SonicWall has issued a warning about a trojanized version of its NetExcender SSL VPN that is stealing user information.
Posted inCybersecurity News

SonicWall has issued a warning about a trojanized version of its NetExcender SSL VPN that is stealing user information.

SonicWall has issued an alert about an active campaign distributing a trojanized version of its NetExtender SSL VPN client designed to steal user information, specifically VPN credentials and configuration details. This fake NetExtender app closely mimics the legitimate version 10.3.2.27 but has been modified by threat actors to exfiltrate sensitive data to a remote server.
Army releases Unified Network Plan 2.0 and a new emphasis on zero-trust principles.
Posted inCybersecurity News

Army releases Unified Network Plan 2.0 and a new emphasis on zero-trust principles.

The Army Unified Network Plan 2.0 (AUNP 2.0) is the latest strategic framework guiding the modernization and integration of the U.S. Army’s information technology infrastructure to meet the demands of contemporary and future warfare. Released in March 2025, AUNP 2.0 builds directly on the foundation established by the original 2021 plan, which focused on unifying disparate Army networks under common standards, systems, and processes to reduce complexity and increase integration.
TAG-140’s DRAT V2 malware upgrade offers a substantial improvement over its initial version.
Posted inCybersecurity News

TAG-140’s DRAT V2 malware upgrade offers a substantial improvement over its initial version.

The new DRAT V2 variant raises significant concerns due to its enhanced operational capabilities, evolved targeting strategy, and improved evasion techniques, which collectively increase its threat to critical infrastructure and national security. DRAT V2 is the latest variant of the DRAT (Delphi Remote Access Trojan) malware, recently identified in a TAG-140 campaign targeting Indian government and critical infrastructure organizations. TAG-140, linked to the SideCopy subgroup and Transparent Tribe (APT36), is known for its evolving and diverse malware arsenal.
Trezor, the creator of hardware wallets, has issued a warning to its customers about a sneaky phishing campaign that uses their support portal.
Posted inCybersecurity News

Trezor, the creator of hardware wallets, has issued a warning to its customers about a sneaky phishing campaign that uses their support portal.

Trezor, a leading manufacturer of hardware cryptocurrency wallets, has issued an urgent alert to its users about a sophisticated phishing campaign that abused its automated support system to send deceptive emails. Attackers exploited Trezor’s public contact form by submitting support requests using real users’ email addresses—likely obtained from previous data breaches—which triggered legitimate-looking automated replies from Trezor’s support system.
A newly discovered campaign, active since at least 2021, targeted 70 Microsoft Exchange servers worldwide using sophisticated keylogger malware.
Posted inCybersecurity News

A newly discovered campaign, active since at least 2021, targeted 70 Microsoft Exchange servers worldwide using sophisticated keylogger malware.

A recent, significant cyberattack campaign has targeted over 70 Microsoft Exchange servers across 26 countries, with the aim of stealing user credentials using sophisticated keylogger malware. The attacks have been documented by cybersecurity researchers, particularly Positive Technologies, who identified two main types of keylogger code injected into the Outlook login pages of compromised servers.
Researchers reveal novel technique for disrupting malicious cryptominer campaigns using Bad Shares or XMRogue tool.
Posted inCybersecurity News

Researchers reveal novel technique for disrupting malicious cryptominer campaigns using Bad Shares or XMRogue tool.

Cybersecurity researchers have developed and demonstrated two novel techniques to disrupt and even shut down malicious cryptominer campaigns, significantly reducing attackers’ revenues and freeing infected machines from exploitation. These methods were detailed in recent reports by Akamai and have shown real-world effectiveness against large-scale botnets.
U.S. House of Representatives officially bans the use of WhatsApp on all government-issued devices
Posted inCybersecurity News

U.S. House of Representatives officially bans the use of WhatsApp on all government-issued devices

The U.S. House of Representatives has officially banned the use of WhatsApp on all government-issued devices for congressional staff, effective immediately. This decision follows a memo from the House’s Chief Administrative Officer (CAO), which classified WhatsApp as a “high-risk” application due to several cybersecurity concerns.
Siemens has informed its customers about a significant problem with Microsoft Defender that could allow discovered malware to remain unnoticed.
Posted inCybersecurity News

Siemens has informed its customers about a significant problem with Microsoft Defender that could allow discovered malware to remain unnoticed.

Siemens recently notified its customers about a significant issue affecting the integration between Microsoft Defender Antivirus (MDAV) and its industrial process control systems, specifically Simatic PCS 7 and PCS Neo products. The core problem identified is that Microsoft Defender Antivirus currently lacks an “alert only” functionality in its configuration settings.