begins with a phishing email containing a Microsoft Office attachment
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of phishing attacks that deploy an information-stealing malware called Jester Stealer on compromised systems
The Emotet malware phishing campaign is up and running again after the threat actors fixed a bug preventing people from becoming infected when they opened malicious email attachments. [...]
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new wave of social engineering campaigns delivering IcedID malware and leveraging Zimbra exploits with the goal of stealing sensitive information