Aurora, a multi-purpose botnet being advertised on underground forums since April, has been adopted by multiple cybercriminals over the past few months, cybersecurity firm Sekoia.io reports.
Microsoft Warns of Cybercrime Group Delivering Royal Ransomware, Other Malware
A threat actor tracked as DEV-0569 and known for the distribution of various malicious payloads was recently observed updating its delivery methods, Microsoft warns.
Omron PLC Vulnerability Exploited by Sophisticated ICS Malware
A critical vulnerability has not received the attention it deserves
Palo Alto to Acquire Israeli Software Supply Chain Startup
Cybersecurity powerhouse Palo Alto Networks on Thursday announced plans to spend $195 million in cash to acquire Israeli startup Cider Security, a deal that adds software supply chain security capabilities to its Prisma Cloud platform.
Hundreds Infected With ‘Wasp’ Stealer in Ongoing Supply Chain Attack
Security researchers are raising alarm on an ongoing supply chain attack that uses malicious Python packages to distribute an information stealer.
US Gov Warning: Start Hunting for Iranian APTs That Exploited Log4j
The U.S. government on Wednesday issued a blunt recommendation for organizations running VMWare Horizon servers: Initiate threat-hunting activities to find and expel Iranian APT actors that used the Log4j crisis to slip undetected into corporate networks.
Akeyless Raises $65 Million for Secrets Management Tech
Israeli early-stage startup Akeyless has banked a whopping $65 million in venture capital funding to build technology to help businesses manage credentials, certificates, keys and other secrets flowing through multi-cloud environments.
Bishop Fox Adds $46 Million to Series B Funding Round
Continuous attack surface management pioneer Bishop Fox continues to attract the attention of investors with the banking of another $46 million in growth funding led by WestCap.
Microsoft Patches MotW Zero-Day Exploited for Malware Delivery
Microsoft’s latest Patch Tuesday updates address six zero-day vulnerabilities, including one related to the Mark-of-the-Web (MotW) security feature that has been exploited by cybercriminals to deliver malware.
Gaping Authentication Bypass Holes in VMWare Workspace One
Virtualization technology giant VMware joined the Patch Tuesday train this week to deliver urgent security patches to its VMWare Workspace One product.