Russian intelligence hacked online surveillance cameras to spy on air defense activities and critical infrastructure in Kyiv ahead of recent missile strikes, the Security Service of Ukraine (SSU) has revealed. The Kremlin was able to remotely control two residential cameras, which it used to collect information to target critical infrastructure in Ukraine’s capital Kyiv. This
admin
As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams have found themselves contending with an ever-sprawling SaaS attack surface, much of which is often unknown or unmanaged. This greatly increases the risk of identity-based threats, and according to a recent report from CrowdStrike,
Court cases and tribunals in Australia have been impacted by a cybersecurity incident, with attackers potentially accessing recordings of hearings, according to the Court Services Victoria (CSV). The CSV revealed the incident in a statement on January 2, 2024. This public notice came some 12 days after the CSV was first alerted to the cyber
Jan 02, 2024The Hacker NewsBrowser Security / Threat Protection Security stakeholders have come to realize that the prominent role the browser has in the modern corporate environment requires a re-evaluation of how it is managed and protected. While not long-ago web-borne risks were still addressed by a patchwork of endpoint, network, and cloud solutions, it
Jan 01, 2024NewsroomEncryption / Network Security Security researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell (SSH) cryptographic network protocol that could allow an attacker to downgrade the connection’s security by breaking the integrity of the secure channel. Called Terrapin (CVE-2023-48795, CVSS score: 5.9), the exploit has been described as the
Digital Security Before getting rid of your no-longer-needed device, make sure it doesn’t contain any of your personal documents or information Phil Muncaster 27 Dec 2023 • , 5 min. read The planet is warming and we’re all becoming more environmentally aware. When it comes to IT, this manifests in a surge in “e-waste” recycling.
Dec 29, 2023NewsroomCyber Attack / Web Security The Assembly of the Republic of Albania and telecom company One Albania have been targeted by cyber attacks, the country’s National Authority for Electronic Certification and Cyber Security (AKCESK) revealed this week. “These infrastructures, under the legislation in force, are not currently classified as critical or important information
Security vendor Ivanti has released an update to its Avalanche mobile device management (MDM) product which fixes 22 vulnerabilities, 13 of which are rated critical. Ivanti Avalanche is described by the vendor as an enterprise MDM solution capable of managing distributed deployments of more than 100,000 mobile devices – including anything from warehouse scanners to
Digital Security As we draw the curtain on another eventful year in cybersecurity, let’s review some of the high-profile cyber-incidents that occurred in 2023 Phil Muncaster 28 Dec 2023 • , 5 min. read It’s been another monumental year in cybersecurity. Threat actors thrived against a backdrop of continued macroeconomic and geopolitical uncertainty, using all
Dec 30, 2023NewsroomCryptocurrency / Phishing Scam Cybersecurity researchers are warning about an increase in phishing attacks that are capable of draining cryptocurrency wallets. “These threats are unique in their approach, targeting a wide range of blockchain networks, from Ethereum and Binance Smart Chain to Polygon, Avalanche, and almost 20 other networks by using a crypto
Security researchers have warned against the DarkGate threat actor, who has recently gained notoriety in the realm of remote access Trojans (RATs) and loaders. Earlier today, Proofpoint confirmed it has been tracking a distinct operator of the DarkGate malware, temporarily named BattleRoyal, noting its use in at least 20 email campaigns from September to November
Dec 29, 2023NewsroomMalware / Cyber Threat Nation-state actors affiliated to North Korea have been observed using spear-phishing attacks to deliver an assortment of backdoors and tools such as AppleSeed, Meterpreter, and TinyNuke to seize control of compromised machines. South Korea-based cybersecurity company AhnLab attributed the activity to an advanced persistent threat group known as Kimsuky.
After a quieter month in October, ransomware groups seemed to return with a vengeance in November, with the highest number of listed victims ever recorded, according to Corvus Insurance. In a report published on December 18, 2023, Corvus Threat Intel observed 484 new ransomware victims posted to leak sites in November. This represents a 39.08%
Dec 28, 2023NewsroomMalware / Cyber Threat A new malware loader is being used by threat actors to deliver a wide range of information stealers such as Lumma Stealer (aka LummaC2), Vidar, RecordBreaker (aka Raccoon Stealer V2), and Rescoms. Cybersecurity firm ESET is tracking the trojan under the name Win/TrojanDownloader.Rugmi. “This malware is a loader with
The threat landscape has been bustling in the second half of 2023, according to cybersecurity provider ESET. In its Threat Report: H2 2023, the firm recorded many significant cybersecurity incidents between June and November 2023, a period dominated by AI-related malicious activity and the emergence of new Android spyware. According to the report, a new
Dec 27, 2023NewsroomPrivacy / App Security A new Android backdoor has been discovered with potent capabilities to carry out a range of malicious actions on infected devices. Dubbed Xamalicious by the McAfee Mobile Research Team, the malware is so named for the fact that it’s developed using an open-source mobile app framework called Xamarin and
Cybercriminals unleashed an average of 411,000 malicious files every day in 2023, representing a 3% increase from the previous year, according to Kaspersky. The firm’s Security Bulletin: Statistics of the Year Report, published on December 14, 2023, showed that particular types of threats also escalated. One example is the use of malicious desktop files (Microsoft
When shopping for a new smartphone, you’re likely to look for the best bang for your buck. If you’re on the hunt for a top-of-the-range device but aren’t keen on paying top dollar for it, offerings from lesser-known manufacturers will probably make your shortlist. Indeed, in the fiercely competitive smartphone market you may be even
Dec 26, 2023NewsroomMalware / Cybercrime The banking malware known as Carbanak has been observed being used in ransomware attacks with updated tactics. “The malware has adapted to incorporate attack vendors and techniques to diversify its effectiveness,” cybersecurity firm NCC Group said in an analysis of ransomware attacks that took place in November 2023. “Carbanak returned
ESO Solutions, a data and software provider for emergency responders and healthcare entities, has commenced the notification process for 2.7 million individuals affected by a ransomware attack. The breach, which unfolded on September 28, compelled ESO to shut down systems temporarily to curb the incident’s reach. Although the attackers accessed and encrypted internal systems, ESO said it
Digital Security Unwrapping a new gadget this holiday season will put a big smile on your face but things may quickly turn sour if the device and data on it aren’t secured properly Phil Muncaster 21 Dec 2023 • , 4 min. read As the festive season approaches, we’re all looking forward to being pampered
Dec 25, 2023NewsroomCyber Espionage / Malware The threat actor referred to as Cloud Atlas has been linked to a set of spear-phishing attacks on Russian enterprises. Targets included a Russian agro-industrial enterprise and a state-owned research company, according to a report from F.A.C.C.T., a standalone cybersecurity company formed after Group-IB’s formal exit from Russia earlier
Security researchers have discovered a new series of “crypto drainer” malware attacks that have stolen $59m from victims so far after luring them to phishing pages via Google and X (formerly Twitter) ads. A crypto drainer is a type of malware that tricks the user into approving a transaction which then automatically drains their cryptocurrency
Video How cybercriminals take advantage of the popularity of ChatGPT and other tools of its ilk to direct people to sketchy sites, plus other interesting findings from ESET’s latest Threat Report 22 Dec 2023 This week, the ESET research team released the H2 2023 issue of its Threat Report that looked at the key trends
Dec 24, 2023NewsroomCyber Crime / Data Breach Two British teens part of the LAPSUS$ cyber crime and extortion gang have been sentenced for their roles in orchestrating a string of high-profile attacks against a number of companies. Arion Kurtaj, an 18-year-old from Oxford, has been sentenced to an indefinite hospital order due to his intent
The UK’s secretary of state for justice has warned of a “clear and present danger” to British democracy from deepfakes ahead of the upcoming general election. Robert Buckland made the remarks on BBC Radio 4’s Today program yesterday, claiming the technology delivers a “liar’s dividend” in that, by undermining trust in the veracity of information,
Dec 22, 2023NewsroomSkimming / Web Security Threat hunters have discovered a rogue WordPress plugin that’s capable of creating bogus administrator users and injecting malicious JavaScript code to steal credit card information. The skimming activity is part of a Magecart campaign targeting e-commerce websites, according to Sucuri. “As with many other malicious or fake WordPress plugins
UK telco EE has warned customers they could be deluged with millions of scam SMS messages on December 23 as fraudsters look to capitalize on last-minute Christmas shopping. The mobile operator claimed that the equivalent day last year saw it block three million text message scams (aka “smishing”), the highest daily number in 2022. This
Dec 22, 2023NewsroomMalware / Cyber Attack The threat actor known as UAC-0099 has been linked to continued attacks aimed at Ukraine, some of which leverage a high-severity flaw in the WinRAR software to deliver a malware strain called LONEPAGE. “The threat actor targets Ukrainian employees working for companies outside of Ukraine,” cybersecurity firm Deep Instinct
The German authorities have announced the takedown of a notorious dark web marketplace known for selling drugs, malware and other illegal items. The federal police service (BKA) and the Frankfurt prosecutor’s office for cybercrime (ZIT) announced the news on Wednesday, but revealed the coordinated action took place on December 16. The English-language Kingdom Market, which was
- « Previous Page
- 1
- …
- 28
- 29
- 30
- 31
- 32
- …
- 118
- Next Page »