Moving CVEs past one-nation control

Marco Raquan Honesty has pleaded guilty to his roles in several fraud schemes, including smishing, identity theft, and bank account takeover. The post Washington Man Admits to Role in Multiple Cybercrime, Fraud Schemes appeared first on SecurityWeek.

Artificial Intelligence (A) is revolutionizing intelligence gathering, empowering cybersecurity defenders, and amplifying threat actor capabilities. The post The Intersection of AI and OSINT: Advanced Threats On The Horizon appeared first on SecurityWeek.

Cybersecurity researchers have exposed a new campaign that targets web servers running PHP-based applications to promote gambling platforms in Indonesia. “Over the past two months, a significant volume of attacks from Python-based bots has been observed, suggesting a coordinated effort to exploit thousands of web apps,” Imperva researcher Daniel Johnston said in an analysis. “These…

Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171, and by obtaining legitimate victim login credentials as part of a targeted campaign aimed at major U.S. telecommunications companies. “The threat actor then demonstrated their ability to persist in target environments…

An analysis of HellCat and Morpheus ransomware operations has revealed that affiliates associated with the respective cybercrime entities are using identical code for their ransomware payloads. The findings come from SentinelOne, which analyzed artifacts uploaded to the VirusTotal malware scanning platform by the same submitter towards the end of December 2024. “These two payload samples…

Excelsior Orthopaedics says the information of roughly 357,000 patients and employees was stolen in a June 2024 data breach. The post Excelsior Orthopaedics Data Breach Impacts 357,000 People appeared first on SecurityWeek.