The threat actors behind the 8Base ransomware are leveraging a variant of the Phobos ransomware to conduct their financially motivated attacks. The findings come from Cisco Talos, which has recorded an increase in activity carried out by cybercriminals. “Most of the group’s Phobos variants are distributed by SmokeLoader, a backdoor trojan,” security researcher Guilherme Venere
Month: November 2023
involving the spoofing of luxury brands, including Louis Vuitton, Rolex, and Ray-Ban. The hackers craft enticing emails promising heavy discounts on these luxury products, with the email addresses manipulated to mimic the authenticity of the brands. Despite the appearance of legitimacy, a closer look reveals that the email origins have no connection to the actual
Video An attack against a port operator that ultimately hobbled some 40 percent of Australia’s import and export capacity highlights the kinds of supply chain shocks that a successful cyberattack can cause 17 Nov 2023 This week, one of Australia’s major port operators, DP World, had to pull the plug on its internet connection and
Nov 18, 2023NewsroomCyber Attack / USB Worm Russian cyber espionage actors affiliated with the Federal Security Service (FSB) have been observed using a USB propagating worm called LitterDrifter in attacks targeting Ukrainian entities. Check Point, which detailed Gamaredon’s (aka Aqua Blizzard, Iron Tilden, Primitive Bear, Shuckworm, and Winterflounder) latest tactics, branded the group as engaging
The Cloud Security Alliance (CSA) has introduced the Certificate of Competence in Zero Trust (CCZT), the industry’s inaugural authoritative zero trust certification. CSA said the certification responds to the evolving landscape of pervasive technology and the inadequacy of legacy security models. It aims to equip security professionals with the knowledge necessary to develop and implement
Nov 17, 2023NewsroomPatch Management / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild. The vulnerabilities are as follows – CVE-2023-36584 (CVSS score: 5.4) – Microsoft Windows Mark-of-the-Web (MotW) Security Feature Bypass Vulnerability
The US Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has unveiled its inaugural roadmap for artificial intelligence (AI). The initiative aligns with President Biden’s recent Executive Order, which directed DHS to globally promote AI safety standards, safeguard US networks and critical infrastructure, and address the potential weaponization of AI. The roadmap
Nov 16, 2023NewsroomCyber Warfare / Threat Intelligence Russian threat actors have been possibly linked to what’s been described as the “largest cyber attack against Danish critical infrastructure,” in which 22 companies associated with the operation of the country’s energy sector were targeted in May 2023. “22 simultaneous, successful cyberattacks against Danish critical infrastructure are not
Security researchers have discovered a total of 3938 unique secrets on PyPI, the official third-party package management system for the Python community, across all projects, with 768 of them validated as authentic. Notably, 2922 projects contained at least one unique secret. Among the leaked secrets were various credentials, including AWS Keys, Redis credentials, Google API
We Live Progress Discover six games that will provide valuable knowledge while turning learning about digital security into an enjoyable and rewarding adventure Luiza Pires 14 Nov 2023 • , 4 min. read In this day and age, knowing your way around the digital world is not merely a valuable asset – it is a
Nov 15, 2023NewsroomPatch Tuesday / Zero-Day Microsoft has released fixes to address 63 security bugs in its software for the month of November 2023, including three vulnerabilities that have come under active exploitation in the wild. Of the 63 flaws, three are rated Critical, 56 are rated Important, and four are rated Moderate in severity.
The global online gaming community is facing a rising threat from cyber-criminals exploiting vulnerabilities inherent in gamers’ interactions with digital content. A recent report by Sekoia.io has shed light on a targeted campaign using Discord messages and fake download websites to distribute information-stealing malware within the gaming sphere. According to the post, gamers, in their quest for
Secure Coding Through engaging hacking challenges and competitions, CTFs offer an excellent opportunity to test and enhance your security and problem-solving skills Christian Ali Bravo 13 Nov 2023 • , 3 min. read Cybersecurity is not only an ever-evolving and increasingly important concern in our digital age, but it can also be a lot of
Nov 14, 2023NewsroomCyber Attack / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given a November 17, 2023, deadline for federal agencies and organizations to apply mitigations to secure against a number of security flaws in Juniper Junos OS that came to light in August. The agency on Monday added five vulnerabilities to
Two giants of the banking and legal sectors have been breached by suspected ransomware actors, according to reports. Allen & Overy is one of the UK’s “Magic Circle” law firms. It released a statement yesterday revealing a “data incident” impacting a “small number of storage servers.” Although the firm did not name ransomware as the
Business Security By collecting, analyzing and contextualizing information about possible cyberthreats, including the most advanced ones, threat intelligence offers a critical method to identify, assess and mitigate cyber risk Phil Muncaster 10 Nov 2023 • , 4 min. read When it comes to mitigating an organization’s cyber risk, knowledge and expertise are power. That alone
Nov 13, 2023NewsroomNational Security / Cyber Attack Cybersecurity researchers have discovered what they say is malicious cyber activity orchestrated by two prominent Chinese nation-state hacking groups targeting 24 Cambodian government organizations. “This activity is believed to be part of a long-term espionage campaign,” Palo Alto Networks Unit 42 researchers said in a report last week.
Microsoft has revealed a new threat campaign exploiting a zero-day vulnerability in the popular SysAid IT helpdesk software. Posting to X (formerly Twitter) yesterday, the Microsoft Threat Intelligence account said the group is the same one responsible for the MOVEit data theft and extortion campaign – a threat actor known as Lace Tempest (aka DEV-0950,
The Urdu version of the Hunza News website offers readers the option to download an Android app – little do they know that the app is actually spyware 10 Nov 2023 This week, ESET researchers have described the ins and outs of a so-called watering-hole attack against a news website that delivers news about Gilgit-Baltistan,
Nov 11, 2023NewsroomThreat Intelligence / Cybercrime A sub-cluster within the infamous Lazarus Group has established new infrastructure that impersonates skills assessment portals as part of its social engineering campaigns. Microsoft attributed the activity to a threat actor it calls Sapphire Sleet, describing it as a “shift in the persistent actor’s tactics.” Sapphire Sleet, also called
Most British lawmakers are unaware or misinformed about how and where facial recognition technology (FRT) is being used, and the privacy threats it poses, according to a new Privacy International study. The rights group commissioned YouGov to poll 114 UK MPs about the technology, which uses AI to extract biometric data from facial images captured
ESET researchers have identified what appears to be a watering-hole attack on a regional news website that delivers news about Gilgit-Baltistan, a disputed region administered by Pakistan. When opened on a mobile device, the Urdu version of the Hunza News website offers readers the possibility to download the Hunza News Android app directly from the
Nov 10, 2023NewsroomCyber Warfare / Network Security The notorious Russian hackers known as Sandworm targeted an electrical substation in Ukraine last year, causing a brief power outage in October 2022. The findings come from Google’s Mandiant, which described the hack as a “multi-event cyber attack” leveraging a novel technique for impacting industrial control systems (ICS).
The Kaspersky Cyber Threat Intelligence team has unveiled crucial insights into the tactics, techniques and procedures (TTPs) employed by Asian Advanced Persistent Threat (APT) groups. The 370-page report, Modern Asian APT groups: Tactics, Techniques and Procedures, published today, is based on an examination of around one hundred cybersecurity incidents that unfolded across different regions globally, commencing
Nov 10, 2023NewsroomPrivacy / Cyber Espionage Urdu-speaking readers of a regional news website that caters to the Gilgit-Baltistan region have likely emerged as a target of a watering hole attack designed to deliver a previously undocumented Android spyware dubbed Kamran. The campaign, ESET has discovered, leverages Hunza News (urdu.hunzanews[.]net), which, when opened on a mobile
A new threat intelligence assessment released by Microsoft’s Threat Analysis Center (MTAC) has warned of potential unprecedented challenges to the security of elections over the next year. In its latest report, Microsoft suggested that authoritarian nation states may attempt to interfere with electoral processes using a combination of traditional methods and emerging technologies, including AI.
Nov 09, 2023NewsroomCyber Attack / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw in the Service Location Protocol (SLP) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-29552 (CVSS score: 7.5), the issue relates to a denial-of-service (DoS) vulnerability that could be
The Singapore-based luxury complex Marina Bay Sands revealed it was hit by a security incident that exposed the personal data of 665,000 customers. According to a statement published by the resort, the incident occurred on October 19-20 and involved unauthorized third-party access to its non-casino customers’ loyalty program membership data. The leaked data included personally
Business Security Organizations that intend to tap the potential of LLMs must also be able to manage the risks that could otherwise erode the technology’s business value Phil Muncaster 06 Nov 2023 • , 5 min. read Everyone’s talking about ChatGPT, Bard and generative AI as such. But after the hype inevitably comes the reality
Nov 07, 2023NewsroomEndpoint Security / Malware The North Korea-linked nation-state group called BlueNoroff has been attributed to a previously undocumented macOS malware strain dubbed ObjCShellz. Jamf Threat Labs, which disclosed details of the malware, said it’s used as part of the RustBucket malware campaign, which came to light earlier this year. “Based on previous attacks