Browsing tag
Introduction The modern software supply chain represents an ever-evolving threat landscape, with each package added to the manifest introducing new attack vectors. To meet industry requirements, organizations must maintain a fast-paced development process while staying up-to-date with the latest security patches. However, in practice, developers often face a large amount of security work without clear […]
The threat actors behind the Mispadu banking Trojan have become the latest to exploit a now-patched Windows SmartScreen security bypass flaw to compromise users in Mexico. The attacks entail a new variant of the malware that was first observed in 2019, Palo Alto Networks Unit 42 said in a report published last week. Propagated via […]
Conor Brian Fitzpatrick has been sentenced to time served and 20 years of supervised release for his role as the creator and administrator of BreachForums. Fitzpatrick, who went by the online alias “pompompurin,” was arrested in March 2023 in New York and was subsequently charged with conspiracy to commit access device fraud and possession of […]
While intended for convenience and efficient communication, email auto-forwarding rules can inadvertently lead to the unauthorized dissemination of sensitive information to external entities, putting confidential data at risk of exposure to unauthorized parties. Wing Security (Wing), a SaaS security company, announced yesterday that their SaaS shadow IT discovery methods now include a solution that solves […]
QNAP has released security updates to address two critical security flaws impacting its operating system that could result in arbitrary code execution. Tracked as CVE-2023-23368 (CVSS score: 9.8), the vulnerability is described as a command injection bug affecting QTS, QuTS hero, and QuTScloud. “If exploited, the vulnerability could allow remote attackers to execute commands via […]
Cybersecurity researchers have discovered malicious Android apps for Signal and Telegram distributed via the Google Play Store and Samsung Galaxy Store that are engineered to deliver the BadBazaar spyware on infected devices. Slovakian company ESET attributed the campaign to a China-linked actor called GREF. “Most likely active since July 2020 and since July 2022, respectively, […]
The threat actors behind the HiatusRAT malware have returned from their hiatus with a new wave of reconnaissance and targeting activity aimed at Taiwan-based organizations and a U.S. military procurement system. Besides recompiling malware samples for different architectures, the artifacts are said to have been hosted on new virtual private servers (VPSs), Lumen Black Lotus […]
Advanced persistent threat (APT) actors exploited a recently disclosed critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) as a zero-day since at least April 2023 in attacks directed against Norwegian entities, including a government network. The disclosure comes as part of a new joint advisory released by the Cybersecurity and Infrastructure Security Agency (CISA) and […]
Are you concerned about ransomware attacks? You’re not alone. In recent years, these attacks have become increasingly common and can cause significant damage to organizations of all sizes. But there’s good news – with the right security measures in place, such as real-time MFA and service account protection, you can effectively protect yourself against these […]
The prolific Iranian nation-state group known as Charming Kitten is actively targeting multiple victims in the U.S., Europe, the Middle East and India with a novel malware dubbed BellaCiao, adding to its ever-expanding list of custom tools. Discovered by Bitdefender Labs, BellaCiao is a “personalized dropper” that’s capable of delivering other malware payloads onto a […]
The Dutch police announced the arrest of three individuals in connection with a “large-scale” criminal operation involving data theft, extortion, and money laundering. The suspects include two 21-year-old men from Zandvoort and Rotterdam and an 18-year-old man without a permanent residence. The arrests were made on January 23, 2023. It’s estimated that the hackers stole […]
The U.K. National Cyber Security Centre (NCSC) on Thursday warned of spear-phishing attacks mounted by Russian and Iranian state-sponsored actors for information-gathering operations. “The attacks are not aimed at the general public but targets in specified sectors, including academia, defense, government organizations, NGOs, think tanks, as well as politicians, journalists, and activists,” the NCSC said. […]
Cybercriminals are increasingly leveraging malicious LNK files as an initial access method to download and execute payloads such as Bumblebee, IcedID, and Qakbot. A recent study by cybersecurity experts has shown that it is possible to identify relationships between different threat actors by analyzing the metadata of malicious LNK files, uncovering information such as the […]
Signal, a cross-platform centralized encrypted instant messaging service declares that a data breach at Cloud Communication Company Twilio exposed almost 1,900 Signal users’ phone numbers. Twilio provides phone number verification services for Signal and notably on August 4th, it disclosed that attackers hacked its network. “All users can rest assured that their message history, contact […]
The Cisco Nexus Dashboard data center management solution was found to have severe vulnerabilities that Cisco has addressed recently. The total number of vulnerabilities identified was 45, which affected a wide variety of products and services. A remote attacker can exploit these vulnerabilities to execute commands or perform actions with root privileges or Administrator permissions […]
In order to conceal malicious processes, a new Linux rootkit malware dubbed, ‘Syslogk’ has been hacking computers by using specially crafted “magic packets” and specially crafted exploits to wake up a hidden backdoor that is hidden on the machine. The new malware was discovered by researchers at the antivirus firm Avast. Based on an open-source […]
Ransomware is on the rise. In fact, it is estimated that a new attack will occur every 11 seconds. By the time it takes you to read this sentence, your organization might be under attack from a new ransom group looking to cash out. Malicious links and attachments are among the main causes of phishing […]
The CSA and FBI have collaboratively conducted various types of analysis over hacking activity. There have been speculations on Russian State-Sponsored threat actors and their targets over Ukraine and other parts of the world. Recently, they have exploited an NGO that was using Cisco’s Duo MFA which had enabled access to cloud and email accounts […]
The Tech giant reported that their systems were compromised by the hacker group LAPSUS$ who were also responsible for the Nvidia data breach. On February 28, hackers gained access to Samsung’s confidential data including source code for their Galaxy smartphones. However, the company stated that a data breach occurred but no data relating to the […]
Cybercriminals leverage multiple methods to bring financial gain. Most of the ways are based on infiltrating an organization’s network and gaining unauthenticated access, which will lead to disruption in their operations. This can be achieved by Ransomware or DDoS Extortion attacks. Ransomware and DDoS extortion attacks are both threats businesses should take seriously. Here are […]
Several spyware campaigns have been discovered recently by the security researchers at Kaspersky Labs in which the industrial enterprises were targeted by the threat actors to steal corporate credentials and resell them. To evade detection, the threat actors use different types of spyware tools and deploy them for a very restricted time interval, as doing […]