Security

0 Comments
Security researchers have detected Storm-1811, a financially motivated cybercriminal group, exploiting Quick Assist, a client management tool, in social engineering attacks.  According to a technical blog post published by Microsoft on Wednesday, Storm-1811, notorious for deploying Black Basta ransomware, has been observed initiating these attacks through voice phishing (vishing) since mid-April 2024, employing tactics like
0 Comments
A cyber-attack has disrupted auction house Christie’s attempts to sell art and other high-value items worth an estimated $840m. Among the items up for auction are a Vincent van Gogh painting valued at $35m and a rare wine.  The cyber-attack has taken Christie’s website offline, possibly last week, preventing potential buyers from viewing the lots
0 Comments
Since 2005, educational institutions in the United States have experienced 3713 data breaches, impacting over 37.6m records.  According to new data by Comparitech, 2023 marked a record year, with 954 breaches recorded – a dramatic rise from 139 in 2022 and 783 in 2021. This surge was primarily attributed to MOVEit file transfer software vulnerabilities,
0 Comments
A recent study conducted by the Sysdig Threat Research Team (TRT) has shed light on a novel cyber attack dubbed “LLMjacking,” which exploits stolen cloud credentials to target cloud-hosted large language model (LLM) services.  The attackers gained access to these credentials from a vulnerable version of Laravel (CVE-2021-3129), according to a blog post published on
0 Comments
As cybercriminals and threat actors increase their tooling and capabilities, new sophisticated attack techniques are emerging and it is vital that defenders stay abreast of this evolution. Daniel Blackford, senior manager, threat research at Proofpoint, explained: “A lot of money is following into the hands of bad actors, they’re being very successful. That has allowed
0 Comments
A well-known threat actor is selling what they claim to be a legitimate trove of highly sensitive internal data stolen from Europol this month. “IntelBroker” took to hacking site BreachForums on Friday to advertise their wares. “In May 2024 Europol suffered a data breach and lead [sic] to the exposure of FOUO [for official use
0 Comments
A recent incident involving an MS-SQL (Microsoft SQL) honeypot has shed light on the sophisticated tactics employed by cyber-attackers relying on Mallox ransomware (also known as Fargo, TargetCompany, Mawahelper, etc.). The honeypot, set up by the Sekoia research team, was targeted by an intrusion set utilizing brute-force techniques to deploy the Mallox ransomware via PureCrypter,
0 Comments
The Black Basta ransomware group and its affiliates compromised hundreds of organizations worldwide between April 2022 and May 2024, according to a new report from several US government agencies. The Joint Cybersecurity Advisory (CSA) was issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Health and Human Services (HHS), and Multi-State Information
0 Comments
Critical vulnerabilities have been found within Cinterion cellular modems. Disclosed during a Kaspersky presentation at OffensiveCon in Berlin on May 11, these flaws could allow remote attackers to execute arbitrary code, posing a significant threat to the integrity of millions of industrial devices reliant on these modems. The identified vulnerabilities, including CVE-2023-47610, highlight severe security weaknesses within
0 Comments
A recent analysis has shed light on the extent of phishing and smishing attacks targeting the United States Postal Service (USPS), particularly during the holiday season.  The study, conducted by Akamai Security researchers using anonymized global DNS query logs, revealed a startling trend. Illegitimate domains mimicking USPS websites attracted nearly equal, and sometimes higher, traffic
0 Comments
A state-sponsored threat actor has launched a sophisticated cyber espionage campaign that exploits two vulnerabilities in Cisco firewall platforms, according to an advisory from Cisco Talos. The campaign, dubbed ArcaneDoor, targets perimeter network devices to enable the attacker to undertake a range of actions inside an organization’s systems, including rerouting or modifying traffic and monitoring
0 Comments
US government and critical infrastructure entities were sent 1754 ransomware vulnerability notifications under the Ransomware Vulnerability Warning Pilot (RVWP) program in 2023, resulting in 852 vulnerable devices being secured or taken offline. The highest number of alerts were sent to government facilities (641), which encompasses a range of federal, state and local government organizations, including
0 Comments
The US Senate has voted on a bill that will either ban TikTok or force its parent company, ByteDance, to forfeit ownership of the social media app. TikTok skeptics in the US claimed a landslide victory, with 79 senators voting in favor of the bill and 18 against. The vote occurred on April 24, ten
0 Comments
Scammers have been observed employing a sophisticated tactic to steal Toncoins (TON) from Telegram users globally. This scheme, uncovered by researchers at Kaspersky and described in a report published today, has been operational since November 2023 and exploits the growing popularity of both TON and the messaging platform Telegram. Targets from various regions have fallen
0 Comments
Threat actors have been observed exploiting unpatched Atlassian servers and deploying a Linux variant of Cerber ransomware, also known as C3RB3R.  The attacks capitalize on CVE-2023-22518, a critical security vulnerability in Atlassian Confluence Data Center and Server, enabling an unauthenticated attacker to reset Confluence and create an administrator account. Armed with this access, threat actors
0 Comments
A substantial 93% of enterprises admitting to a breach have suffered significant consequences, ranging from unplanned downtime to data exposure or financial loss.  This alarming statistic, unveiled by Pentera’s latest research efforts, underscores the escalating challenges organizations face in safeguarding their digital assets against evolving cyber-threats. The report, published today, comprehensively analyzes how enterprises worldwide
0 Comments
Russia, Ukraine and China harbor the greatest cybercriminal threat, according to the first World Cybercrime Index (WCI). This world-first cybercrime ranking is the result of work by an international team of academic researchers who surveyed 92 leading cybercrime experts and analyzed the results following a scientific methodology. The research project for the World Cybercrime Index
0 Comments
Cybersecurity researchers have uncovered a significant data exposure concerning nearly 300,000 taxi passengers in the UK and Ireland.  Jeremiah Fowler, in collaboration with vpnMentor, found a non-password-protected database containing personal details such as names, phone numbers and email addresses. These records, belonging to Dublin-based iCabbi, a dispatch and fleet management technology provider, were left vulnerable