Ionut Ilascu
Author Bio
Ionut Ilascu is a technology writer with a focus on all things cybersecurity. The topics he writes about include malware, vulnerabilities, exploits and security defenses, as well as research and innovation in information security. His work has been published by Bitdefender, Netgear, The Security Ledger and Softpedia.
-
Estée Lauder beauty giant breached by two ransomware gangs
Two ransomware actors, ALPHV/BlackCat and Clop, have listed beauty company Estée Lauder on their data leak sites as a victim of separate attacks.
- July 19, 2023
- 07:51 PM
-
0
-
OpenAI credentials stolen by the thousands for sale on the dark web
Threat actors are showing an increased interest in generative artificial intelligence tools, with hundreds of thousands of OpenAI credentials for sale on the dark web and access to a malicious alternative for ChatGPT.
- July 19, 2023
- 03:26 PM
-
0
-
U.S. preparing Cyber Trust Mark for more secure smart devices
A new cybersecurity certification and labeling program called U.S. Cyber Trust Mark is being shaped to help U.S. consumers choose connected devices that are more secure and resilient to hacker attacks.
- July 18, 2023
- 09:12 PM
-
3
-
New critical Citrix ADC and Gateway flaw exploited as zero-day
Citrix today is alerting customers of a critical-severity vulnerability (CVE-2023-3519) in NetScaler ADC and NetScaler Gateway that already has exploits in the wild, and "strongly urges" to install updated versions without delay.
- July 18, 2023
- 02:00 PM
-
1
-
Genesis Market infrastructure and inventory sold on hacker forum
The administrators of the Genesis Market for stolen credentials announced on a hacker forum that they sold the store and a new owner would get the reins "next month."
- July 14, 2023
- 04:29 PM
-
0
-
New PindOS JavaScript dropper deploys Bumblebee, IcedID malware
Security researchers discovered a new malicious tool they named PindOS that delivers the Bumblebee and IcedID malware typically associated with ransomware attacks.
- June 26, 2023
- 12:39 PM
-
0
-
RDP honeypot targeted 3.5 million times in brute-force attacks
Remote desktop connections are so powerful a magnet for hackers that an exposed connection can average more than 37,000 times every day from various IP addresses.
- June 13, 2023
- 03:38 AM
-
2
-
New Cactus ransomware encrypts itself to evade antivirus
A new ransomware operation called Cactus has been exploiting vulnerabilities in VPN appliances for initial access to networks of "large commercial entities."
- May 07, 2023
- 12:25 PM
-
0
-
Hackers can breach networks using data on resold corporate routers
Enterprise-level network equipment on the secondary market hide sensitive data that hackers could use to breach corporate environments or to obtain customer information.
- April 23, 2023
- 12:32 PM
-
2
-
Hackers start abusing Action1 RMM in ransomware attacks
Security researchers are warning that cybercriminals are increasingly using the Action1 remote access software for persistence on compromised networks and to execute commands, scripts, and binaries.
- April 15, 2023
- 12:45 PM
-
2
-
Microsoft shares guidance to detect BlackLotus UEFI bootkit attacks
Microsoft has shared guidance to help organizations check if hackers targeted or compromised machines with the BlackLotus UEFI bootkit by exploiting the CVE-2022-21894 vulnerability.
- April 12, 2023
- 12:39 PM
-
0
-
CISA orders agencies to patch Backup Exec bugs used by ransomware gang
On Friday, U.S. Cybersecurity and Infrastructure Security Agency (CISA) increased by five its list of security issues that threat actors have used in attacks, three of them in Veritas Backup Exec exploited to deploy ransomware.
- April 07, 2023
- 05:07 PM
-
0
-
FBI seizes stolen credentials market Genesis in Operation Cookie Monster
The domains and infrastructure for Genesis Market, one of the most popular marketplaces for stolen credentials of all types, were seized by law enforcement earlier this week as part of Operation Cookie Monster.
- April 04, 2023
- 04:18 PM
-
0
-
Fake ransomware gang targets U.S. orgs with empty data leak threats
Fake extortionists are piggybacking on data breaches and ransomware incidents, threatening U.S. companies with publishing or selling allegedly stolen data unless they get paid.
- April 01, 2023
- 11:59 AM
-
0
-
FBI: Business email compromise tactics used to defraud U.S. vendors
The Federal Bureau of Investigation is warning companies in the U.S. of threat actors using tactics similar to business email compromise that allow less technical actors to steal various goods from vendors.
- March 26, 2023
- 12:03 PM
-
1
