BotNet News

Cyberthreat News

Thousands of new vulnerabilities are discovered in old and new applications and devices every year, giving hackers plenty of opportunities to cause a data breach. Ransomware, identity theft and phishing are among the most financially damaging cyberthreats. In addition, the emergence of AI technologies, operational technology (OT) and IoT devices are providing hackers with new attack surfaces.

This regular round-up of the latest cyberthreat news helps security professionals safeguard their digital assets and remain alert to emerging threats. A recent update to GIFTEDCROOK malware, for example, has turned the malicious program into a powerful intelligence-gathering tool with a particular focus on Ukrainian governmental and military entities. The update, combined with the content of its phishing lures, suggest a strategic shift in targeting.

Insider threats are another growing concern. They involve authorized users—such as employees, contractors and business partners—misusing their legitimate access or having their accounts hijacked by cybercriminals. These threats are harder to detect than external attacks because they have the earmarks of authorized activity and often evade antimalware software, firewalls and other security solutions. They can take many forms, including business email compromise (BEC), spoofed and phishing scams, ransomware, and generative AI fraud, in which hackers produce fake documents and apps to trick people into sending them money or sharing sensitive information. Moreover, the proliferation of connected devices and the complexity of supply chains have made them more vulnerable to cyberattacks. This week, researchers disclosed a flaw in the firmware of a popular home router that could allow attackers to spy on devices and disrupt their operations.