Hackers Leveraging Cloudflare Tunnels, DNS Fast-Flux to Hide GammaDrop Malware

The activity is part of an ongoing spear-phishing campaign targeting Ukrainian entities since at least early 2024 that's designed to drop the Visual Basic Script malware, Recorded Future's Insikt Group said in a new analysis.

Browser Isolation Bypassed: QR Codes Used in Novel C2 Attacks

A recent report from Thibault Van Geluwe de Berlaere at Mandiant unveils an innovative method for attackers to bypass browser isolation and execute command-and-control (C2) operations using QR codes.

Report: 65% of Office Workers Bypass Cybersecurity to Boost Productivity

High-risk access exists throughout the workplace, in almost every job role, proving that the time has come for organizations to re-think the way they protect their workforce, according to CyberArk.

Security Risks Persist in Open Source Ecosystem

Significant security risks continue to be prevalent in open-source software development practices, a new report by the Linux Foundation, OpenSSF, and Harvard University has found.

How Widespread Is Mercenary Spyware? More Than You Think

A targeted hunt by iVerify on 2,500 mobile devices for indicators of compromise associated with mercenary spyware has revealed that its use is not as rare as one would hope.

Ransomware Costs Manufacturing Sector $17bn in Downtime

This significant financial impact stems from the widespread disruption of ransomware attacks. Beyond halting production, they jeopardize customer orders, damage relationships and lead to prolonged recovery efforts.

EU’s First Ever Report on the State of Cybersecurity in the Union

In its first-ever Report on the State of Cybersecurity in the Union, published on December 3, ENISA said the cyber threat level to the EU between July 2023 and June 2024 was substantial.

Cloudflare’s Developer Domains Increasingly Abused by Threat Actors

Cloudflare's 'pages.dev' and 'workers.dev' domains, used for deploying web pages and facilitating serverless computing, are being increasingly abused by cybercriminals for phishing and other malicious activities.

French Mobile Operators Join Forces to Tackle Rising Fraud

Bouygues Telecom, Free, Orange, and SFR announced on December 3 that they will launch two network APIs for the French market in the first half of 2025 to help online businesses combat fraud and digital identity theft.

Why Phishers Love New TLDs Like .shop, .top, and .xyz

A study by Interisle Consulting found that new gTLDs introduced in the last few years command just 11% of the market for new domains, but accounted for roughly 37% of cybercrime domains reported between September 2023 and August 2024.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags