Recently on March 22, 2022, several screenshots from the computer of one of Okta’s third-party support technicians were published online by the Lapsus$ hacking group claiming to have stolen sensitive data. There are many companies such as FedEx, Moody’s Corp (MCO.N), Peloton, SONOS, T-Mobile that rely on Okta to provide access to their networks primarily […]
A web application firewall (WAF) is a program designed to analyze incoming requests to a web server and, according to the rules established by administrators, filter those requests that may be dangerous for an online platform. According to specialists in web application security, the use of WAF solutions limits the risk of exploitation of known […]
A Russian-speaking ransomware outfit likely targeted an unnamed entity in the gambling and gaming sector in Europe and Central America by repurposing custom tools developed by other APT groups like Iran’s MuddyWater, new research has found. The unusual attack chain involved the abuse of stolen credentials to gain unauthorized access to the victim network, ultimately […]
A court in Ontario, Canada has sentenced Sebastien Vachon-Desjardins to seven years in prison after pleading guilty to participating as an affiliate in the dangerous NetWalker ransomware operation. The defendant reportedly pleaded guilty to five criminal charges, including data theft, extortion, conspiracy to commit fraud and illegal access to protected computer systems. In addition to […]
Having successfully compromised more than 300 Russian websites, Anonymous hackers are offering the Kremlin-sent military 5 million rubles (about $45,000 USD) for each tank withdrawn from combat in a bid to deplete Vladimir Putin forces. The hacktivists claim to have more than a billion rubles to carry out their plan, so they advise Russian troops […]
Spanish authorities announced the arrest of five people accused of hacking a cryptocurrency exchange company, an incident that resulted in the theft of more than €6 million. This is the first case of cryptocurrency fraud that Spain police have solved. Reports suggest that the hackers in charge of this operation used a sophisticated variant of […]
Researchers from China’s Pangu Lab have disclosed details of a “top-tier” backdoor put to use by the Equation Group, an advanced persistent threat (APT) with alleged ties to the cyber-warfare intelligence-gathering unit of the U.S. National Security Agency (NSA). Dubbed “Bvp47” owing to numerous references to the string “Bvp” and the numerical value “0x47” used […]
Users of Horde Webmail are being urged to disable a feature to contain a nine-year-old unpatched security vulnerability in the software that could be abused to gain complete access to email accounts simply by previewing an attachment. “This gives the attacker access to all sensitive and perhaps secret information a victim has stored in their […]
Entities in the aviation, aerospace, transportation, manufacturing, and defense industries have been targeted by a persistent threat group since at least 2017 as part of a string of spear-phishing campaigns mounted to deliver a variety of remote access trojans (RATs) on compromised systems. The use of commodity malware such as AsyncRAT and NetWire, among others, […]
A threat actor with potential links to an Indian cybersecurity company has been nothing if remarkably persistent in its attacks against military organizations based in South Asia, including Bangladesh, Nepal, and Sri Lanka, since at least September 2020 by deploying different variants of its bespoke malware framework. Slovak cybersecurity firm ESET attributed the highly targeted […]
For almost five years, SecureList researchers reported the identification of an Advanced Persistent Threat (APT) group apparently linked to the infamous Lazarus Group and, unlike other similar groups, with obvious financial motivations, as seen during Bangladesh Central Bank attack back in 2016. Dubbed as BlueNoroff, this group had a huge malicious arsenal, including malware variants, […]
The U.S. Cyber Command (USCYBERCOM) on Wednesday officially confirmed MuddyWater’s ties to the Iranian intelligence apparatus, while simultaneously detailing the various tools and tactics adopted by the espionage actor to burrow into victim networks. “MuddyWater has been seen using a variety of techniques to maintain access to victim networks,” USCYBERCOM’s Cyber National Mission Force (CNMF) […]
In a statement, the Strategic Operations Unit of the Delhi Police, India, unveiled the dismantling of a hacking operation dedicated to resolving online exams, which also led to the issuance of arrest warrants for six individuals, one of whom remains at large. The arrested individuals were found in raids deployed in Mumbai, Delhi, Gurugram and […]
Trojanized installers of the Telegram messaging application are being used to distribute the Windows-based Purple Fox backdoor on compromised systems. That’s according to new research published by Minerva Labs, describing the attack as different from intrusions that typically take advantage of legitimate software for dropping malicious payloads. “This threat actor was able to leave most […]
In recent days it was revealed the detection of a new attack vector for the successful exploitation of remote code execution (RCE) vulnerabilities in Log4j, the Java logging library present in millions of implementations. According to the report, this attack method relies on a JavaScript WebSocket connection to trigger the error locally through a drive-by […]
A previously undocumented, financially motivated threat group has been connected to a string of data theft and extortion attacks on over 40 entities between September and November 2021. The hacker collective, which goes by the self-proclaimed name Karakurt and was first identified in June 2021, is capable of modifying its tactics and techniques to adapt […]
The Unit’s boss Gen. Paul Nakasone said that the US military computer operatives are ready to target ransomware gangs and state actors, whoever poses a threat to critical US infrastructure. The US military’s hacking division called Cyber Command is taking aggressive steps to fight cybercrime gangs targeting American organizations with ransomware. According to the unit’s […]
At least 300,000 IP addresses associated with MikroTik devices have been found vulnerable to multiple remotely exploitable security vulnerabilities that have since been patched by the popular supplier of routers and wireless ISP devices. The most affected devices are located in China, Brazil, Russia, Italy, Indonesia, with the U.S. coming in at number eight, cybersecurity […]
Israel’s Ministry of Defense has dramatically restricted the number of countries to which cybersecurity firms in the country are allowed to sell offensive hacking and surveillance tools to, cutting off 65 nations from the export list. The revised list, details of which were first reported by the Israeli business newspaper Calcalist, now only includes 37 […]
Russian cybercrime and hacking forums are opening doors to Chinese and English-speaking threat actors, which so far had been a relatively restricted domain for them. Researchers at threat intelligence firm Flashpoint have observed a spike in activities of Chinese origin and Mandarin-speaking hackers on RAMP, a Russian-language ransomware forum, and other illegal communities on the […]
A corporate cyber-espionage hacker group has resurfaced after a seven-month hiatus with new intrusions targeting four companies this year, including one of the largest wholesale stores in Russia, while simultaneously making tactical improvements to its toolset in an attempt to thwart analysis. “In every attack, the threat actor demonstrates extensive red teaming skills and the […]