At least 20 Canadian government networks have been compromised by Chinese state-sponsored threat actors, who have maintained access over the past four years to steal valuable data. The Canadian Centre for Cyber Security (Cyber Centre) confirmed the compromises in its National Cyber Threat Assessment 2025-2026. The Cyber Centre noted that the threat actors targeted information
Month: October 2024
How To Have you ever googled yourself? Were you happy with what came up? If not, consider requesting the removal of your personal information from search results. Márk Szabó 30 Oct 2024 • , 4 min. read In today’s digital age, maintaining control over your personal information is more crucial than ever. Whether you’re concerned
Oct 31, 2024The Hacker NewsIdentity Security / Browser Security In the modern, browser-centric workplace, the corporate identity acts as the frontline defense for organizations. Often referred to as “the new perimeter”, the identity stands between safe data management and potential breaches. However, a new report reveals how enterprises are often unaware of how their identities
The US Cybersecurity and Infrastructure Security Agency (CISA) has published its first ever international strategic plan, designed to boost international cooperation in combatting cyber threats to critical infrastructure. The plan acknowledges the complex and geographically dispersed nature of cyber risks, and the need for threat information and risk reduction advice to be shared rapidly with
In this blogpost, we provide a technical analysis of CloudScout, a post-compromise toolset used by Evasive Panda to target a government entity and a religious organization in Taiwan from 2022 to 2023. The CloudScout toolset is capable of retrieving data from various cloud services by leveraging stolen web session cookies. Through a plugin, CloudScout works
Oct 30, 2024Ravie LakshmananCybercrim / Cryptocurrency Cybersecurity researchers have discovered a new malicious Python package that masquerades as a cryptocurrency trading tool but harbors functionality designed to steal sensitive data and drain assets from victims’ crypto wallets. The package, named “CryptoAITools,” is said to have been distributed via both Python Package Index (PyPI) and bogus
Meeting compliance requirements with the EU’s Network and Information Security (NIS)2 Directive has forced many organizations to divert funds from other areas of the business, according to research from Veeam. The cybersecurity firm found that 95% of applicable firms had done so to meet the new requirements. Over a third (34%) of these EMEA-based businesses
We Live Science As methane emissions come under heightened global scrutiny, learn how a state-of-the-art satellite can pinpoint their sources and deliver the insights needed for targeted mitigation efforts 28 Oct 2024 While carbon dioxide typically takes center stage in discussions about climate change, methane emissions have historically flown somewhat under the radar. So what’s
Sherlock Holmes is famous for his incredible ability to sort through mounds of information; he removes the irrelevant and exposes the hidden truth. His philosophy is plain yet brilliant: “When you have eliminated the impossible, whatever remains, however improbable, must be the truth.” Rather than following every lead, Holmes focuses on the details that are
A team from Vietnam scooped the top prize at the very first Pwn2Own Ireland event on Friday, with over $1m in awards handed out by Trend Micro’s Zero Day Initiative (ZDI) for dozens of new discoveries. The popular hacking competition set up camp in Trend Micro’s Cork office for the first time last week, with
Oct 28, 2024Ravie LakshmananCyber Security / Hacking News Cybersecurity news can sometimes feel like a never-ending horror movie, can’t it? Just when you think the villains are locked up, a new threat emerges from the shadows. This week is no exception, with tales of exploited flaws, international espionage, and AI shenanigans that could make your
The Irish Data Protection Commission (DPC) has issued a €310m ($336m) fine to LinkedIn Ireland Unlimited Company over violation of the EU’s General Data Protection Regulation (GDPR) in relation to the firm’s advertising practices. This decision came after a complaint initially made in August 2018 by a French non-profit organization, La Quadrature Du Net, to
Oct 26, 2024Ravie LakshmananCybercrime / Malware Four members of the now-defunct REvil ransomware operation have been sentenced to several years in prison in Russia, marking one of the rare instances where cybercriminals from the country have been convicted of hacking and money laundering charges. Russian news publication Kommersant reported that a court in St. Petersburg
The Change Healthcare ransomware attack has impacted the personal information of 100 million US citizens, updated figures from the US Department of Health and Human Services (HHS) have revealed. The figure means the attack, which began in February 2024, is the largest known data breach of US healthcare records ever recorded. The HHS Office for
ESET Research Learn how a rather clumsy cybercrime group wielding buggy malicious tools managed to compromise a number of SMBs in various parts of the world ESET Research 24 Oct 2024 • , 1 min. read Some cybercriminal groups are sophisticated, create advanced schemes, cooperate with other attackers and do everything to stay under the
Oct 26, 2024Ravie LakshmananCloud Security / Cryptocurrency The infamous cryptojacking group known as TeamTNT appears to be readying for a new large-scale campaign targeting cloud-native environments for mining cryptocurrencies and renting out breached servers to third-parties. “The group is currently targeting exposed Docker daemons to deploy Sliver malware, a cyber worm, and cryptominers, using compromised
Ukrainian authorities have warned of a mass phishing attack aimed at stealing sensitive personal data of citizens. The attackers, tracked under the identifier UAC-0218, send phishing links purporting to be bills or payment details but actually leads to the download of data stealing malware. Once downloaded, this script searches the victim’s device for documents in
ESET researchers have discovered new Rust-based tooling leading to the deployment of Embargo ransomware. Embargo is a relatively new player in the ransomware scene, first observed by ESET in June 2024. The new toolkit consists of a loader and an EDR killer, named MDeployer and MS4Killer respectively by ESET. MS4Killer is particularly noteworthy as it
Oct 25, 2024Ravie LakshmananCloud Security / Artificial Intelligence Apple has publicly made available its Private Cloud Compute (PCC) Virtual Research Environment (VRE), allowing the research community to inspect and verify the privacy and security guarantees of its offering. PCC, which Apple unveiled earlier this June, has been marketed as the “most advanced security architecture ever
Fortinet has confirmed that a critical zero-day vulnerability affecting its FortiManager network management solution is being exploited in the wild. In an October 23 security advisory, the cybersecurity provider shared more information on CVE-2024-47575, a vulnerability allowing threat actors to use a compromised FortiManager device to execute arbitrary code or commands against other FortiManager devices. This
Sometimes, it turns out that the answers we struggled so hard to find were sitting right in front of us for so long that we somehow overlooked them. When the Department of Homeland Security, through the Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the FBI, issues a cybersecurity warning and prescribes specific action,
Nearly 70% of business leaders believe their employees lack critical cybersecurity knowledge, a sharp increase from 56% in 2023. The figure comes from Fortinet’s latest 2024 Security Awareness and Training Global Research Report, which also suggests that AI-driven cyber-attacks are becoming more difficult for employees to detect. Over 60% of respondents expect a rise in employees
Scams Watch out for schemes where fraudsters trick people into sharing verification codes so they can gain access to their phone numbers Phil Muncaster 21 Oct 2024 • , 5 min. read In our hyper-connected world, technology has transformed the way we communicate, enabling us to connect with anyone, anywhere, at the touch of a
Oct 23, 2024Ravie LakshmananArtificial Intelligence / Vulnerability Cybersecurity researchers have shed light on a new adversarial technique that could be used to jailbreak large language models (LLMs) during the course of an interactive conversation by sneaking in an undesirable instruction between benign ones. The approach has been codenamed Deceptive Delight by Palo Alto Networks Unit
Transak, a fiat-to-crypto payment gateway provider, has reported a security incident which has impacted 92,554 of its users. Attackers gained unauthorized access to one of the firm’s employee laptops through a sophisticated phishing attack. The firm said that the attacker used compromised credentials to log in to the system of a third-party KYC vendor that
Oct 22, 2024Ravie LakshmananIdentity Management / Security Automation Service accounts are vital in any enterprise, running automated processes like managing applications or scripts. However, without proper monitoring, they can pose a significant security risk due to their elevated privileges. This guide will walk you through how to locate and secure these accounts within Active Directory
Australian businesses now have a list of best practices to refer to when using commercial AI products. The Office of the Australian Information Commissioner (OAIC) published on October 21 guidance on the use of commercially available AI products. The document explains in detail organizations’ obligations when using personal information in the context of off-the-shelf AI
Oct 21, 2024The Hacker NewsPenetration Testing / API Security Pentest Checklists Are More Important Than Ever Given the expanding attack surface coupled with the increasing sophistication of attacker tactics and techniques, penetration testing checklists have become essential for ensuring thorough assessments across an organization’s attack surface, both internal and external. By providing a structured approach,
Microsoft has uncovered a macOS vulnerability that can enable attackers to gain access to users’ protected data, and warned active exploitation may be taking place. The flaw, dubbed “HM Surf,” allows attackers to bypass the operating system’s Transparency, Consent, and Control (TCC) technology to access sensitive user data, including browsed pages and the device’s camera,
Video The average time it takes attackers to weaponize a vulnerability, either before or after a patch is released, shrank from 63 days in 2018-2019 to just five days last year 18 Oct 2024 As many as 97 out of the 138 vulnerabilities disclosed as actively exploited in the wild in 2023 were zero-days, according