Cyber Security

Backlogs at the US National Vulnerability Database (NVD), a critical source of information about security flaws in software, have reached crisis proportions, prompting federal agencies to seek help from the private sector.

CVE-2024-30051, under active exploit, is the most concerning out of this month’s Patch Tuesday offerings, and already being abused by several QakBot actors.

Scattered Spider is as active as ever, despite authorities claiming that they’re close to nailing its members.

Today, ​Microsoft fixed a known issue breaking VPN connections across client and server platforms after installing the April 2024 Windows security updates. […]

Google has released emergency security updates for the Chrome browser to address a high-severity zero-day vulnerability tagged as exploited in attacks. […]

Since April, millions of phishing emails have been sent through the Phorpiex botnet to conduct a large-scale LockBit Black ransomware campaign. […]

Threat actors are using Domain Name System (DNS) tunneling to track when their targets open phishing emails and click on malicious links, and to scan networks for potential vulnerabilities. […]

The Black Basta ransomware-as-a-service (RaaS) operation has targeted more than 500 private industry and critical infrastructure entities in North America, Europe, and Australia since its emergence in April 2022.
In a joint advisory published by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS

This malware research article describes the REMCOS implant at a high level, and provides background for future articles in this multipart series.