A threat actor with ties to the Democratic People’s Republic of Korea (DPRK) has been observed targeting cryptocurrency-related businesses with a multi-stage malware capable of infecting Apple macOS devices. Cybersecurity company SentinelOne, which dubbed the campaign Hidden Risk, attributed it with high confidence to BlueNoroff, which has been previously linked to malware families such as
Month: November 2024
A new malicious software framework, “Winos4.0,” has been discovered embedded in game-related applications targeting Windows users. According to researchers at FortiGuard Labs, this malware framework is a sophisticated variant derived fromGh0strat. Winos4.0 can execute multiple actions remotely and provides attackers with extensive control over affected systems. The malware operates by distributing game-related applications, such as
Budget season is upon us, and everyone in your organization is vying for their slice of the pie. Every year, every department has a pet project that they present as absolutely essential to profitability, business continuity, and quite possibly the future of humanity itself. And no doubt that some of these actually may be mission
US officials have urged voters to seek out information about the Presidential election from trusted, official sources amid ramped up foreign influence efforts. The joint advisory from the FBI, the Office of the Director of National Intelligence (ODNI)and the Cybersecurity and Infrastructure Security Agency (CISA), warned that foreign adversaries, particularly Russia, will intensify online content
Nov 05, 2024Ravie LakshmananMobile Security / Cyber Attack Over 1,500 Android devices have been infected by a new strain of Android banking malware called ToxicPanda that allows threat actors to conduct fraudulent banking transactions. “ToxicPanda’s main goal is to initiate money transfers from compromised devices via account takeover (ATO) using a well-known technique called on-device
US government agencies have accused Russian actors of being behind a faked video purporting to show Haitian’s illegally voting in multiple counties in the state of Georgia. The joint statement from the Office of the Director of National Intelligence (ODNI), the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) said
Nov 04, 2024Mohit KumarDDoS Attack / Cybercrime German law enforcement authorities have announced the disruption of a criminal service called dstat[.]cc that made it possible for other threat actors to easily mount distributed denial-of-service (DDoS) attacks. “The platform made such DDoS attacks accessible to a wide range of users, even those without any in-depth technical
The US and Israel have warned that the Iranian state-sponsored threat actor Cotton Sandstorm is deploying new tradecraft to target networks, including leveraging generative AI tools. The joint advisory highlighted how the group, also known as Marnanbridge and Haywire Kitten, has recently shifted from ‘hack and leak’ operations against organizations primarily in Israel to a
U.S. and Israeli cybersecurity agencies have published a new advisory attributing an Iranian cyber group to targeting the 2024 Summer Olympics and compromising a French commercial dynamic display provider to show messages denouncing Israel’s participation in the sporting event. The activity has been pinned on an entity that’s known as Emennet Pasargad, which the agencies
Cybersecurity firm Sophos has detailed evolving tactics by Chinese advanced persistent threat (APT) groups following five years of collecting telemetry on campaigns targeting its customers. Working with other cybersecurity vendors, governments and law enforcement agencies, the researchers were able to attribute specific clusters of observed activity from December 2018 to November 2023 to the groups
Video Election interference, American Water and the Internet Archive breaches, new cybersecurity laws, and more – October saw no shortage of impactful cybersecurity news stories 31 Oct 2024 With so much happening in the world of cybersecurity, staying on top of threats, breaches, scams, and industry insights can feel like a full-time job. So, let
Nov 01, 2024The Hacker NewsSaaS Security / Identity Security Did you know that advanced threat actors can infiltrate the identity systems of major organizations and extract sensitive data within days? It’s a chilling reality, becoming more common and concerning by the day. These attackers exploit vulnerabilities in SaaS and cloud environments, using compromised identities to
The US Cybersecurity and Infrastructure Security Agency (CISA) has urged manufacturing companies to apply mitigations after one Rockwell Automation and several Mitsubishi systems were found to be vulnerable to cyber-attacks. In a new industrial control systems (ICS) security advisory published on October 31, CISA shared details on four sets of recently discovered vulnerabilities affecting ICS
Cybercrime You may not always stop your personal information from ending up in the internet’s dark recesses, but you can take steps to protect yourself from criminals looking to exploit it Phil Muncaster 29 Oct 2024 • , 6 min. read How did 44% members of the European Parliament (MEPs) and 68% of British MPs
Nov 01, 2024Ravie LakshmananVulnerability / Cloud Security Cybersecurity researchers have flagged a “massive” campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even extract cloud credentials from the source code. The activity, codenamed EMERALDWHALE, is estimated to have collected over 10,000 private repositories and stored in an Amazon S3 storage bucket