Key TakeawaysBlueHammer zero-day exploit: A disgruntled researcher publicly released code for an unpatched Windows privilege escalation vulnerability, granting attackers elevated system permissions.Disclosure motivations: The researcher…

Key TakeawaysDrift hack execution: A highly sophisticated $28.5 million cryptocurrency theft compromised operational contributors and cloud assets following a prolonged infiltration.DPRK social engineering: State-sponsored North…

Key TakeawaysAlleged leader identified: German authorities unmasked Daniil Maksimovich Shchukin as "UNKN," the alleged mastermind behind the REvil and GandCrab ransomware operations.Extensive sabotage acts: The…

Key TakeawaysFraudulent notices: Threat actors deploy SMS-based social engineering campaigns impersonating state judicial systems, alleging outstanding traffic violations requiring immediate payment.QR code attack: These phishing…

Hagit Ynon – Pentera Hagit Ynon has been named Chief Financial Officer at Pentera, joining the cybersecurity company as it continues its global expansion. She…

This week’s cybersecurity activity shows a clear focus on gaining access and visibility inside systems, with supply chain attacks, credential theft, and spyware.  From fileless…

Key TakeawaysGuilty plea: A 59-year-old Missouri man entered a guilty plea for executing an internal network compromise and subsequent extortion attempt.Targeted cyberattack execution: The operations…

Key TakeawaysSocial engineering: Hackers breached the Hims & Hers third-party ticketing system via social engineering tactics between February 4 and February 7.Stolen customer data: The…

Key TakeawaysDuc App breach: A massive data leak exposed over 360,000 unencrypted files containing sensitive customer information from the Duales money-transfer application.Amazon storage server: The…

Key TakeawaysLNK file attacks: Recent Democratic People's Republic of Korea (DPRK) cyber campaigns utilize malicious LNK files containing encoded PowerShell scripts to infiltrate systems and…

Key TakeawaysiOS 18.7.7 update: Apple deployed emergency patches for older iPhones and iPads to neutralize critical vulnerabilities tied to a leaked exploitation toolkit.DarkSword attacks: The…

Key TakeawaysAlleged breach impact: Cisco faces intense scrutiny following reports of a significant internal network intrusion that may have exposed 3 million Salesforce records.Trivy vulnerability…

Key TakeawaysLi Xiong extradition: Cambodian authorities transferred the former Huione Group chairman to China on charges of alleged leadership of transnational fraud networks.Huione Group cyber…

Key TakeawaysFake app: WhatsApp alerted approximately 200 users, primarily located in Italy, about downloading a malicious iOS application disguised as the official messaging platform.SIO spyware…

Key TakeawaysAttribution confirmed: Google Threat Intelligence Group attributes the Axios supply chain attack to North Korea-linked hackers, specifically the threat actor UNC1069.Account hijacked: An npm…

Key TakeawaysSyndicate scale exposed: Strike Force Carieville uncovered a dark net drug syndicate that facilitated an $80 million drug supply operation over eight years.Recent target…

Key TakeawaysTargeted regions affected: A suspected Iran-nexus password spray campaign primarily impacts Microsoft 365 tenants across Israel and the UAE, specifically focusing on municipal sectors.Password…

Key TakeawaysProton VPN server expansion: Proton VPN server expansion adds five countries improving access speed privacy and regional connectivity for usersUser driven infrastructure growth: Expansion…

Key TakeawaysRussia VPN crackdown plans: Russia VPN crackdown plans include limiting usage increasing costs and restricting platform access for usersGovernment and tech involvement: Authorities push…

Key TakeawaysIPVanish Threat Protection Pro launch: IPVanish Threat Protection Pro adds always on security blocking malware phishing ads trackers without VPN connectionAdvanced real time threat…