New FiXS ATM Malware Targeting Mexican Banks
A new ATM malware strain dubbed FiXS has been observed targeting Mexican banks since the start of February 2023
Reports provide structured accounts of cyber incidents, vulnerabilities, and controls, helping readers assess security risks and responses.
Search across headline titles and summaries.
Background for this topic.
A report is a documented account of an event, investigation, assessment, or analysis, supported by evidence and presented for others to review. In information security, the term commonly covers incident findings, vulnerability research, threat-intelligence assessments, audit results, and surveys of security practices. A useful report states its scope, methods, evidence, timeframe, and level of confidence rather than presenting conclusions without context.
Reports help practitioners prioritize remediation, validate controls, and improve incident response, but their details require careful interpretation. A vulnerability report should identify affected versions, exploit conditions, and mitigation steps; an incident report should distinguish confirmed facts from assumptions and protect sensitive personal or investigative data. Threat reports may contain indicators of compromise that need verification before being used in detection systems. Reports used for compliance or executive decisions should preserve a clear evidence trail, since incomplete scope, outdated findings, or undisclosed conflicts can lead to misplaced security priorities.
A new ATM malware strain dubbed FiXS has been observed targeting Mexican banks since the start of February 2023
New study uses AI to analyze text of dark web forum users
The China-aligned Mustang Panda actor has been observed using a hitherto unseen custom backdoor called MQsTTang as part of an ongoing social engineering campaign that commenced in January 2023
A new report from Adaptive Shield looks at the how volume of applications being connected to the SaaS stack and the risk they represent to company data.
A sophisticated attack campaign dubbed SCARLETEEL is targeting containerized environments to perpetrate theft of proprietary data and software
Misconfigured Redis database servers are the target of a novel cryptojacking campaign that leverages a legitimate and open source command-line file transfer service to implement its attack
As a primary working interface, the browser plays a significant role in today's corporate environment. The browser is constantly used by employees to access websites, SaaS applications and internal applications, from both managed and unmanaged devices. A new report published by LayerX, a browser security vendor, finds that attackers are exploiting this reality and are targeting it in increasing
Volume of SaaS assets and events magnifies risks associated with manual management and remediation.
The findings come from DoControl’s latest SaaS Security Threat Landscape report
Endpoint security provider Lookout released its Global State of Mobile Phishing Report, which shows an unprecedented rate of mobile phishing attacks
A stealthy Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus has become the first publicly known malware capable of bypassing Secure Boot, making it a potent threat in the cyber landscape
Cryptocurrency companies are being targeted as part of a new campaign that delivers a remote access trojan called Parallax RAT
A new post-exploitation framework called EXFILTRATOR-22 (aka EX-22) has emerged in the wild with the goal of deploying ransomware within enterprise networks while flying under the radar
The RIG exploit kit (EK) touched an all-time high successful exploitation rate of nearly 30% in 2022, new findings reveal
Spoiler Alert: Organizations with 10,000 SaaS users that use M365 and Google Workspace average over 4,371 additional connected apps
A new ChromeLoader malware campaign has been observed being distributed via virtual hard disk (VHD) files, marking a deviation from the ISO optical disc image format