A Beijing-linked state-sponsored hacking group known as Daggerfly has targeted organizations in Taiwan and a U.S. non-governmental organization (NGO) operating in China, deploying an upgraded suite of malware tools in its most recent campaign. This sophisticated operation highlights the group’s engagement in internal espionage activities, as reported today by Symantec’s…
A newly identified backdoor malware known as Kapeka has been linked to ongoing cyberattacks targeting Eastern European nations, particularly Estonia and Ukraine, since at least mid-2022. This flexible backdoor is believed to be associated with the Russian advanced persistent threat (APT) group Sandworm, a faction also referred to as APT44…
ESET Research has uncovered a troubling expansion of the Telekopye scam network, which now targets popular accommodation booking services such as Booking.com and Airbnb. This development marks a significant shift in the landscape of online scams, where fraudulent activities have increasingly targeted unsuspecting travelers during peak booking seasons. In July…
Massive Data Breach Exposes 1.4 Billion User Accounts Linked to Tencent In a significant cybersecurity incident, threat actor Fenice has reportedly leaked a staggering 1.4 billion user accounts purportedly associated with Tencent, a prominent Chinese technology and internet services company. The breach, which has drawn parallels to the infamous “Mother…
In a significant data breach, the Police Service of Northern Ireland (PSNI) has accidentally exposed sensitive personal information of over 10,000 officers and civilian staff. The disclosed data includes names, ranks, and work locations, creating severe implications for security amid heightened terrorist threats in the region. The breach occurred in…
Organizations are experiencing staggering financial losses, estimated between $94 billion and $186 billion annually, due to the vulnerabilities present in Application Programming Interfaces (APIs) and the automated exploits conducted by malicious bots. This alarming statistic is highlighted in a report titled “The Economic Impact of API and Bot Attacks,” published…
IBM’s 2024 Cost of a Data Breach Report Indicates Growing Threats and Rising Costs In a recent release, IBM (NYSE: IBM) unveiled its annual Cost of a Data Breach Report, highlighting a staggering increase in the global average cost of data breaches, which surged to $4.88 million in 2024. This…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities (KEV) catalog, adding two significant security vulnerabilities linked to active exploitation. These vulnerabilities highlight persistent risks for organizations, particularly those within the federal sphere, and underscore the importance of timely mitigation strategies. The first vulnerability,…
The Russian hacker group known as ToddyCat has drawn significant attention for employing an array of sophisticated tools to maintain access to compromised environments and extract sensitive information. Recently, Russian cybersecurity firm Kaspersky has classified this threat actor as a data harvester conducting operations primarily against governmental organizations—some associated with…
