Zero-Day Vulnerability Discovered in 7-Zip Amid Ongoing Conflict in Ukraine In recent developments, security researchers have identified a zero-day vulnerability in the widely used 7-Zip archiving application, which has reportedly been exploited in connection with Russia’s military operations in Ukraine. The vulnerability poses a significant security risk, as it allows…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Espionage and Cybercrime Campaign Linked to 7-Zip Mark-of-the-Web Exploit Targeting Ukraine Mathew J. Schwartz (euroinfosec) • February 4, 2025 Image: Shutterstock A severe security vulnerability in the widely utilized Windows archiving tool, 7-Zip, has reportedly been leveraged by Russian cyber adversaries to…
In early January 2025, the cybersecurity landscape is already experiencing significant disruptions, particularly driven by the proliferation of Internet of Things (IoT) devices. Researchers report an uptick in Distributed Denial of Service (DDoS) attacks that target various IoT-connected devices, including home routers and surveillance cameras. As these devices become increasingly…
Surge in DDoS Attacks Linked to Variants of Mirai Botnet Recent investigations reveal that distinct offshoots of the notorious Mirai botnet are driving a new wave of distributed denial-of-service (DDoS) attacks around the globe. One variant is taking advantage of specific vulnerabilities in Internet of Things (IoT) devices to construct…
Data Protection and Cybersecurity Stocks Diverge in 2024: Analysis and Implications In 2024, cyber security stocks exhibited polarized performance, with companies focused on data protection experiencing significant gains largely driven by rising investments in artificial intelligence. In contrast, established firms in the vulnerability management segment faced double-digit declines in stock…
Recent analyses indicate that users of cybercrime forums have been discussing and recommending the “Big Mama” proxy service over the past year. Notably, in April, Cisco Talos, a cybersecurity division of Cisco, reported seeing traffic from Big Mama Proxy among other proxies, utilized by attackers trying to brute force access…
Cyberwarfare / Nation-State Attacks, Endpoint Security, Fraud Management & Cybercrime Possible State-Sponsored Exploit Kit Leveraging Browser Vulnerabilities for Spyware Deployment Anviksha More (AnvikshaMore) • December 6, 2024 Inside a “vocational skills education and training center” in Wensu County, Aksu Prefecture, Xinjiang. (Image: Shutterstock) In recent developments, a potential threat group…
A newly identified botnet, known as Goldoon, has emerged with a focus on exploiting a long-standing vulnerability within D-Link routers. This vulnerability, designated as CVE-2015-2051, has been present for nearly ten years, affecting models like the D-Link DIR-645. The flaw permits remote attackers to execute arbitrary commands through specially crafted…
The cyber threat landscape continues to evolve as researchers from Trend Micro report that the perpetrators behind the RedLine and Vidar information stealers are shifting their tactics to include ransomware attacks. This alarming trend has been facilitated through phishing campaigns that distribute malware utilizing Extended Validation (EV) code signing certificates,…
