admin

0 Comments
LockBit ransomware attacks are constantly evolving by making use of a wide range of techniques to infect targets while also taking steps to disable endpoint security solutions. “The affiliates that use LockBit’s services conduct their attacks according to their preference and use different tools and techniques to achieve their goal,” Cybereason security analysts Loïc Castel
0 Comments
Cybersecurity solutions provider Emsisoft has released a free decryption tool to enable AstraLocker and Yashma ransomware victims to recover their files without paying a ransom. The company made the announcement in a series of Twitter posts earlier today, providing a download link and related instructions for the tool. “The AstraLocker decryptor is for the Babuk-based one using .Astra or .babyk extension, and they
0 Comments
A newly observed phishing campaign is leveraging the recently disclosed Follina security vulnerability to distribute a previously undocumented backdoor on Windows systems. “Rozena is a backdoor malware that is capable of injecting a remote shell connection back to the attacker’s machine,” Fortinet FortiGuard Labs researcher Cara Lin said in a report this week. Tracked as
0 Comments
A fake LinkedIn job offer was the reason behind Axie Infinity’s $600m hack, according to a new investigation by The Block. The digital assets-focused outlet said on Wednesday that while the US government attributed the attack to the North Korean hacker group Lazarus, full details of how the exploit was executed had not been disclosed.  The Block said that according
0 Comments
Fewer people carry cash these days, kids included. This growing paperless reality fast-forwards the parenting task of educating kids on financial responsibility. As of 2021, most cash apps allow kids 13 and up to open accounts (previously, the age was 18). Kids can also get a cash app debit card for retail purchases. But while
0 Comments
In a new joint cybersecurity advisory, U.S. cybersecurity and intelligence agencies have warned about the use of Maui ransomware by North Korean government-backed hackers to target the healthcare sector since at least May 2021. “North Korean state-sponsored cyber actors used Maui ransomware in these incidents to encrypt servers responsible for healthcare services—including electronic health records
0 Comments
The Cybersecurity and Infrastructure Security Agency (CISA) has released a new advisory suggesting North Korean state-sponsored cyber actors are using the Maui ransomware to target Healthcare and Public Health (HPH) Sector organizations in the US. According to the document – a joint effort between CISA, the Federal Bureau of Investigation (FBI) and the Department of
0 Comments
Apple on Wednesday announced it plans to introduce an enhanced security setting called Lockdown Mode in iOS 16, iPadOS 16, and macOS Ventura to safeguard high-risk users against “highly targeted cyberattacks.” The “extreme, optional protection” feature, now available for preview in beta versions of its upcoming software, is designed to counter a surge in threats
0 Comments
In the spirit of #PrideMonth, McAfee hosted month-long celebrations across the world. One of these was a live event hosted by the McAfee Pride Community with a guest speaker from the Resource Center that focused on the history of Pride, support, allyship, and belonging. We took a moment to ask our event guest speaker, Leslie
0 Comments
The US Department of Commerce’s National Institute of Standards and Technology (NIST) has selected the first-ever group of encryption tools that could potentially withstand the attack of a quantum computer. The four selected encryption algorithms will now reportedly become part of NIST’s post-quantum cryptographic (PQC) standard, which should be finalized in about two years. More specifically, for
0 Comments
NATO has announced plans to develop virtual rapid response capabilities “to respond to significant malicious cyber activities.” The plans were unveiled in a declaration published following the NATO Summit in Madrid, Spain, last week. The latest summit took on extra significance in light of the Russian invasion of Ukraine earlier this year, amid fears of the conflict
0 Comments
CloudSEK used its artificial intelligence (AI)-powered digital risk platform XVigil to identify a post on a cybercrime forum mentioning open source automation server platform Jenkins as one of the TTP (tactics, techniques, and procedures) used by a threat actor (TA) in attacks against IBM and Stanford University. The module reportedly has hidden desktop takeover capabilities that would be
0 Comments
Kaspersky security experts have discovered new malware targeting Microsoft Exchange servers belonging to several organizations worldwide. Dubbed “SessionManager” and first spotted by the company in early 2022, the backdoor enables threat actors to keep “persistent, update-resistant and rather stealth access to the IT infrastructure of a targeted organization.” According to Kaspersky, once propagated, SessionManager would enable