Security
Headlines
HeadlinesLatestCVEs

Latest News

Russian Script Kiddie Assembles Massive DDoS Botnet

Over the past year, "Matrix" has used publicly available malware tools and exploit scripts to target weakly secured IoT devices — and enterprise servers.

DARKReading
Open in Source
#vulnerability#google#microsoft#ddos#dos#apache#nodejs#git#rce#botnet#aws#auth#ssh#telnet
News Desk 2024: The Rise of Cybersecurity Platforms

Enterprise cybersecurity teams tell Omdia's Maxine Holt that they want to dig out from underneath mounting tech and pivot to a simpler platform model — but they are finding that tricky to pull off.

News Desk 2024: Can GenAI Write Secure Code?

GenAI's 30%-50% coding productivity boost comes with a downside — it's also generating vulnerabilities. Veracode's Chris Wysopal talks about what he finds out in this News Desk interview during Black Hat USA.

Microsoft Finally Releases Recall as Part of Windows Insider Preview

The preview version now includes multiple security-focused additions Microsoft had promised to add, such as SecureBoot, BitLocker, and Windows Hello.

Researchers Discover "Bootkitty" – First UEFI Bootkit Targeting Linux Kernels

Cybersecurity researchers have shed light on what has been described as the first Unified Extensible Firmware Interface (UEFI) bootkit designed for Linux systems. Dubbed Bootkitty by its creators who go by the name BlackCat, the bootkit is assessed to be a proof-of-concept (PoC) and there is no evidence that it has been put to use in real-world attacks. Also tracked as IranuKit, it was uploaded

Latest Multi-Stage Attack Scenarios with Real-World Examples

Multi-stage cyber attacks, characterized by their complex execution chains, are designed to avoid detection and trick victims into a false sense of security. Knowing how they operate is the first step to building a solid defense strategy against them. Let's examine real-world examples of some of the most common multi-stage attack scenarios that are active right now. URLs and Other Embedded

INTERPOL Arrests 1,000 and Dismantles Cybercrime Networks Across Africa

Group-IB collaborated with INTERPOL and AFRIPO in a major crackdown on cybercrime in Africa for “Operation Serengeti.” This…

APT-C-60 Exploits WPS Office Vulnerability to Deploy SpyGlace Backdoor

The threat actor known as APT-C-60 has been linked to a cyber attack targeting an unnamed organization in Japan that used a job application-themed lure to deliver the SpyGlace backdoor. That's according to findings from JPCERT/CC, which said the intrusion leveraged legitimate services like Google Drive, Bitbucket, and StatCounter. The attack was carried out around August 2024. "In this attack,

INTERPOL Busts African Cybercrime: 1,006 Arrests, 134,089 Malicious Networks Dismantled

An INTERPOL-led operation has led to the arrest of 1,006 suspects across 19 African countries and the takedown of 134,089 malicious infrastructures and networks as part of a coordinated effort to disrupt cybercrime in the continent. Dubbed Serengeti, the law enforcement exercise took place between September 2 and October 31, 2024, and targeted criminals behind ransomware, business email