Browsing: Threats and Vulnerabilities

Redline Stealer Dominates: VIPRE’s Q3 Report Highlights Sophisticated BEC Tactics and Evolving Malware Trends

Dilki RathnayakeNovember 1, 20243 Mins Read

VIPRE Security Group’s Q3 2024 Email Threat Trends Report reveals the increasing sophistication of email-based threats, particularly business email compromise…

Malicious npm Packages Found to Distribute BeaverTail Malware

ISB Staff ReporterOctober 29, 20243 Mins Read

Three malicious packages uploaded to the npm registry were discovered to harbor BeaverTail, a JavaScript downloader and information stealer associated…

Cyware and ECS Partner to Enhance Government Cybersecurity with Advanced Threat Intel Exchange

ISB Staff ReporterOctober 29, 20242 Mins Read

Cyware, a provider of threat intelligence management and cyber fusion solutions, has teamed up with ECS, a player in technology…

US Energy Sector Faces Growing Cybersecurity Threats

Kirsten DoyleOctober 25, 20243 Mins Read

A recent cybersecurity report by SecurityScorecard and KPMG reveals that the US energy sector remains at high risk of cyber…

The Lazarus APT Strikes Again: New Zero-Day Exploit Targets Investors through DeFi Games

Kirsten DoyleOctober 24, 20243 Mins Read

In a new and sophisticated campaign, the infamous North Korean-affiliated Lazarus APT group and its BlueNoroff subgroup have once again…

Google Mandiant: Time-to-Exploit Falls, Zero Day Exploits Rise

Josh Breaker RolfeOctober 23, 20243 Mins Read

A staggering 70% of exploited vulnerabilities in 2023 were leveraged as zero days, meaning threat actors exploited the flaws in…

Attackers Exploit Roundcube Webmail Vulnerability

Kirsten DoyleOctober 23, 20244 Mins Read

Cybersecurity experts from Positive Technologies’ Security Expert Center (PT ESC) have uncovered an exploit targeting Roundcube Webmail, an open-source email client…

ConfusedPilot Exposes Vulnerability in AI Systems Used by Major Enterprises

Kirsten DoyleOctober 18, 20245 Mins Read

A novel attack, dubbed ConfusedPilot, has been discovered, targeting widely used Retrieval Augmented Generation (RAG)-based AI systems such as Microsoft…

Building Digital Resilience: Insider Insights for a Safer Cyber Landscape

Kirsten DoyleOctober 18, 202413 Mins Read

Due to the tremendous feedback we received on our first two articles, which shared invaluable cybersecurity advice from industry experts,…

New Threat Actor Tool EDRSilencer Repurposed for Malicious Use

ISB Staff ReporterOctober 16, 20243 Mins Read

The Trend Micro Threat Hunting Team has identified an alarming new trend in cyber attacks: malefactors are adopting EDRSilencer, a…

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics