PDF Malware on the Rise, Used to Spread WikiLoader, Ursnif and DarkGate
Cybercriminals are increasingly using PDFs to deliver malware, with a 7% rise in threats detected in Q4 2023 compared to Q1, according to a HP Wolf Security report
Reports provide structured accounts of cyber incidents, vulnerabilities, and controls, helping readers assess security risks and responses.
Search across headline titles and summaries.
Background for this topic.
A report is a documented account of an event, investigation, assessment, or analysis, supported by evidence and presented for others to review. In information security, the term commonly covers incident findings, vulnerability research, threat-intelligence assessments, audit results, and surveys of security practices. A useful report states its scope, methods, evidence, timeframe, and level of confidence rather than presenting conclusions without context.
Reports help practitioners prioritize remediation, validate controls, and improve incident response, but their details require careful interpretation. A vulnerability report should identify affected versions, exploit conditions, and mitigation steps; an incident report should distinguish confirmed facts from assumptions and protect sensitive personal or investigative data. Threat reports may contain indicators of compromise that need verification before being used in detection systems. Reports used for compliance or executive decisions should preserve a clear evidence trail, since incomplete scope, outdated findings, or undisclosed conflicts can lead to misplaced security priorities.
Cybercriminals are increasingly using PDFs to deliver malware, with a 7% rise in threats detected in Q4 2023 compared to Q1, according to a HP Wolf Security report
Also: Polish Prime Minister Says Previous Administration Deployed Pegasus SpywareThis week, the Zeus leader pleaded guilty, Prudential detected hackers, U.S. telecoms have to report breaches, Microsoft patched zero-days, researchers said Chinese threat intel is faulty, ransomware hit Romanian healthcare entities, Juniper was breached and Poland allegedly previously used Pegasus.
Menlo Security’s latest report also revealed a 26% surge in security policies tailored for generative AI sites
Nation-state actors associated with Russia, North Korea, Iran, and China are experimenting with artificial intelligence (AI) and large language models (LLMs) to complement their ongoing cyber attack operations
Iran-aligned adversaries have attempted to use cyber tactics to sway public opinion of the Israel-Hamas war, Google found in a new report
Kansas Bank Forced to Close After CEO Allegedly Embezzled Nearly $50 MillionA watchdog report reveals how Heartland Tri-State Bank CEO Shan Hanes allegedly defrauded a local church and investment club in Kansas out of $47.1 million through a "pig-butchering" cryptocurrency scam that ultimately caused the bank to fail in 2023.
The Commission's breach rules for voice and wireless providers, untouched since 2017, have finally been updated for the modern age.
Legislation Aims to Evaluate and Improve Agency's Cybersecurity PostureA new bipartisan Senate bill would require the U.S. Department of Health and Human Services to biennially conduct cybersecurity reviews and tests on its IT systems and report to Congress on how it is updating its cybersecurity strategy to keep up with evolving cyberthreats.
Starting March 13th, telecommunications companies must report data breaches impacting customers' personally identifiable information within 30 days, as required by FCC's updated data breach reporting requirements. [...]