A report out today from SlashNext Inc. details a new phishing kit being advertised on dark web forums that significantly lowers the barriers for cybercriminals to launch effective phishing attacks. Advertised under the name of FishXProxy, the phishing kit equips cybercriminals with a formidable arsenal for multi-layered email phishing attacks. It includes features such as uniquely ...

Data cloud company Snowflake Inc. has introduced new security measures after its customers were targeted following a third-party breach earlier this year. A hacking campaign targeting Snowflake users first came to light in late May when a claimed 560 million records stolen from Ticketmaster Entertainment appeared for sale on the Breach Forums hacking site. That was followed ...

Cybersecurity researchers have discovered a critical security vulnerability in RADIUS, a widely used network authentication protocol dating back to the 1990s that’s still in widespread use today. RADIUS, short for Remote Authentication Dial-In User Service, was released in 1991 before being designated a standard (RFC 2058) by the Internet Engineering Task Force in 1997. Initially ...

Business and financial software company Intuit Inc. today announced that it’s laying off 1,800 employees, about 10% of its workforce, as it looks to focus more on artificial intelligence — but it plans to rehire 1,800 new people in engineering, product and customer-facing roles. In a note to employees, Intuit Chief Executive Officer Sasan Goodarzi ...

Founded by President Harry Truman in 1952, the U.S. National Security Agency is supposed to provide security through intelligence gathering, but what happens when it overlooks its own security? A new report from Contrast Security Inc. today details just that: a security vulnerability found in SkillTree, an open-source NSA training platform maintained on GitHub. The ...

A new report published today by researchers at Cisco Talos details the evolving tactics and techniques used by prolific ransomware groups and the need to protect against them. Ransomware is far from new, with the report identifying groups such as ALPHV/Blackcat as among the most prolific. However, ransomware groups do not remain static; they constantly evolve ...

Generative artificial intelligence video startup Captions LLC announced today that it has raised $60 million in new funding on a valuation of $500 million to advance its research of generative video technology. The round was led by Index Ventures LLP, with Kleiner Perkins Caufield & Byers LLC, Andreessen Horowitz, Sequoia Capital Operations LLC, Adobe Ventures, ...

The U.S. Department of Justice announced today that it has seized two domains allegedly key to a disinformation campaign by Russia’s RT news network which were used to spread disinformation via X Corp. The two domains were being used to spread information via 968 X accounts. Despite some reports to the contrary, the X accounts ...

Ransomware gang RansomHub has released up to 100 gigabytes of files stolen from the Florida Department of Health after the department declined to pay a ransom payment following a ransomware attack last week. The ransomware attack, described by Governor Ron DeSantis as a “cyber incident,” struck the department on July 2 and caused disruptions to ...

Security researchers at Securelsit by Kaspersky today detailed a new advanced persistent threat group that’s targeting Russian government entities in what appears to be another uptick in geopolitical-linked hacking. Dubbed CloudSorcerer, the group uses a sophisticated cyber espionage tool for stealth monitoring, data collection and exfiltration via Microsoft Graph, Yandex Cloud and Dropbox cloud infrastructure. The ...