Daily Cyber Brief
Chinese hackers using imposter domains in massive phishing campaign, new phishing kit impersonates well-known brands to target US shoppers, and researchers cracked Russian Zeppelin ransomware keys...
Cybersecurity
A China-based financially motivated group is leveraging the trust associated with popular international brands to orchestrate a large-scale phishing campaign dating back as far as 2019. The threat actor, dubbed Fangxiao by Cyjax, is said to have registered over 42,000…
A sophisticated phishing kit has been targeting North Americans since mid-September, using lures focused on holidays like Labor Day and Halloween. The kit uses multiple evasion detection techniques and incorporates several mechanisms to keep non-victims away from its…
Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “Zeppelin” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were…
The Emotet malware-delivery botnet is back after a short hiatus, quickly ramping up the number of malicious emails it's sending and sporting additional capabilities, including changes to its binary and delivering a new version of the IcedID malware dropper. There also…
Cybersecurity powerhouse Palo Alto Networks on Thursday announced plans to spend $195 million in cash to acquire Israeli startup Cider Security, a deal that adds software supply chain security capabilities to its Prisma Cloud platform. Palo Alto Networks said the transaction…
E-commerce malware and vulnerability detection firm Sansec warns of a surge in cyberattacks targeting CVE-2022-24086, a critical mail template vulnerability affecting Adobe Commerce and Magento stores. Adobe released emergency patches for CVE-2022-24086…
Several IT professionals worry that cybersecurity-specific funding might be at risk, suggests new data by JumpCloud. According to the company's Q4 2022 IT Trends for Small and Medium-Sized Enterprises (SMEs) report, 44% of those surveyed agree their organization will…
The Defense Department has largely won out in a long-running bureaucratic battle with the State Department over retaining its expansive powers to launch cyber operations without significant input from other government agencies, according to two sources familiar with the…
Microsoft has resolved a known issue triggering errors and temporarily causing the taskbar and desktop to disappear on Windows 10 systems. The company also linked the same issue with instances where the users' devices would stop responding to input and freeze…
The federal enforcement office that oversees more than 1,600 offshore oil and gas facilities has done little to address growing cybersecurity risks, according to a watchdog report released on Thursday. The Government Accountability Office said that the Department of Interior’s…