cybersecurity experts have unveiled a previously unknown and highly sophisticated ransomware variant, Rorschach, which is both advanced and swift. Rorschach ransomware distinguishes itself from other strains with its exceptional customization and unique technical features not previously seen in ransomware, according to a report by Check Point Research. In fact, Rorschach is considered one of the

Actively exploited by unidentified cybercriminals, a recently patched security vulnerability is found within the WordPress Elementor Pro website builder plugin. Affecting versions 3.11.6 and earlier, this broken access control flaw was resolved by the plugin developers in the 3.11.7 version, released on March 22. In the release notes, the Tel Aviv-based company mentioned, “Improved code security enforcement

A newly identified North Korean cyber group, APT43, has been linked to multiple campaigns aimed at gathering strategic intelligence in line with Pyongyang’s geopolitical interests since 2018. Tracked by Google-owned Mandiant, APT43’s objectives include both espionage and financial motives, employing methods such as credential harvesting and social engineering to achieve its goals. APT43 attempts to generate

A new campaign targeting poorly managed Linux SSH servers has been identified, deploying various strains of malware called ShellBot. The AhnLab Security Emergency Response Center (ASEC) reported that ShellBot, also known as PerlBot, is a DDoS bot malware developed in Perl, which typically uses the IRC protocol for communication with its C&C server. According to

Mandiant, the threat intelligence firm, has linked the zero-day exploitation of a medium-severity security flaw in the Fortinet FortiOS operating system to a suspected Chinese hacking group. The attack is part of a broader campaign to deploy backdoors onto Fortinet and VMware solutions and maintain persistent access to victim environments. Mandiant is tracking the malicious

The Lazarus Group, believed to be linked to North Korea, has been observed exploiting undisclosed software vulnerabilities to breach a South Korean financial business entity twice within a year. The first attack in May 2022 involved the use of a vulnerable version of a widely-used certificate software, while the second attack in October 2022 exploited