Trend Micro’s Zero Day Initiative, a major player in the vulnerability disclosure ecosystem, is ramping up the pressure on software vendors that consistently ship faulty security patches.
81% of Malware Seen on USB Drives in Industrial Facilities Can Disrupt ICS: Honeywell
Security Firms Find Over 20 Malicious PyPI Packages Designed for Data Theft
Security companies have identified more than 20 malicious PyPI packages designed to steal passwords and other sensitive information from the victims’ machines.
Microsoft Announces Disruption of Russian Espionage APT
Microsoft on Monday announced another major disruption of an APT actor believed to be linked to the Russian government, cutting off access to accounts used for pre-attack reconnaissance, phishing, and email harvesting.
Chinese Cyberspies Use Supply Chain Attack to Deliver Windows, macOS Malware
China-linked cyberespionage group Iron Tiger was observed using the compromised servers of a chat application for the delivery of malware to Windows and macOS systems, Trend Micro reports.
CISA, FBI Warn Organizations of Zeppelin Ransomware Attacks
The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a joint advisory detailing the Zeppelin ransomware.
Number of Ransomware Attacks on Industrial Orgs Drops Following Conti Shutdown
The number of ransomware attacks on industrial organizations decreased from 158 in the first quarter of 2022 to 125 in the second quarter, and it may be — at least partially — a result of the Conti operation shutting down.
Twilio Hacked After Employees Tricked Into Giving Up Login Credentials
Enterprise software vendor Twilio (NYSE: TWLO) has been hacked by a relentless threat actor who successfully tricked employees into giving up login credentials that were then used to steal third-party customer data.
US, Australian Cybersecurity Agencies Publish List of 2021’s Top Malware
The US Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) have published a joint advisory to detail the top malware strains of 2021.
Ghost Security Snags $15M Investment for API Security Tech
Texas startup Ghost Security has joined the list of early-stage companies in the API and application security space attracting venture capital funding.
The Austin-based company emerged from stealth this week with $15 million in investments from 468 Capital, DNX Ventures, and Munich Re Ventures.
