A critical vulnerability in Apache ActiveMQ, identified as CVE-2023-46604, has been exposed, revealing an active exploitation scenario by the notorious Kinsing malware. According to an advisory published by Trend Micro on Monday, the discovery underscores the implications for Linux systems, as the vulnerability allows for remote code execution (RCE) due to inadequate validation of throwable
admin
Digital Security What happens when problems caused by autonomous vehicles are not the result of errors, but the result of purposeful attacks? 21 Nov 2023 • , 7 min. read Fleets of robotaxis hit the brakes, citing the need to “rebuild public trust”. This story had been brewing for a while. It seemed fairly inconsequential
Nov 23, 2023NewsroomSoftware Supply Chain Attack A North Korean state-sponsored threat actor tracked as Diamond Sleet is distributing a trojanized version of a legitimate application developed by a Taiwanese multimedia software developer called CyberLink to target downstream customers via a supply chain attack. “This malicious file is a legitimate CyberLink application installer that has been
Security researchers have detected a Russian-language Word document carrying a malicious macro in the ongoing Konni campaign. Despite its September 2023 creation date, FortiGuard Labs’ internal telemetry revealed continued activity on the campaign’s command-and-control (C2) server. This long-running campaign utilizes a remote access Trojan (RAT) capable of extracting information and executing commands on compromised devices, employing
Nov 22, 2023NewsroomSEO poisoning / Malware Analysis The macOS information stealer known as Atomic is now being delivered to target via a bogus web browser update chain tracked as ClearFake. “This may very well be the first time we see one of the main social engineering campaigns, previously reserved for Windows, branch out not only
The US Cybersecurity and Infrastructure Security Agency (CISA) has released a Mitigation Guide specifically tailored for the Healthcare and Public Health (HPH) sector. The new guide outlines defensive mitigation strategies and best practices to counteract prevalent cyber-threats targeting critical infrastructure in the healthcare domain. The paper, published on Friday, emphasizes the importance of vulnerability management,
Nov 21, 2023NewsroomCyber Attack / Cyber Espionage The China-linked Mustang Panda actor has been linked to a cyber attack targeting a Philippines government entity amid rising tensions between the two countries over the disputed South China Sea. Palo Alto Networks Unit 42 attributed the adversarial collective to three campaigns in August 2023, primarily singling out
Royal Mail has revealed a multimillion-pound cost attached to a serious ransomware breach it suffered earlier this year. The British postal service company was hit by a LockBit affiliate, in an incident which caused “severe service disruption” for items sent abroad. It later transpired that the ransomware actors were demanding nearly $80m from the firm
An Indian hack-for-hire group targeted the U.S., China, Myanmar, Pakistan, Kuwait, and other countries as part of a wide-ranging espionage, surveillance, and disruptive operation for over a decade. The Appin Software Security (aka Appin Security Group), according to an in-depth analysis from SentinelOne, began as an educational startup offering offensive security training programs, while carrying
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have released a detailed cybersecurity advisory on the sophisticated Scattered Spider threat group, urging critical infrastructure (CNI) firms to implement its mitigation recommendations. The group (also known as 0ktapus, Starfraud, UNC3944, Scatter Swine, Octo Tempest and Muddled Libra) is thought to be responsible for big-name
Social Media How much contact and personal information do you give away in your LinkedIn profile and who can see it? Here’s why less may be more. Daniel Cunha Barbosa 16 Nov 2023 • , 4 min. read Several friends recently asked me how cybercriminals could gain access to their contact data, especially their mobile
The threat actors behind the 8Base ransomware are leveraging a variant of the Phobos ransomware to conduct their financially motivated attacks. The findings come from Cisco Talos, which has recorded an increase in activity carried out by cybercriminals. “Most of the group’s Phobos variants are distributed by SmokeLoader, a backdoor trojan,” security researcher Guilherme Venere
involving the spoofing of luxury brands, including Louis Vuitton, Rolex, and Ray-Ban. The hackers craft enticing emails promising heavy discounts on these luxury products, with the email addresses manipulated to mimic the authenticity of the brands. Despite the appearance of legitimacy, a closer look reveals that the email origins have no connection to the actual
Video An attack against a port operator that ultimately hobbled some 40 percent of Australia’s import and export capacity highlights the kinds of supply chain shocks that a successful cyberattack can cause 17 Nov 2023 This week, one of Australia’s major port operators, DP World, had to pull the plug on its internet connection and
Nov 18, 2023NewsroomCyber Attack / USB Worm Russian cyber espionage actors affiliated with the Federal Security Service (FSB) have been observed using a USB propagating worm called LitterDrifter in attacks targeting Ukrainian entities. Check Point, which detailed Gamaredon’s (aka Aqua Blizzard, Iron Tilden, Primitive Bear, Shuckworm, and Winterflounder) latest tactics, branded the group as engaging
The Cloud Security Alliance (CSA) has introduced the Certificate of Competence in Zero Trust (CCZT), the industry’s inaugural authoritative zero trust certification. CSA said the certification responds to the evolving landscape of pervasive technology and the inadequacy of legacy security models. It aims to equip security professionals with the knowledge necessary to develop and implement
Nov 17, 2023NewsroomPatch Management / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild. The vulnerabilities are as follows – CVE-2023-36584 (CVSS score: 5.4) – Microsoft Windows Mark-of-the-Web (MotW) Security Feature Bypass Vulnerability
The US Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has unveiled its inaugural roadmap for artificial intelligence (AI). The initiative aligns with President Biden’s recent Executive Order, which directed DHS to globally promote AI safety standards, safeguard US networks and critical infrastructure, and address the potential weaponization of AI. The roadmap
Nov 16, 2023NewsroomCyber Warfare / Threat Intelligence Russian threat actors have been possibly linked to what’s been described as the “largest cyber attack against Danish critical infrastructure,” in which 22 companies associated with the operation of the country’s energy sector were targeted in May 2023. “22 simultaneous, successful cyberattacks against Danish critical infrastructure are not
Security researchers have discovered a total of 3938 unique secrets on PyPI, the official third-party package management system for the Python community, across all projects, with 768 of them validated as authentic. Notably, 2922 projects contained at least one unique secret. Among the leaked secrets were various credentials, including AWS Keys, Redis credentials, Google API
We Live Progress Discover six games that will provide valuable knowledge while turning learning about digital security into an enjoyable and rewarding adventure Luiza Pires 14 Nov 2023 • , 4 min. read In this day and age, knowing your way around the digital world is not merely a valuable asset – it is a
Nov 15, 2023NewsroomPatch Tuesday / Zero-Day Microsoft has released fixes to address 63 security bugs in its software for the month of November 2023, including three vulnerabilities that have come under active exploitation in the wild. Of the 63 flaws, three are rated Critical, 56 are rated Important, and four are rated Moderate in severity.
The global online gaming community is facing a rising threat from cyber-criminals exploiting vulnerabilities inherent in gamers’ interactions with digital content. A recent report by Sekoia.io has shed light on a targeted campaign using Discord messages and fake download websites to distribute information-stealing malware within the gaming sphere. According to the post, gamers, in their quest for
Secure Coding Through engaging hacking challenges and competitions, CTFs offer an excellent opportunity to test and enhance your security and problem-solving skills Christian Ali Bravo 13 Nov 2023 • , 3 min. read Cybersecurity is not only an ever-evolving and increasingly important concern in our digital age, but it can also be a lot of
Nov 14, 2023NewsroomCyber Attack / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given a November 17, 2023, deadline for federal agencies and organizations to apply mitigations to secure against a number of security flaws in Juniper Junos OS that came to light in August. The agency on Monday added five vulnerabilities to
Two giants of the banking and legal sectors have been breached by suspected ransomware actors, according to reports. Allen & Overy is one of the UK’s “Magic Circle” law firms. It released a statement yesterday revealing a “data incident” impacting a “small number of storage servers.” Although the firm did not name ransomware as the
Business Security By collecting, analyzing and contextualizing information about possible cyberthreats, including the most advanced ones, threat intelligence offers a critical method to identify, assess and mitigate cyber risk Phil Muncaster 10 Nov 2023 • , 4 min. read When it comes to mitigating an organization’s cyber risk, knowledge and expertise are power. That alone
Nov 13, 2023NewsroomNational Security / Cyber Attack Cybersecurity researchers have discovered what they say is malicious cyber activity orchestrated by two prominent Chinese nation-state hacking groups targeting 24 Cambodian government organizations. “This activity is believed to be part of a long-term espionage campaign,” Palo Alto Networks Unit 42 researchers said in a report last week.
Microsoft has revealed a new threat campaign exploiting a zero-day vulnerability in the popular SysAid IT helpdesk software. Posting to X (formerly Twitter) yesterday, the Microsoft Threat Intelligence account said the group is the same one responsible for the MOVEit data theft and extortion campaign – a threat actor known as Lace Tempest (aka DEV-0950,
The Urdu version of the Hunza News website offers readers the option to download an Android app – little do they know that the app is actually spyware 10 Nov 2023 This week, ESET researchers have described the ins and outs of a so-called watering-hole attack against a news website that delivers news about Gilgit-Baltistan,
- « Previous Page
- 1
- …
- 29
- 30
- 31
- 32
- 33
- …
- 116
- Next Page »