Month: November 2023

0 Comments
Threat actors have been observed exploiting a critical vulnerability, CVE-2023-46604, in Apache systems.  Over the past few weeks, Fortiguard Labs identified multiple threat actors leveraging this vulnerability to unleash several malware strains. Among the discoveries is the emergence of a newly discovered Golang-based botnet named GoTitan. This sophisticated botnet has raised concerns due to its ability
0 Comments
Digital Security The technology is both widely available and well developed, hence it’s also poised to proliferate – especially in the hands of those wishing ill Cameron Camp 29 Nov 2023  •  , 2 min. read Who would be to blame if your plane got tricked into flying into a war zone? If GPS gets
0 Comments
Nov 30, 2023NewsroomHacking / Cryptocurrency The U.S. Treasury Department on Wednesday imposed sanctions against Sinbad, a virtual currency mixer that has been put to use by the North Korea-linked Lazarus Group to launder ill-gotten proceeds. “Sinbad has processed millions of dollars’ worth of virtual currency from Lazarus Group heists, including the Horizon Bridge and Axie
0 Comments
Security researchers have uncovered the continuation and expansion of an Android mobile banking Trojan campaign targeting major Iranian banks.  Initially discovered in July 2023, the campaign has not only persisted but has also evolved with enhanced capabilities, according to a new report by Zimperium malware analysts Aazim Bill SE Yaswant and Vishnu Pratapagiri. A prior
0 Comments
Nov 29, 2023NewsroomCyber Attack / Data Breach Identity services provider Okta has disclosed that it detected “additional threat actor activity” in connection with the October 2023 breach of its support case management system. “The threat actor downloaded the names and email addresses of all Okta customer support system users,” the company said in a statement
0 Comments
Fidelity National Financial (FNF) has disclosed a cybersecurity incident that prompted the company to take down certain systems. The company made the announcement in a recent Form 8-K filing with the Securities and Exchange Commission (SEC) dated November 19 2023. A prominent player in the real estate and mortgage industry, FNF said it initiated an immediate
0 Comments
Nov 28, 2023NewsroomMalware / Cyber Espionage The North Korean threat actors behind macOS malware strains such as RustBucket and KANDYKORN have been observed “mixing and matching” different elements of the two disparate attack chains, leveraging RustBucket droppers to deliver KANDYKORN. The findings come from cybersecurity firm SentinelOne, which also tied a third macOS-specific malware called
0 Comments
Security researchers have warned of triple-digit increase in the volume of phishing emails designed to trick shoppers, ahead of the Black Friday online sales bonanza which starts today. For the past few years, the Amazon-inspired event has signaled the unofficial start of the busy shopping season running through to the end of December. However, it
0 Comments
Nov 27, 2023NewsroomArtificial Intelligence / Privacy The U.K. and U.S., along with international partners from 16 other countries, have released new guidelines for the development of secure artificial intelligence (AI) systems. “The approach prioritizes ownership of security outcomes for customers, embraces radical transparency and accountability, and establishes organizational structures where secure design is a top
0 Comments
Security researchers have found a way to bypass the popular Windows Hello fingerprint authentication technology, after discovering multiple vulnerabilities. Microsoft’s Offensive Research and Security Engineering (MORSE) asked Blackwing Intelligence to evaluate the security of the top three fingerprint sensors embedded in laptops. The firm studied a Dell Inspiron 15, a Lenovo ThinkPad T14 and a Microsoft
0 Comments
Video ESET’s research team reveals details about the onboarding process of the Telekopye scam operation and the various methods that the fraudsters use to defraud people online 24 Nov 2023 How do aspiring fraudsters become members of a scam operation that helps them defraud people on online marketplaces? ESET researchers recently discovered and analyzed Telekopye,
0 Comments
Nov 25, 2023NewsroomData Security / Vulnerability The maintainers of the open-source file-sharing software ownCloud have warned of three critical security flaws that could be exploited to disclose sensitive information and modify files. A brief description of the vulnerabilities is as follows – Disclosure of sensitive credentials and configuration in containerized deployments impacting graphapi versions from
0 Comments
House sales and purchases across the UK have been disrupted by a cyber-attack affecting multiple conveyancing firms. CTS, a legal sector specialist infrastructure service provider, confirmed in a statement that it has experienced a service outage caused by a cyber-incident. The firm said the cyber-attack has impacted a portion of the services it delivers to
0 Comments
We recently published a blogpost about Telekopye, a Telegram bot that helps cybercriminals scam people in online marketplaces. Telekopye can craft phishing websites, emails, SMS messages, and more. In the first part, we wrote about technical details of Telekopye and hinted at hierarchical structure of its operational groups. In this second part, we focus on
0 Comments
Nov 25, 2023NewsroomCyber Attack / Threat Intelligence An unspecified government entity in Afghanistan was targeted by a previously undocumented web shell called HrServ in what’s suspected to be an advanced persistent threat (APT) attack. The web shell, a dynamic-link library (DLL) named “hrserv.dll,” exhibits “sophisticated features such as custom encoding methods for client communication and
0 Comments
The Akamai Security Incident Response Team (SIRT) has detected increased activity targeting a rarely used TCP port across its global honeypots.  The investigation conducted in late October 2023 revealed a specific HTTP exploit path, identifying two zero-day exploits being actively leveraged in the wild.  The first exploit targeted network video recorders (NVRs) used in CCTV
0 Comments
Digital Security AI-driven voice cloning can make things far too easy for scammers – I know because I’ve tested it so that you don’t have to learn about the risks the hard way. Jake Moore 22 Nov 2023  •  , 6 min. read The recent theft of my voice brought me to a new fork in the
0 Comments
Nov 24, 2023NewsroomCloud security / Data Protection Cybersecurity researchers are warning of publicly exposed Kubernetes configuration secrets that could put organizations at risk of supply chain attacks. “These encoded Kubernetes configuration secrets were uploaded to public repositories,” Aqua security researchers Yakir Kadkoda and Assaf Morag said in a new research published earlier this week. Some
0 Comments
A critical vulnerability in Apache ActiveMQ, identified as CVE-2023-46604, has been exposed, revealing an active exploitation scenario by the notorious Kinsing malware.  According to an advisory published by Trend Micro on Monday, the discovery underscores the implications for Linux systems, as the vulnerability allows for remote code execution (RCE) due to inadequate validation of throwable
0 Comments
Nov 23, 2023NewsroomSoftware Supply Chain Attack A North Korean state-sponsored threat actor tracked as Diamond Sleet is distributing a trojanized version of a legitimate application developed by a Taiwanese multimedia software developer called CyberLink to target downstream customers via a supply chain attack. “This malicious file is a legitimate CyberLink application installer that has been
0 Comments
Security researchers have detected a Russian-language Word document carrying a malicious macro in the ongoing Konni campaign.  Despite its September 2023 creation date, FortiGuard Labs’ internal telemetry revealed continued activity on the campaign’s command-and-control (C2) server.  This long-running campaign utilizes a remote access Trojan (RAT) capable of extracting information and executing commands on compromised devices, employing
0 Comments
The US Cybersecurity and Infrastructure Security Agency (CISA) has released a Mitigation Guide specifically tailored for the Healthcare and Public Health (HPH) sector. The new guide outlines defensive mitigation strategies and best practices to counteract prevalent cyber-threats targeting critical infrastructure in the healthcare domain. The paper, published on Friday, emphasizes the importance of vulnerability management,
0 Comments
Nov 21, 2023NewsroomCyber Attack / Cyber Espionage The China-linked Mustang Panda actor has been linked to a cyber attack targeting a Philippines government entity amid rising tensions between the two countries over the disputed South China Sea. Palo Alto Networks Unit 42 attributed the adversarial collective to three campaigns in August 2023, primarily singling out
0 Comments
Royal Mail has revealed a multimillion-pound cost attached to a serious ransomware breach it suffered earlier this year. The British postal service company was hit by a LockBit affiliate, in an incident which caused “severe service disruption” for items sent abroad. It later transpired that the ransomware actors were demanding nearly $80m from the firm
0 Comments
An Indian hack-for-hire group targeted the U.S., China, Myanmar, Pakistan, Kuwait, and other countries as part of a wide-ranging espionage, surveillance, and disruptive operation for over a decade. The Appin Software Security (aka Appin Security Group), according to an in-depth analysis from SentinelOne, began as an educational startup offering offensive security training programs, while carrying
0 Comments
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have released a detailed cybersecurity advisory on the sophisticated Scattered Spider threat group, urging critical infrastructure (CNI) firms to implement its mitigation recommendations. The group (also known as 0ktapus, Starfraud, UNC3944, Scatter Swine, Octo Tempest and Muddled Libra) is thought to be responsible for big-name