Risk
-
New SuperCard X Malware Targets Android Devices in NFC Relay Attacks
The emergence of ‘SuperCard X,’ a new malware-as-a-service platform, poses a serious threat to Android users through NFC relay attacks, allowing unauthorized transactions with stolen payment card data.
-
China’s Mustang Panda Expands Malware Arsenal Amid Surveillance Efforts
Mustang Panda, a state-sponsored Chinese hacking group, has expanded its malware capabilities with four new tools, including keyloggers, as part of its ongoing surveillance efforts. These enhancements highlight a significant escalation in their cyber espionage activities.
-
Data Breach Threatens Corporate Security as Infostealers Surge in 2024
The rise of infostealer malware in 2024 presents a significant threat to corporate cybersecurity, with compromised credentials leading to severe data breaches.
-
Ransomware Negotiations: A Balancing Act Between Ethics and Survival
Organizations face a challenging dilemma when their data is held hostage by ransomware, grappling with the decision to negotiate or pay ransoms. This article explores the organized nature of ransomware gangs, trends in ransom amounts, ethical considerations, and best practices for effective negotiations and response.
-
CISA Identifies Exploited Windows Vulnerability: Urgent Fixes Required
CISA has identified a medium-severity vulnerability in Microsoft Windows, designated CVE-2025-24054, which has come under active exploitation. The vulnerability, tied to the deprecated NTLM authentication protocol, allows unauthorized access to sensitive data. Urgent measures are required to secure systems against ongoing attacks targeting both governmental and private institutions.
-
Tech Giants Lead Push for Shorter Digital Certificate Lifespans
Tech giants Apple and Google are leading a significant initiative to reduce the maximum lifespans of digital certificates, aiming to strengthen cybersecurity and mitigate risks associated with long-term certificates. The proposal suggests a maximum validity of 90 days from Google and 47 days from Apple, potentially revolutionizing internet safety standards.
-
New ResolverRAT Malware Targets Global Healthcare and Pharmaceutical Sectors
ResolverRAT, a new remote access trojan, poses a significant threat to healthcare and pharmaceutical organizations globally through sophisticated phishing tactics and stealthy operations, according to security researchers.
-
Human Element Critical in Combating Rising Cyber Threats, Experts Warn
As cyber threats evolve, experts stress the critical role of human intervention in enhancing cybersecurity resilience. Over half of UK businesses face projected cyber breaches in 2024, emphasizing the need for employee training and awareness within organizations.
-
Cybersecurity Risks with Third-Party Identity Providers Prompt New Solutions
As businesses increasingly rely on third-party identity providers for cybersecurity, experts warn about the risks, suggesting innovative solutions like extra-factor authentication to enhance security without ceding control.
-
IKEA Operator Reports €20 Million Loss from Ransomware Attack
Fourlis Group, operator of IKEA stores in several Eastern European countries, reported a €20 million loss due to a ransomware attack that occurred in late November 2024. The incident primarily impacted IKEA’s sales and e-commerce operations, with the company stating that it did not pay the ransom demanded by attackers.
