News
Entertainment
Science & Technology
Life
Culture & Art
Hobbies
News
Entertainment
Science & Technology
Culture & Art
Hobbies
Canary Trap’s Bi-Weekly Cyber Roundup - Canary Trap
In today’s rapidly evolving threat landscape, even the most trusted technologies are facing serious challenges. From a critical Chrome vulnerability actively exploited in the wild, to the massive data breach affecting 6.5 million Co, op members, and the alarming rise of BERT ransomware, the urgency to stay informed has never been greater.
Study Warns of Global Systemic Breach - Canary Trap
A joint report from CyberCube and Munich Re warns of the devastating impact a catastrophic cyber event could have on global infrastructure. According to the study, a global malware campaign could infect up to 25% of the world’s computer systems, with 15% fully compromised.
Ivanti Zero-Day Exploited by Chinese Hackers - Canary Trap
Chinese state-linked threat actors have been observed exploiting multiple zero-day vulnerabilities in Ivanti Cloud Services Appliance (CSA) devices as part of a sophisticated campaign targeting French government, telecom, finance, and media sectors.
Canary Trap’s Bi-Weekly Cyber Roundup - Canary Trap
The past week has been marked by significant developments across the cybersecurity landscape. From ongoing fallout at WestJet following a still-unresolved cyberattack, to Ingram Micro's scramble to recover from a ransomware incident, organizations continue to face serious digital threats.
Canary Trap’s Bi-Weekly Cyber Roundup - Canary Trap
In this post, we explore a series of recent cybersecurity incidents and vulnerabilities affecting both public and private sectors. From major financial impacts at companies like Coinbase and Marks & Spencer, to critical infrastructure concerns in Alabama's state government, these developments underscore the growing complexity and reach of cyber threats.
AI-Powered Social Engineering Threats - Canary Trap
Generative AI is rapidly transforming social engineering, making cyberattacks more convincing, scalable, and harder to detect. Once limited by poor grammar and generic templates, phishing schemes can now be tailored with alarming precision using AI models capable of real-time web searches, workflow automation, and multilingual fluency.
AI-Driven Surge in Cyber Threats - Canary Trap
Fortinet’s 2025 Global Threat Landscape Report reveals a sharp escalation in cyber threats driven by AI, automation, and the commoditization of attack tools. Automated scanning surged by 16.7% globally in 2024, enabling attackers to proactively identify exposed infrastructure like SIP, RDP, and IoT protocols.
Canary Trap’s Bi-Weekly Cyber Roundup - Canary Trap
In this week's cybersecurity round-up, we examine a series of high-impact incidents affecting both the public and private sectors. From major retail disruptions at Marks & Spencer and a data breach at Hertz to a municipality taken offline and Microsoft’s sweeping cloud cleanup.
Malware Surge via Proton66 - Canary Trap
Hackers are abusing the infrastructure of Russian bulletproof hosting provider Proton66 to launch global cyberattacks, including mass scanning, credential brute-forcing, and exploitation attempts. Trustwave SpiderLabs identified this surge in activity beginning in January 2025, noting that previously inactive IP addresses were involved in malicious activity.
FBI Cybersecurity Warnings - Canary Trap
Ransomware attacks are on the rise, with threat actors like Clop, FunkSec, and Medusa leading a surge in cyber extortion campaigns. February 2025 saw a dramatic spike in victim disclosures, with Clop alone accounting for 35% of all names listed on data-leak sites. This resurgence follows the disruption of several ransomware gangs in late 2024, creating a vacuum that newer or reemerging groups have quickly filled.
Canary Trap’s Bi-Weekly Cyber Roundup - Canary Trap
In this week’s cybersecurity roundup, we cover a series of critical developments impacting cloud infrastructure, enterprise networks, and user safety. Highlights include Oracle’s confirmation of a cloud breach, a new Microsoft alert on tax-themed malware campaigns, and Medusa ransomware's claim of a high-profile attack on NASCAR. We also examine the rising security risks posed by non-human identities, a critical FortiSwitch vulnerability patched by Fortinet, and urgent guidance from CISA on actively exploited zero-day flaws in CentreStack and Windows.
Surviving Ransomware Attacks - Canary Trap
Ransomware attacks have become a significant threat to businesses, capable of incapacitating operations within hours. According to Verizon's 2024 Data Breach Investigations Report, one-third of all data breaches involve ransomware or similar extortion techniques, affecting 92% of industries. Notably, the 2021 Kaseya incident demonstrated how supply chain vulnerabilities can amplify ransomware's impact across numerous organizations.
Canary Trap’s Bi-Weekly Cyber Roundup - Canary Trap
In this week’s roundup, we will explore several pressing cybersecurity developments, from Medusa ransomware attacks that could have significant financial repercussions, to the increasing cybercriminal activity surrounding major events like March Madness. We’ll also discuss the potential risks posed by 23andMe's bankruptcy filing, a lengthy breach by Chinese hackers in an Asian telecom, and the looming end-of-life for Windows 10, which leaves SMBs vulnerable. Additionally, we’ll examine the evolving landscape of ransomware, with a particular focus on critical infrastructure as a prime target.
Driver-Based Ransomware Tactics - Canary Trap
The Medusa ransomware group is leveraging a malicious driver, dubbed ABYSSWORKER, in a "bring your own vulnerable driver" (BYOVD) attack to disable endpoint detection and response (EDR) systems. Delivered via a loader packed using the HeartCrypt packer-as-a-service, the driver—smuol.sys—mimics a legitimate CrowdStrike Falcon component and is signed with revoked or stolen certificates from Chinese vendors. Once installed, ABYSSWORKER can terminate processes, disable malware defenses, and remove security callbacks, giving attackers control over the system while evading detection.
PHP Under Attack - Canary Trap
A critical PHP vulnerability, CVE-2024-4577, affecting Windows-based PHP installations, has been actively exploited worldwide since its disclosure in June 2024. Initially believed to be primarily targeting Japan, recent telemetry from GreyNoise confirms that mass exploitation has extended to multiple countries, including the United States, United Kingdom, Singapore, Germany, and India. The vulnerability enables remote code execution (RCE), making it a significant threat to compromised systems.
Canary Trap’s Bi-Weekly Cyber Roundup - Canary Trap
In this week's round-up, we explore the latest cybersecurity threats and emerging attack techniques. From OBSCURE#BAT malware deploying rootkits via fake CAPTCHA pages, to a new AI jailbreak method that bypasses safeguards across multiple models, and adversaries continuing to evolve their tactics. We’ll also cover a sophisticated Microsoft 365 phishing scam, the persistent risks posed by remote access infrastructure, and KPMG Canada's warning about rising fraud and cybersecurity threats amid shifting supply chains. Finally, we’ll examine how researchers bypassed ChatGPT’s protections using hexadecimal encoding and emojis.
The Rise of Cyber Mercenaries - Canary Trap
Hack-for-hire services are reshaping the cybercrime landscape, making cyberattacks more accessible to governments, corporations, and individuals. This emerging industry blurs the line between ethical cybersecurity work and outright criminal activities, with some groups selling hacking tools under the guise of security research. The rise of AI-driven hacking and economic desperation among unemployed tech workers has further fueled the growth of cyber mercenaries, making sophisticated cyberattacks easier to execute and harder to regulate.The distinction between
AWS Phishing Exploits - Canary Trap
Threat actors are exploiting AWS misconfigurations to launch phishing campaigns using Amazon Simple Email Service (SES) and WorkMail. Identified as TGR-UNK-0011 (JavaGhost), this group initially focused on website defacement but pivoted to phishing for financial gain in 2022. Rather than exploiting AWS vulnerabilities, the attackers leverage exposed IAM access keys to infiltrate cloud environments, send phishing emails from trusted sources, and bypass security measures.
Canary Trap’s Bi-Weekly Cyber Roundup - Canary Trap
In this week's round-up, we’ll explore a range of critical cybersecurity and tech developments, including the largest theft in history linked to the Bybit hack, Microsoft’s legal actions against AI hackers, and the discovery of nearly 12,000 exposed API keys and passwords in an AI training dataset. We’ll also explore a new malware campaign exploiting the Microsoft Graph API to infect Windows and examine the latest advancements from Google, Microsoft, and Amazon as they compete to create fault-tolerant qubits in quantum computing.