News

Detecting fraudulent North Korean hires: A CISO playbook

Bys s November 5, 2025

Has a North Korean threat actor applied for a position at your organization, or even been hired? We’re sharing a toolkit to help you detect and avoid that risk.

News

NightEagle APT Exploits Microsoft Exchange Flaw to Target China’s Military and Tech Sectors
Bys s July 4, 2025

Cybersecurity researchers have shed light on a previously undocumented threat actor called NightEagle (aka APT-Q-95) that has been observed targeting Microsoft Exchange servers as a part of a zero-day exploit chain designed to target government, defense, and technology sectors in China. According to QiAnXin’s RedDrip Team, the threat actor has been active since 2023 and…

Read More NightEagle APT Exploits Microsoft Exchange Flaw to Target China’s Military and Tech Sectors
News

Velociraptor incident response tool abused for remote access
Bys s August 26, 2025

This approach represents an evolution from threat actors abusing remote monitoring and management tools

Read More Velociraptor incident response tool abused for remote access
News

HHS Office for Civil Rights Settles HIPAA Security Rule Investigation; Northeast Radiology agrees to corrective action plan and $350,000 monetary penalty
Bys s April 10, 2025

Over the past few years, DataBreaches has reported on a breach involving Northeast Radiology and its business associate, Alliance Healthcare Services. In March 2020, Northeast Radiology revealed its patient data was involved in a breach Alliance notified them about in January, 2020. TechCrunch had contacted Northeast Radiology about its unpatched PACS servers in 2019, but…

Read More HHS Office for Civil Rights Settles HIPAA Security Rule Investigation; Northeast Radiology agrees to corrective action plan and $350,000 monetary penalty
News

CISA: No Federal Agency Beyond Treasury Impacted by BeyondTrust Incident
Bys s January 7, 2025

CISA says no federal agencies other than Treasury were impacted by the recent compromise of a BeyondTrust cloud-based service. The post CISA: No Federal Agency Beyond Treasury Impacted by BeyondTrust Incident appeared first on SecurityWeek.

Read More CISA: No Federal Agency Beyond Treasury Impacted by BeyondTrust Incident
News

ThreatsDay Bulletin: Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit — and 20 More Stories
Bys s December 11, 2025

This week’s cyber stories show how fast the online world can turn risky. Hackers are sneaking malware into movie downloads, browser add-ons, and even software updates people trust. Tech giants and governments are racing to plug new holes while arguing over privacy and control. And researchers keep uncovering just how much of our digital life…

Read More ThreatsDay Bulletin: Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit — and 20 More Stories
News

Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper
Bys s May 15, 2025

Cybersecurity researchers have discovered a malicious package named “os-info-checker-es6” that disguises itself as an operating system information utility to stealthily drop a next-stage payload onto compromised systems. “This campaign employs clever Unicode-based steganography to hide its initial malicious code and utilizes a Google Calendar event short link as a dynamic dropper for its final

Read More Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper

Similar Posts