Browsing tag
A variant of a ransomware strain known as DJVU has been observed to be distributed in the form of cracked software. “While this attack pattern is not new, incidents involving a DJVU variant that appends the .xaro extension to affected files and demanding ransom for a decryptor have been observed infecting systems alongside a host […]
The title of this article probably sounds like the caption to a meme. Instead, this is an actual problem GitGuardian’s engineers had to solve in implementing the mechanisms for their new HasMySecretLeaked service. They wanted to help developers find out if their secrets (passwords, API keys, private keys, cryptographic certificates, etc.) had found their way […]
An active malware campaign is leveraging two zero-day vulnerabilities with remote code execution (RCE) functionality to rope routers and video recorders into a Mirai-based distributed denial-of-service (DDoS) botnet. “The payload targets routers and network video recorder (NVR) devices with default admin credentials and installs Mirai variants when successful,” Akamai said in an advisory published this […]
Today’s security leaders must manage a constantly evolving attack surface and a dynamic threat environment due to interconnected devices, cloud services, IoT technologies, and hybrid work environments. Adversaries are constantly introducing new attack techniques, and not all companies have internal Red Teams or unlimited security resources to stay on top of the latest threats. On […]
A hacking group that leveraged a recently disclosed security flaw in the WinRAR software as a zero-day has now been categorized as an entirely new advanced persistent threat (APT). Cybersecurity company NSFOCUS has described DarkCasino as an “economically motivated” actor that first came to light in 2021. “DarkCasino is an APT threat actor with strong […]
The threat actors behind a new ransomware group called Hunters International have acquired the source code and infrastructure from the now-dismantled Hive operation to kick-start its own efforts in the threat landscape. “It appears that the leadership of the Hive group made the strategic decision to cease their operations and transfer their remaining assets to […]
Cybersecurity researchers have unmasked a prolific threat actor known as farnetwork, who has been linked to five different ransomware-as-a-service (RaaS) programs over the past four years in various capacities. Singapore-headquartered Group-IB, which attempted to infiltrate a private RaaS program that uses the Nokoyawa ransomware strain, said it underwent a “job interview” process with the threat […]
Malicious ads served inside Microsoft Bing’s artificial intelligence (AI) chatbot are being used to distribute malware when searching for popular tools. The findings come from Malwarebytes, which revealed that unsuspecting users can be tricked into visiting booby-trapped sites and installing malware directly from Bing Chat conversations. Introduced by Microsoft in February 2023, Bing Chat is […]
Government and diplomatic entities in the Middle East and South Asia are the target of a new advanced persistent threat actor named GoldenJackal. Russian cybersecurity firm Kaspersky, which has been keeping tabs on the group’s activities since mid-2020, characterized the adversary as both capable and stealthy. The targeting scope of the campaign is focused on […]
A Chinese nation-state group targeted an unnamed Taiwanese media organization to deliver an open source red teaming tool known as Google Command and Control (GC2) amid broader abuse of Google’s infrastructure for malicious ends. The tech giant’s Threat Analysis Group (TAG) attributed the campaign to a threat actor it tracks under the geological and geographical-themed […]
As we are nearing the end of 2022, looking at the most concerning threats of this turbulent year in terms of testing numbers offers a threat-based perspective on what triggers cybersecurity teams to check how vulnerable they are to specific threats. These are the threats that were most tested to validate resilience with the Cymulate […]
The U.S. Department of Justice (DoJ) indicted an employee of the Federal Bureau of Investigation (FBI) for illegally removing numerous national security documents and willfully retaining them at her personal residence during a 13-year period from June 2004 to December 2017. The federal indictment charged Kendra Kingsbury, 48, with two counts of having unauthorized possession […]
In the coming days, it is estimated that businesses and their owners are likely to be targeted by cybercriminals. There is a strong chance that they could be the next victim of Cyber attack. According to bizjournal quoting Ed Cabrera, Chief Cybersecurity officer at Cybersecurity Solutions firm TrendMicro. “Emails from business leaders – such as Chief Executives, Chairpersons or Residents […]
Convenience is the natural enemy of security. Even though security often means creating a process of more sophisticated checks and verifications, convenience often means less of those things actually happen. People are in a rush and they want to get things done now, even if that means they may jeopardize their online safety. Retail businesses […]
Industry research supports the belief that cybercriminals are currently developing many new ways to boost their attack capabilities, on the network and beyond. Drawing conclusions from the collective intelligence of various international security companies, the Global Threat Landscape’s recent report also suggests this shift in thinking has greatly increased a hacker’s general success rate. According to these […]
One of the biggest cyber threats organizations are facing is a Distributed Denial of Service (DDoS), which has the power to bring down systems and essentially stop business in its tracks. Aside from just being a nuisance, this kind of attack can cause significant damage to a company’s reputation, operational capacity—and more importantly, their profits. […]
Spectre and meltdown attacks are two cyber threat vulnerabilities that can expose data in every computer device that requires a CPU (central processing unit) to function. Both cyber attacks can put every smartphone, computer, server and network at risk of losing all sensitive and important data held in its memory. Though Spectre and Meltdown can […]
In the world, users became a victim of ransomware that asked to pay the ransom to unlock their data on the computer. Until Friday, 200000 users were severely hit by this ransomware. There were many accidents because of this ransomware. Operations in prestigious hospitals in the UK were canceled as their IT cell tried to […]
Image: NTI Nuclear Security Index Short Bytes: Today, we are at a crossroads on nuclear security and the emerging threats in the form of cyber attacks and nuclear terrorism. Bur, our nuclear plants have failed to add necessary security measures to handle the cyber threats and potential security breaches. Based upon the two latest security […]