Security

0 Comments
A new report by a French government agency has accused Azerbaijan of manipulating online users in France’s overseas constituencies and Corsica. In a new report published on December 2, France’s technical agency responsible for monitoring foreign digital interference, VIGINUM, released findings about the Baku Initiative Group (BIG), a state-sponsored organization based in Azerbaijan. From July
0 Comments
Romania’s national security council has warned that cyber-attacks are being used to influence the fairness of the country’s live presidential election. The Supreme Council of National Defense revealed it was presented with assessments on the actions of state and non-state cyber actors targeting election infrastructure and processes in a meeting on Thursday, November 28. While
0 Comments
An infamous ransomware group has claimed to have compromised sensitive data from a children’s hospital in Liverpool, UK. On November 28, INC Ransom posted on its data leak site that it has obtained large-scale data patient records, donor reports and procurement data for 2018-2024 from Alder Hey Children’s NHS Foundation Trust. The Trust quickly acknowledged
0 Comments
A new cyber-attack technique leveraging the Godot Gaming Engine to execute undetectable malware has been reported by Check Point Research. Using maliciously crafted GDScript code, threat actors deployed malware via “GodLoader,” bypassing most antivirus detections and infecting over 17,000 devices since June 2024. In a statement, the Godot security team said, “Based on the report, affected users
0 Comments
Cybersecurity researchers have discovered “Bootkitty,” possibly the first UEFI bootkit specifically designed to target Linux systems. This marks a significant shift in theUEFI threat landscape, which previously focused exclusively on Windows-based attacks. The bootkit, named by its creators, was uploaded to VirusTotal in November 2024 and is believed to be a proof of concept rather
0 Comments
A widespread distributed denial-of-service (DDoS) campaign leveraging accessible tools and targeting IoT devices and enterprise servers has been uncovered by security researchers. Orchestrated by a threat actor known as Matrix, the operation highlights how minimal technical knowledge combined with public scripts can enable global scale cyber-attacks. Matrix’s attack framework, analyzed in detail by Aqua Nautilus,
0 Comments
A network of four public relations (PR) firms has been operating pro-China influence operations online since at least 2022, according to Google. In a report published on November 22, Google’s Threat Intelligence Group revealed it has removed hundreds of domains from its search and news indexes. These domains were part of a complex ecosystem of
0 Comments
A Russian-aligned hacking group is conducting a cyber espionage campaign across Europe and Asia, according to Recorded Future. Insikt Group, Recorded Future’s threat intelligence team, has shared in a November 21 report that a group it tracks as TAG-110 has been using custom malware to compromise government entities, human rights groups and educational institutions. The
0 Comments
Microsoft has seized 240 fraudulent websites associated with “do-it-yourself” phishing kits used by cybercriminals globally to break into customer accounts. The action was enabled by a civil court order in the Eastern District of Virginia which allowed the malicious technical infrastructure to be directed to Microsoft. This permanently stops the use of these domains in
0 Comments
US and Australian government agencies have urged critical infrastructure organizations to protect against new tactics employed by the BianLian ransomware group. These updated tactics, techniques and procedures (TTPs) include shifting exclusively to exfiltration-based extortion and leveraging new approaches for initial access, command and control, and defense evasion. The joint advisory from the FBI, Cybersecurity and
0 Comments
Cyber intrusions affecting telecom providers previously attributed to the Chinese hacking group LightBasin (UNC1945) are now believed to come from another Chinese-sponsored group, according to CrowdStrike. In a November 19 testimony in front of the US Senate Judiciary Subcommittee on Privacy, Technology, and the Law, Adam Meyers, CrowdStrike Senior Vice President of Counter Adversary Operations,
0 Comments
Palo Alto Networks has released a security patch to fix a critical vulnerability in instances of its firewall management interfaces. The security vendor disclosed the flaw on November 8 and later confirmed evidence of in-the-wild exploitation. It was initially tracked by Palo Alto as PAN-SA-2024-0015. It has now been allocated a common vulnerabilities and exposures
0 Comments
Attack surface management provider watchTowr claims to have found a new zero-day vulnerability in cybersecurity provider Fortinet’s products. This flaw would allow a managed FortiGate device to elevate privileges and seize control of the FortiManager instance. This new vulnerability is similar to a previous flaw discovered in October, CVE-2024-47575, also known as “FortiJump.” Researchers at watchTowr
0 Comments
An unauthenticated remote command execution (RCE) vulnerability against Palo Alto Networks’ internet-exposed firewall management interfaces is actively being exploited, according to the cybersecurity provider. On November 8, Palo Alto published a security advisory to warn of a zero-day vulnerability affecting some of its PAN-OS firewall management interfaces. The flaw is an unauthenticated RCE vulnerability affecting
0 Comments
China-affiliated hackers have compromised US officials’ data through a large-scale hack on telecommunications providers, according to the US government. The FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) published a joint advisory on November 13 in which they shared more details on what they called “a broad and significant cyber espionage campaign.” They
0 Comments
Most enterprise security leaders are now turning to personal indemnity insurance to mitigate mounting breach risks and boardroom pressure, according to Panaseer. The continuous controls monitoring specialist interviewed 400 CISOs and similar in US and UK organizations in order to compile its Panaseer 2025 Security Leaders Report. It revealed that 61% of organizations suffered a
0 Comments
Italy has led a simulation exercise to test EU institutions’ preparedness to handle large-scale cyber-attacks. This annual drill, the Blueprint Operational Level Exercise (Blue OLEx), involves senior cybersecurity officials from EU member states and the Commission, with the support of EU The exercise helps cybersecurity leaders identify areas for improvement in the standardized way of
0 Comments
A notorious North Korean affiliated threat actor is targeting crypto firms using multi-stage malware and a novel persistence mechanism, SentinelLabs has reported. The campaign, dubbed ‘Hidden Risk’, is assessed with high confidence to be perpetrated by the BlueNoroff advanced persistent threat (APT) group, known for financially-motivated attacks. It is designed to target macOS devices. The
0 Comments
Russian-associated cyber-attacks on South Korea have ramped up following the deployment of North Korean troops in Ukraine, South Korea’s President’s Office has warned. The activity by pro-Kremlin groups has primarily been distributed denial-of-service (DDoS) attacks against government websites and private companies, which the Seoul government is actively responding to. The President’s Office said that access
0 Comments
A ransomware attack has significantly disrupted the operations of a key supplier to the US oil industry. In a regulatory filing sent to the US Securities and Exchange Commission (SEC) on November 7, Texan company Newpark Resources said an unauthorized third party gained access to some of its internal information systems on October 29, an
0 Comments
The UK’s data protection regulator has warned AI recruitment tool providers to better protect job seekers’ data rights, mitigating discrimination and other privacy concerns. AI is increasingly being used by recruitment companies to make their processes more efficient, such as helping to source potential candidates, summarize CVs and score applicants. However, an audit by the
0 Comments
A new malicious software framework, “Winos4.0,” has been discovered embedded in game-related applications targeting Windows users. According to researchers at FortiGuard Labs, this malware framework is a sophisticated variant derived fromGh0strat. Winos4.0 can execute multiple actions remotely and provides attackers with extensive control over affected systems. The malware operates by distributing game-related applications, such as
0 Comments
US officials have urged voters to seek out information about the Presidential election from trusted, official sources amid ramped up foreign influence efforts. The joint advisory from the FBI, the Office of the Director of National Intelligence (ODNI)and the Cybersecurity and Infrastructure Security Agency (CISA), warned that foreign adversaries, particularly Russia, will intensify online content
0 Comments
US government agencies have accused Russian actors of being behind a faked video purporting to show Haitian’s illegally voting in multiple counties in the state of Georgia. The joint statement from the Office of the Director of National Intelligence (ODNI), the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) said
0 Comments
The US and Israel have warned that the Iranian state-sponsored threat actor Cotton Sandstorm is deploying new tradecraft to target networks, including leveraging generative AI tools. The joint advisory highlighted how the group, also known as Marnanbridge and Haywire Kitten, has recently shifted from ‘hack and leak’ operations against organizations primarily in Israel to a