Featured
Russian Ransomware Groups Recruiting Penetration Testers to Enhance Attack Capabilities
Russian cybercrime gangs are actively seeking skilled penetration testers on underground forums to strengthen their ransomware operations. The concerning trend, revealed in a Cato Networks report, highlights the growing professionalization of ransomware attacks and lowering barriers to entry in cybercrime.
D-Link Discontinues Support for VPN Routers with Critical Security Flaw
D-Link advises immediate retirement of multiple vulnerable VPN router models affected by an unfixable remote code execution flaw. The company confirms no security patches will be released for the discontinued devices, urging users to upgrade to newer supported models.
New Helldown Ransomware Campaign Exploits Critical Zyxel VPN Vulnerabilities
A sophisticated ransomware group called Helldown has compromised 31 organizations by exploiting Zyxel firewall vulnerabilities. The threat actors employ advanced tactics including undocumented exploits, aggressive data theft reaching 431GB, and both Windows and Linux variants targeting virtualized infrastructure.
Russian National Charged in $16M Phobos Ransomware Operation After South Korean Extradition
Evgenii Ptitsyn, a 42-year-old Russian national, faces criminal charges for allegedly running the Phobos ransomware operation that targeted over 1,000 organizations globally. Operating under aliases on the darknet, Ptitsyn and associates allegedly extorted more than $16 million through sophisticated cyber extortion schemes.
CISA Mandates Critical Security Patches for LoadMaster and PAN-OS Vulnerabilities
CISA has added critical security flaws in Progress Kemp LoadMaster and Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities catalog. Federal agencies must patch these authentication bypass and privilege escalation vulnerabilities by December 2024 to prevent unauthorized system access.
New SafePay Ransomware Operation Emerges Using LockBit Builder to Target Organizations
A rising cybercrime group called SafePay has claimed 22 victims using LockBit-based ransomware and sophisticated attack methods. The operation, discovered by Huntress researchers, exploits RDP access and employs data theft tools while showing behavioral patterns similar to established ransomware groups.
Italy's Affordable Spyware Revolution: How Budget-Friendly Surveillance Tools Are Reshaping the Global Market
Italy has emerged as a major player in surveillance technology by offering law enforcement agencies spyware tools for just €150 per day. Unlike premium vendors like NSO Group, Italian firms focus on basic but functional tools, making surveillance technology more accessible while drawing less scrutiny.
Zero-Day Vulnerabilities Dominated Cyber Attacks in 2023, Five Eyes Report Reveals
A new intelligence report shows zero-day exploits became the primary attack vector for cybercriminals in 2023, marking a significant shift from previous years. The findings highlight the growing sophistication of threat actors targeting enterprise networks and emphasize the critical need for rapid vulnerability patching.
Foreign Hackers Breach Library of Congress Email Systems in Major Cyber Espionage Attack
A sophisticated cyber attack has compromised months of sensitive email communications between the Library of Congress and congressional offices. The breach, conducted by an unidentified foreign adversary, exposed correspondence containing confidential legislative proposals from January to September 2023.