News
Entertainment
Science & Technology
Life
Culture & Art
Hobbies
News
Entertainment
Science & Technology
Culture & Art
Hobbies
Canary Trap’s Bi-Weekly Cyber Roundup - Canary Trap
In today’s rapidly evolving threat landscape, even the most trusted technologies are facing serious challenges. From a critical Chrome vulnerability actively exploited in the wild, to the massive data breach affecting 6.5 million Co, op members, and the alarming rise of BERT ransomware, the urgency to stay informed has never been greater.
Study Warns of Global Systemic Breach - Canary Trap
A joint report from CyberCube and Munich Re warns of the devastating impact a catastrophic cyber event could have on global infrastructure. According to the study, a global malware campaign could infect up to 25% of the world’s computer systems, with 15% fully compromised.
Ivanti Zero-Day Exploited by Chinese Hackers - Canary Trap
Chinese state-linked threat actors have been observed exploiting multiple zero-day vulnerabilities in Ivanti Cloud Services Appliance (CSA) devices as part of a sophisticated campaign targeting French government, telecom, finance, and media sectors.
Canary Trap’s Bi-Weekly Cyber Roundup - Canary Trap
The past week has been marked by significant developments across the cybersecurity landscape. From ongoing fallout at WestJet following a still-unresolved cyberattack, to Ingram Micro's scramble to recover from a ransomware incident, organizations continue to face serious digital threats.
Canary Trap’s Bi-Weekly Cyber Roundup - Canary Trap
In this post, we explore a series of recent cybersecurity incidents and vulnerabilities affecting both public and private sectors. From major financial impacts at companies like Coinbase and Marks & Spencer, to critical infrastructure concerns in Alabama's state government, these developments underscore the growing complexity and reach of cyber threats.
AI-Powered Social Engineering Threats - Canary Trap
Generative AI is rapidly transforming social engineering, making cyberattacks more convincing, scalable, and harder to detect. Once limited by poor grammar and generic templates, phishing schemes can now be tailored with alarming precision using AI models capable of real-time web searches, workflow automation, and multilingual fluency.
AI-Driven Surge in Cyber Threats - Canary Trap
Fortinet’s 2025 Global Threat Landscape Report reveals a sharp escalation in cyber threats driven by AI, automation, and the commoditization of attack tools. Automated scanning surged by 16.7% globally in 2024, enabling attackers to proactively identify exposed infrastructure like SIP, RDP, and IoT protocols.
Canary Trap’s Bi-Weekly Cyber Roundup - Canary Trap
In this week's cybersecurity round-up, we examine a series of high-impact incidents affecting both the public and private sectors. From major retail disruptions at Marks & Spencer and a data breach at Hertz to a municipality taken offline and Microsoft’s sweeping cloud cleanup.
Malware Surge via Proton66 - Canary Trap
Hackers are abusing the infrastructure of Russian bulletproof hosting provider Proton66 to launch global cyberattacks, including mass scanning, credential brute-forcing, and exploitation attempts. Trustwave SpiderLabs identified this surge in activity beginning in January 2025, noting that previously inactive IP addresses were involved in malicious activity.
FBI Cybersecurity Warnings - Canary Trap
Ransomware attacks are on the rise, with threat actors like Clop, FunkSec, and Medusa leading a surge in cyber extortion campaigns. February 2025 saw a dramatic spike in victim disclosures, with Clop alone accounting for 35% of all names listed on data-leak sites. This resurgence follows the disruption of several ransomware gangs in late 2024, creating a vacuum that newer or reemerging groups have quickly filled.
Canary Trap’s Bi-Weekly Cyber Roundup - Canary Trap
In this week’s cybersecurity roundup, we cover a series of critical developments impacting cloud infrastructure, enterprise networks, and user safety. Highlights include Oracle’s confirmation of a cloud breach, a new Microsoft alert on tax-themed malware campaigns, and Medusa ransomware's claim of a high-profile attack on NASCAR. We also examine the rising security risks posed by non-human identities, a critical FortiSwitch vulnerability patched by Fortinet, and urgent guidance from CISA on actively exploited zero-day flaws in CentreStack and Windows.
Surviving Ransomware Attacks - Canary Trap
Ransomware attacks have become a significant threat to businesses, capable of incapacitating operations within hours. According to Verizon's 2024 Data Breach Investigations Report, one-third of all data breaches involve ransomware or similar extortion techniques, affecting 92% of industries. Notably, the 2021 Kaseya incident demonstrated how supply chain vulnerabilities can amplify ransomware's impact across numerous organizations.
Canary Trap’s Bi-Weekly Cyber Roundup - Canary Trap
In this week’s roundup, we will explore several pressing cybersecurity developments, from Medusa ransomware attacks that could have significant financial repercussions, to the increasing cybercriminal activity surrounding major events like March Madness. We’ll also discuss the potential risks posed by 23andMe's bankruptcy filing, a lengthy breach by Chinese hackers in an Asian telecom, and the looming end-of-life for Windows 10, which leaves SMBs vulnerable. Additionally, we’ll examine the evolving landscape of ransomware, with a particular focus on critical infrastructure as a prime target.
Driver-Based Ransomware Tactics - Canary Trap
The Medusa ransomware group is leveraging a malicious driver, dubbed ABYSSWORKER, in a "bring your own vulnerable driver" (BYOVD) attack to disable endpoint detection and response (EDR) systems. Delivered via a loader packed using the HeartCrypt packer-as-a-service, the driver—smuol.sys—mimics a legitimate CrowdStrike Falcon component and is signed with revoked or stolen certificates from Chinese vendors. Once installed, ABYSSWORKER can terminate processes, disable malware defenses, and remove security callbacks, giving attackers control over the system while evading detection.