Despite the takedown of the Qakbot threat gang’s infrastructure by the FBI in late August, some of the group’s affiliates are still deploying ransomware through phishing campaigns, according to Cisco Talos. Talos threat researchers found new evidence that a threat actor linked to the Qakbot malware loader (also known as QBot or Pinkslipbot) has been
Month: October 2023
Oct 06, 2023NewsroomCyber Crime / Cryptocurrency As much as $7 billion in cryptocurrency has been illicitly laundered through cross-chain crime, with the North Korea-linked Lazarus Group linked to the theft of roughly $900 million of those proceeds between July 2022 and July of this year. “As traditional entities such as mixers continue to be subject
In February 2023, ESET researchers detected a spearphishing campaign targeting a governmental entity in Guyana. While we haven’t been able to link the campaign, which we named Operation Jacana, to any specific APT group, we believe with medium confidence that a China-aligned threat group is behind this incident. In the attack, the operators used a
Amazon Web Services (AWS) said it will require multi-factor authentication (MFA) for all privileged accounts starting mid-2024, in a bid to improve default security and reduce the risk of account hijacking. From that time, any customers signing into the AWS Management Console with the root user of an AWS Organizations management account will be required
Oct 06, 2023NewsroomCyber Attack / Malware Threat actors have been observed targeting semiconductor companies in East Asia with lures masquerading as Taiwan Semiconductor Manufacturing Company (TSMC) that are designed to deliver Cobalt Strike beacons. The intrusion set, per EclecticIQ, leverages a backdoor called HyperBro, which is then used as a conduit to deploy the commercial
Chinese threat actors are positioning themselves to deploy major cyber-attacks against US critical national infrastructure (CNI) in the event of an escalation of hostilities between the two nations. Microsoft’s latest Digital Defense Report (MDDR) observed a rise in Chinese state-affiliated actors, such as Circle Typhoon and Volt Typhoon, targeting sectors like transportation, utilities, medical infrastructure
Oct 05, 2023NewsroomRansomware / Malware Despite the disruption to its infrastructure, the threat actors behind the QakBot malware have been linked to an ongoing phishing campaign since early August 2023 that led to the delivery of Ransom Knight (aka Cyclops) ransomware and Remcos RAT. This indicates that “the law enforcement operation may not have impacted
We Live Progress, Digital Security In an increasingly complex and interconnected digital landscape, personal cybersecurity empowers you to protect your data, privacy and digital well-being Phil Muncaster 03 Oct 2023 • , 5 min. read We live in a digitally connected world. And for the most part, this has made our lives immeasurably better. Advances
Human Security has exposed a significant monetization method employed by a sophisticated cyber-criminal operation. This operation involved the sale of backdoored off-brand mobile and CTV (Connected TV) Android devices through major retailers, which had originated from repackaging factories in China. The scheme, known as BADBOX, deploys the Triada malware as a “backdoor” on various devices
Oct 04, 2023The Hacker NewsSaaS Security / Enterprise Security Today, mid-sized companies and their CISOs are struggling to handle the growing threat of SaaS security with limited manpower and tight budgets. Now, this may be changing. By focusing on the critical SaaS security needs of these companies, a new approach has emerged that can be
The Madagascar government likely used the Cytrox-developed Predator spyware to conduct political domestic surveillance ahead of the country’s presidential election, according to research by Sekoia. French threat intelligence firm Sekoia’s latest technical analysis of Cytrox’s infrastructure was prompted by recent revelations that Predator had been installed on the iPhone of the former Egyptian MP Ahmed
Oct 03, 2023The Hacker NewsAPI Security / Data Security APIs, also known as application programming interfaces, serve as the backbone of modern software applications, enabling seamless communication and data exchange between different systems and platforms. They provide developers with an interface to interact with external services, allowing them to integrate various functionalities into their own
Thousands of organizations around the world are using industrial control systems (ICS) exposed to the public internet, new analysis from Bitsight has found. The firm discovered nearly 100,000 directly exposed ICS across its inventory of global organizations, including Fortune 1000 businesses. This internet exposure makes it easier for threat actors to infiltrate and control physical
Introduction In today’s interconnected digital ecosystem, Application Programming Interfaces (APIs) play a pivotal role in enabling seamless communication and data exchange between various software applications and systems. APIs act as bridges, facilitating the sharing of information and functionalities. However, as the use of APIs continues to rise, they have become an increasingly attractive target for
Microsoft’s Bing Chat has come under scrutiny due to a significant security concern – the infiltration of malicious ads. Malwarebytes researchers have now demonstrated how unsuspecting users seeking software downloads can be tricked into visiting malicious websites and unwittingly downloading malware. Bing Chat, an artificial intelligence (AI) interactive text and image application powered by OpenAI’s
Sep 30, 2023THNCyber Espionage / Malware Sophisticated cyber actors backed by Iran known as OilRig have been linked to a spear-phishing campaign that infects victims with a new strain of malware called Menorah. “The malware was designed for cyberespionage, capable of identifying the machine, reading and uploading files from the machine, and downloading another file