Iranian government-backed snoops are increasingly using cybercrime malware and ransomware infrastructure in their operations – not just hiding behind criminal masks as a cover for destructive cyber activity, according to security researchers. Ministry of Intelligence and Security (MOIS)-linked operatives appear to be the biggest offenders, according to Check Point Research, citing “repeated overlaps” between MuddyWater...Read More
In recent years, ClickFix and fake CAPTCHA techniques have become a popular way for cybercriminals to distribute malware. Instead of exploiting a technical vulnerability, these attacks rely on convincing people to run malicious commands themselves. Our researchers have recently detected a campaign that ultimately delivers the Vidar infostealer, using several different infection chains. One of...Read More
Global ransomware attacks against critical industries surged by 34% in 2025, according to new research from KELA. The U.S. emerged as the top target, accounting for 21% of global incidents. Nearly half (50%) of these ransomware attacks affected sectors vital to national resilience, including manufacturing, healthcare, energy, transportation, and finance. These trends underscore why ransomware...Read More
SACRAMENTO, Calif — An Elk Grove lawmaker is introducing legislation aimed at tightening California’s elderly parole program after two Sacramento-area child molesters were granted parole. Assembly Bill 2727, authored by Democratic Assemblymember Stephanie Nguyen, seeks to raise the eligibility age and add new restrictions for people convicted of certain sexual crimes. Nguyen said the goal...Read More
The White House issued an executive order March 6 to combat cybercrimes by threat groups. The order highlights how such groups can receive willing or tacit state support for cyberattacks involving ransomware and malware, phishing, financial fraud and other schemes. The order directs federal agencies within 120 days to create an action plan that would be carried out by the National...Read More
Application Security DevSecOps Specialist NTT DATA | Italy | On-site – View job details As an Application Security DevSecOps Specialist, you will integrate security into CI/CD pipelines using tools such as SAST, DAST, SCA, secret scanning, and container scanning to ensure secure software delivery. You will conduct code security reviews, triage findings, and collaborate with...Read More
Analysis of the embedded obfuscated JavaScript within these fake CAPTCHA pages revealed a multistage payload delivery system that initiated downloads from secondary command-and-control servers: 45[.]221[.]64[.]245/mot/ 104[.]164[.]55[.]7/231/means.d We assess that the threat actors likely initiated their attack campaign through a sophisticated social engineering scheme involving these fake CAPTCHA pages. The pages appear to have delivered information...Read More
What organizations need to know about DragonForce (Water Tambanakua) DragonForce (tracked by Trend Micro as Water Tambanakua) has shown consistent activity and a clear drive to expand its influence among affiliates. Its tactics also point toward an aggressive and highly opportunistic approach. One example of this is its use of multivariant payloads, in which it...Read More
Analysis One of the European Union’s top legal advisors is trying to change how banks treat cybercrime victims – meaning they could enjoy greater financial protections sooner than expected. In a recently published legal opinion, Advocate General Athanasios Rantos urged lawmakers to alter their interpretation of the Second Payment Services Directive (PSD2), which would require...Read More
