Governance & Risk Management, Security Operations Rapid7 and Jana Partners Forge Cooperation Deal, Expanding Board and Tightening Governance Michael Novinson (MichaelNovinson) • March 24, 2025 Rapid7 has reached an agreement with activist investor Jana Partners, resulting in the addition of three new members to its board of directors and fostering…
Research teams from various cybersecurity firms have uncovered that a recent campaign appears to originate from a loosely organized network of fraud groups instead of a single perpetrator. Each participating group operates its own variations of the Badbox 2.0 backdoor and associated malware modules, distributing these threats through diverse methods.…
Cybercriminals Exploit Remote Access Technologies in New Tech Support Scam Cybersecurity experts at Trend Micro have raised alarms about a sophisticated scam in which cybercriminals impersonate tech support agents to gain illicit access to victims’ computers. This threat extends beyond traditional spam emails; attackers are utilizing a barrage of emails…
In a landscape increasingly dominated by major players like Microsoft and CrowdStrike, vendors in the endpoint security sector are undergoing significant transitions in ownership and business strategies. As these tech giants continue their aggressive expansion, capturing nearly 44% of the $12.6 billion endpoint security market, smaller companies are finding themselves…
In an era where artificial intelligence is making tremendous strides, concerns over cybersecurity are mounting, as recent incidents involving major players like OpenAI and DeepSeek AI underscore the vulnerabilities that accompany such advancements. Both organizations have faced serious breaches, eliciting alarm over the safety of user data and the potential…
On Thursday, researchers from Symantec announced a noteworthy development regarding the RA World ransomware group, which allegedly utilized a sophisticated toolset previously associated only with espionage operations linked to a Chinese threat group. This collaboration signifies a troubling convergence of ransomware and state-sponsored hacking capabilities. The toolset in question, identified…
Zero-Day Vulnerability Discovered in 7-Zip Amid Ongoing Conflict in Ukraine In recent developments, security researchers have identified a zero-day vulnerability in the widely used 7-Zip archiving application, which has reportedly been exploited in connection with Russia’s military operations in Ukraine. The vulnerability poses a significant security risk, as it allows…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Espionage and Cybercrime Campaign Linked to 7-Zip Mark-of-the-Web Exploit Targeting Ukraine Mathew J. Schwartz (euroinfosec) • February 4, 2025 Image: Shutterstock A severe security vulnerability in the widely utilized Windows archiving tool, 7-Zip, has reportedly been leveraged by Russian cyber adversaries to…
In early January 2025, the cybersecurity landscape is already experiencing significant disruptions, particularly driven by the proliferation of Internet of Things (IoT) devices. Researchers report an uptick in Distributed Denial of Service (DDoS) attacks that target various IoT-connected devices, including home routers and surveillance cameras. As these devices become increasingly…
