In a troubling development for cybersecurity, the BlackByte ransomware group has shifted tactics by exploiting a newly discovered authentication bypass vulnerability in VMware ESXi, tracked as CVE-2024-37085. This vulnerability has allowed attackers to compromise critical infrastructure within enterprise networks, highlighting a significant shift in the threat landscape.

Analysis of cryptocurrency payments made on the blockchain highlights shifts in the size and frequency of ransomware attacks and may paint a bleak picture for the remainder of the year. Each quarter, blockchain analysis company, Chainalysis, analyzes cybercriminal activity from the perspective of blockchain use to facilitate payments, crypto theft, etc.

Latrodectus is a downloader first discovered by Walmart back in October of 2023. The malware became very famous due to its similarities with the famous IcedID malware, not only in the code itself but also the infrastructure, as previously reported by Proofpoint and Team Cymru S2. The malware is usually delivered via email spam campaigns conducted by two specific threat actors: TA577 and TA578.

Read also: A money launderer for the Lazarus hackers arrested in Argentina, US offers $2.5M for the Angler hacker, and more.

A Rubrik Zero Labs report found that 66% of IT and security leaders report that data growth outpaces their ability to secure data and mitigate risk. Adversaries are noticing, increasing the sophistication of cyberattacks, and leveraging gaps in coverage to target critical data for destruction, theft, or extortion. As the volume of data continues to grow and exacerbate visibility challenges, organizations must find ways to manage and protect their constantly expanding data.

In a recent cybersecurity alert, the infamous Iranian hacking group APT33 (also known as Peach Sandstorm and Refined Kitten) has unleashed a new form of malware named "Tickler" to compromise the networks of various organizations across critical sectors in the United States and the United Arab Emirates. This latest campaign, observed between April and July 2024, has primarily targeted government, defense, satellite, and oil and gas industries.

Spyware is a type of malware that can be installed on your device without your knowledge. The main goal of spyware is to spy on you and gather your private information, like passwords or credit card information. Despite spyware being elusive and undetectable at times, you can tell if there is spyware on your laptop by recognizing common signs. Some of these signs include unwanted pop-up ads, slower performance, shorter battery life and redirections on your browser.

There are several different types of spyware, such as adware, stalkerware and keyloggers. No matter what kind of spyware is installed on your device, it is frightening to have your privacy invaded and sensitive information stolen by cybercriminals. Read more to learn what spyware is, the different types of spyware and how to protect your devices from spyware.

BlueVoyant’s Threat Fusion Cell (TFC) uncovered a focused campaign targeting the advanced manufacturing sector. This campaign aims to steal Microsoft credentials, by spoofing Microsoft’s login page, to phish for potentially compromising sensitive information.

Xeon Sender targets cloud APIs, Cisco Talos reveals UAT-5394 infrastructure, and attackers leverage public.env files to extort victims.