A targeted cyber intrusion campaign has been actively engaging telecommunications and business process outsourcing (BPO) companies since at least June 2022. This ongoing assault aims to infiltrate mobile carrier networks and is characterized by SIM swapping techniques, as highlighted in recent investigations by CrowdStrike. Researcher Tim Parisi detailed these findings…
Google has issued urgent out-of-band security updates to rectify a critical vulnerability in its Chrome browser for Windows. This flaw, designated as CVE-2025-2783 (CVSS score: 8.3), has reportedly been exploited in real-world phishing attacks aimed primarily at organizations in Russia. Described as stemming from an “incorrect handle provided in unspecified…
In 2024, a total of 5,414 ransomware attacks occurred worldwide, representing an 11% increase compared to 2023. Following a gradual start, ransomware incidents surged in the second quarter and peaked in the fourth, accounting for 1,827 incidents—approximately 33% of the total for the year. Notably, law enforcement actions against prominent…
Rackspace Confirms Ransomware Attack by Play Group On Thursday, cloud services provider Rackspace identified the ransomware group known as Play as the responsible party behind a recent security breach that occurred in December 2022. The breach targeted Rackspace’s Hosted Exchange email environment, taking advantage of a previously undisclosed vulnerability. The…
Recent findings from cybersecurity experts reveal a vulnerability in Google’s Quick Share data transfer tool for Windows, which can be manipulated to cause denial-of-service (DoS) issues or transmit files to users’ devices without their consent. This flaw underscores serious security concerns for users relying on this peer-to-peer file-sharing utility. Categorized…
Microsoft recently acknowledged an individual operating under the EncryptHub alias for uncovering and reporting two significant security vulnerabilities in Windows. This acknowledgment depicts a complex profile of a person straddling a legitimate cybersecurity career while engaging in cybercriminal activities. According to a detailed analysis by Outpost24 KrakenLabs, the individual behind…
The Emotet malware operation has significantly evolved in its approach, employing refined tactics designed to evade detection while simultaneously facilitating the distribution of other malicious software, including Bumblebee and IcedID. Initially dismantled in early 2021, Emotet re-emerged later that year and has since posed a relentless threat primarily through phishing…
In recent developments, Microsoft has unveiled critical security patches addressing a staggering array of 125 vulnerabilities across its software platforms. Among these, one vulnerability has been identified as under active exploitation in the wild, raising significant alarms within the cybersecurity community. Of the reported vulnerabilities, 11 are designated as Critical,…
A newly identified variant of the Clop ransomware has emerged, specifically targeting Linux systems. Discovered actively exploiting vulnerabilities, this version utilizes a flawed encryption algorithm, enabling the recovery of encrypted files without the need to pay the associated ransom. According to SentinelOne researcher Antonis Terefos, the ELF executable associated with…
