cybercrime

The archetype of the cybercriminal has evolved. Gone are the days when the most dangerous attackers were solitary figures shrouded in dark hoodies, furiously attempting to breach technical defenses. Today’s most insidious threats are casual, even personable—the scammer who reaches you via a...

In recent developments, cybersecurity firm East Security has identified a sophisticated phishing campaign that impersonates Microsoft's multi-factor authentication (MFA) processes. This attack leverages QR codes to deceive users into divulging their Microsoft 365 credentials, highlighting the...

The United Kingdom’s arrest of four suspects linked to a wave of cyberattacks targeting major retail organizations marks a pivotal moment in the ongoing battle between law enforcement and cybercriminals. This high-profile case comes at a time when digital threats are becoming increasingly...

In recent years, the cybersecurity landscape has witnessed a dramatic escalation in identity-based attacks, with employee login credentials becoming prime targets for cybercriminals. This surge is largely attributed to the proliferation of sophisticated yet affordable tools that facilitate such...

Cybersecurity professionals worldwide have watched for years as the battle between defenders and attackers has grown increasingly sophisticated. But a new wave of threats is now on the horizon—one where generative AI acts as the great equalizer, equipping even novice cybercriminals with the...

There’s a growing threat in the digital landscape that preys on trust rather than technical vulnerability. It slips quietly into our daily lives, masquerading not as suspicious spam, but as the kind of corporate communication we expect: a calendar invite. For millions of Microsoft 365 and...

In recent years, cybercriminals have increasingly exploited digital calendars to orchestrate sophisticated phishing attacks, particularly targeting Microsoft 365 users. These scams often involve deceptive calendar invitations that appear legitimate but are designed to steal sensitive information...

Artificial intelligence’s growing influence in the business world is increasingly coming with a sharp edge, as demonstrated by a recent report from identity management giant Okta. The convergence of easily accessible AI-powered web development tools and the rising sophistication of threat actors...

A new ransomware variant named DEVMAN has recently emerged, targeting Windows 10 and 11 systems. This malware is a derivative of the DragonForce ransomware family, itself based on the Conti framework, but introduces unique behaviors that distinguish it from its predecessors. Technical Analysis...

America’s decisive air campaign against Iran’s nuclear infrastructure may have changed the global security landscape overnight, but the destruction of spinning centrifuges and command bunkers does not signify the end of Iranian threats on the world stage. Far from it. The new battlefield is not...

In recent months, a sophisticated phishing campaign has exploited Microsoft 365's Direct Send feature, targeting over 70 organizations across the United States. This attack method allows cybercriminals to impersonate internal users and deliver phishing emails that bypass traditional security...

In recent months, a sophisticated phishing campaign has exploited Microsoft 365's "Direct Send" feature, targeting over 70 organizations, primarily in the United States. This attack method allows cybercriminals to impersonate internal users and deliver phishing emails without compromising...

Four days of total digital silence. That was the stark reality for the 20 million users of YES24, South Korea’s largest online bookstore, after a catastrophic ransomware attack forced the entire platform—website and app—offline. Orders for books, reservations for concerts, and access to digital...

The digital landscape was shaken recently when Cloudflare, a web infrastructure and security firm protecting many of the internet’s busiest destinations, reported successfully mitigating the largest distributed denial-of-service (DDoS) attack ever documented. At its peak, the attack surged to...

In a recent and unprecedented cybersecurity event, researchers have uncovered a massive data breach exposing approximately 16 billion login credentials from major platforms, including Google, Facebook, and Telegram. This breach, identified by the Cybernews research team, is being hailed as one...

In a chilling demonstration of how cybercriminals are evolving their attack strategies, security researchers recently uncovered an advanced and highly orchestrated campaign by the North Korean BlueNoroff hacking group that leverages deepfake technology, social engineering, and custom macOS...

Anubis ransomware has emerged as a formidable threat in the cybersecurity landscape, employing a destructive wiper module that ensures victims lose their data irretrievably, even if they comply with ransom demands. This evolution in ransomware tactics underscores the increasing sophistication...

In the dim and often misunderstood world of the dark web, a new phenomenon is reshaping the landscape of cybercrime: illicit, highly capable, generative AI platforms built atop legitimate open-source models. The emergence of Nytheon AI, detailed in a recent investigation by Cato Networks and...

When Twitter confirmed that a hacker exploited a significant security vulnerability, it set off alarm bells not just within the company, but across the wider digital landscape. Such incidents underscore the growing concerns around data privacy, cybersecurity, and the responsibility that tech...

In recent months, the cybersecurity landscape has been rocked by a rapidly escalating campaign in which cybercriminals have weaponized TeamFiltration, a penetration testing tool, to orchestrate massive attacks on Office 365 accounts. According to incident data and credible analyses from leading...