Cybersecurity
Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday disclosed that ransomware actors are targeting unpatched SimpleHelp Remote Monitoring and Management (RMM) instances to compromise customers of an unnamed utility billing software provider. “This incident reflects a broader pattern of ransomware actors targeting organizations through unpatched versions of SimpleHelp RMM since January 2025,” the…
Inside a Dark Adtech Empire Fed by Fake CAPTCHAs – Krebs on Security
Late last year, security researchers made a startling discovery: Kremlin-backed disinformation campaigns were bypassing moderation on social media platforms by leveraging the same malicious advertising technology that powers a sprawling ecosystem of online hucksters and website hackers. A new report on the fallout from that investigation finds this dark ad tech industry is far more…
The 20 biggest data breaches of the 21st century
Though it had long stopped being the powerhouse that it once was, social media site MySpace hit the headlines in 2016 after 360 million user accounts were leaked onto both LeakedSource.com and put up for sale on dark web market The Real Deal with an asking price of 6 bitcoin (around $3,000 at the time)….
What is asymmetric cyberattack? | Definition from TechTarget
An asymmetric cyberattack refers to cyberwarfare that inflicts a proportionally large amount of damage compared to the resources used by targeting the victim’s most vulnerable security measure. What does ‘asymmetric’ mean in asymmetric cyberattacks? In asymmetric cyberattacks, the perpetrator has an unfair (or asymmetric) advantage over the victim that can be impossible to detect. Oftentimes,…
20 Top-Level Domain Names Abused by Hackers in Phishing Attacks
Phishing attackers abuse TLDs like .li, .es, and .dev to hide redirects, steal credentials, and bypass detection. See top domains flagged by ANY.RUN in 2025. Some phishing sites don’t need fancy tricks, just the right domain name. And you won’t always spot it until it’s too late. Hackers have become masters at abusing certain Top-Level…
The legal questions to ask when your systems go dark – Help Net Security
At Span Cyber Security Arena, I sat down with Iva Mišković, Partner at the ISO-certified Mišković & Mišković law firm, to discuss the role of legal teams during cyber incidents. She shared why lawyers should assume the worst, coordinate quickly, and ask the right questions to support IT. Mišković explained that a legal strategy, built…
An industry first: Sophos Firewall and NDR Essentials
Sophos Firewall v21.5 introduces an innovative industry first: Network Detection and Response (NDR) integrated with a firewall. Why NDR is Important Network Detection and Response (NDR) is a category of network security products designed to detect abnormal traffic behavior, helping identify active adversaries operating on the network. Skilled attackers are very effective at evading detection,…
BladedFeline: Whispering in the dark
In 2024, ESET researchers discovered several malicious tools in the systems used by Kurdish and Iraqi government officials. The APT group behind the attacks is BladedFeline, an Iranian threat actor that has been active since at least 2017, when it compromised officials within the Kurdistan Regional Government (KRG). This group develops malware for maintaining and…
New Atomic macOS Stealer Campaign Exploits ClickFix to Target Apple Users
Cybersecurity researchers are alerting to a new malware campaign that employs the ClickFix social engineering tactic to trick users into downloading an information stealer malware known as Atomic macOS Stealer (AMOS) on Apple macOS systems. The campaign, according to CloudSEK, has been found to leverage typosquat domains mimicking U.S.-based telecom provider Spectrum. “macOS users are…
Proxy Services Feast on Ukraine’s IP Address Exodus – Krebs on Security
Image: Mark Rademaker, via Shutterstock. Ukraine has seen nearly one-fifth of its Internet space come under Russian control or sold to Internet address brokers since February 2022, a new study finds. The analysis indicates large chunks of Ukrainian Internet address space are now in the hands of shadowy proxy and anonymity services that are nested…