WikiLeaks founder Julian Assange has agreed to plead guilty to one count of espionage in US court on Wednesday, ending a years-long legal battle between the US government and a controversial publisher.
Fresh MOVEit Bug Under Attack Mere Hours After Disclosure
The high-severity CVE-2024-5806 allows cyberattackers to authenticate to the file-transfer platform as any valid user, with accompanying privileges.
Indonesia Refuses to Pay $8M Ransom After Cyberattack
More than 200 regional and national government agencies have been impacted by the ransomware attack, and few of them are once again operational.
Threat Actor May Have Accessed Sensitive Info on CISA Chemical App
An unknown adversary compromised a CISA app containing the data via a vulnerability in the Ivanti Connect Secure appliance this January.
WordPress Supply Chain Attack Spreads Across Multiple Plug-ins
Injected malicious JavaScript code gives attackers administrator rights on websites, and fills sites with SEO spam.
Key Takeaways From the British Library Cyberattack
Knowledge institutions with legacy infrastructure, limited resources, and digitized intellectual property must protect themselves from sophisticated and destructive cyberattacks.
New Attack Technique Exploits Microsoft Management Console Files
Threat actors are exploiting a novel attack technique in the wild that leverages specially crafted management saved console (MSC) files to gain full code execution using Microsoft Management Console (MMC) and evade security defenses.
Elastic Security Labs has codenamed the approach GrimResource after identifying an artifact (“sccm-updater.msc”) that was uploaded to the VirusTotal malware
Elastic Security Labs has codenamed the approach GrimResource after identifying an artifact (“sccm-updater.msc”) that was uploaded to the VirusTotal malware
How to Cut Costs with a Browser Security Platform
Browser security is becoming increasingly popular, as organizations understand the need to protect at the point of risk – the browser. Network and endpoint solutions are limited in their ability to protect from web-borne threats like phishing websites or malicious browser extensions. They also do not protect from internal data exfiltration, like employees pasting sensitive data to ChatGPT. As it
New Cyberthreat ‘Boolka’ Deploying BMANAGER Trojan via SQLi Attacks
A previously undocumented threat actor dubbed Boolka has been observed compromising websites with malicious scripts to deliver a modular trojan codenamed BMANAGER.
“The threat actor behind this campaign has been carrying out opportunistic SQL injection attacks against websites in various countries since at least 2022,” Group-IB researchers Rustam Mirkasymov and Martijn van den Berk said in a
“The threat actor behind this campaign has been carrying out opportunistic SQL injection attacks against websites in various countries since at least 2022,” Group-IB researchers Rustam Mirkasymov and Martijn van den Berk said in a
Wikileaks’ Julian Assange Released from U.K. Prison, Heads to Australia
WikiLeaks founder Julian Assange has been freed in the U.K. and has departed the country after serving more than five years in a maximum security prison at Belmarsh for what was described by the U.S. government as the “largest compromises of classified information” in its history.
Capping off a 14-year legal saga, Assange, 52, pleaded guilty to one criminal count of conspiring to obtain and
Capping off a 14-year legal saga, Assange, 52, pleaded guilty to one criminal count of conspiring to obtain and