Security

0 Comments
The cyber mercenary group, Void Balaur, continues expanding its hack–for–hire campaigns despite disruptions to its online advertising personas. The new information comes from cybersecurity experts at SentinelLabs, who recently published an advisory detailing Void Balaur’s latest campaigns. Written by senior threat researcher Tom Hegel, the document discusses the findings that SentinelLabs first unveiled at its
0 Comments
The Department of Air Force (DAF) Enterprise IT as a Service’s (EITaaS) Base Infrastructure Modernization (BIM) procurement said it will evolve its digital modernization strategy to an “as a Service” model that will integrate network, end–user services and computing platforms. According to an announcement by technology company Lumen, which will collaborate with the DAF on the
0 Comments
Threat actors deployed OAuth applications on compromised cloud tenants and then used them to control Exchange servers and spread spam. The news is the result of an investigation by Microsoft researchers. It revealed the threat actors launched credential–stuffing attacks (which use lists of compromised user credentials) against high–risk, unsecured administrator accounts that didn’t have multi–factor authentication (MFA)
0 Comments
American financial services giant Morgan Stanley agreed to pay the Securities and Exchange Commission (SEC) a $35m penalty on Tuesday over data security lapses. According to the SEC’s complaint, the firm would have allowed roughly 1000 unencrypted hard drives (HDDs) and about 8000 backup tapes from decommissioned data centers to be resold on auction sites without
0 Comments
The UK’s National Cyber Security Centre (NCSC), part of GCHQ, has launched two pieces of guidance on September 21, 2022 to help organizations protect themselves and their customers online. The two guides, respectively called ‘Authentication methods: choosing the right type’ and ‘Removing malicious content to protect your brand,’ are specifically suited to companies with online
0 Comments
Threat actor Lapsus$ is now seemingly responsible for hacking gaming giant Rockstar Games after targeting mega-brands like Microsoft, Cisco, Samsung, Nvidia, Okta and probably Uber. An account operating name ‘teapotuberhacker’ posted on GTAForums around 90 videos of what appeared to be in-development footage of the upcoming Rockstar Games installment, Grand Theft Auto 6 – that
0 Comments
Uber appears to have been breached again, after a threat actor reportedly accessed its email and cloud systems, code repositories, internal Slack account and HackerOne tickets. The ride-hailing giant released a terse message on Twitter yesterday saying it is “currently responding to a cybersecurity incident” and is in touch with law enforcement. Meanwhile, the alleged hacker
0 Comments
Hackers associated with North Korea are using trojanized versions of the PuTTY SSH open-source terminal emulator to install backdoors on victims’ devices. Discovered by Mandiant, the threat actor responsible for this campaign would be ‘UNC4034’ (also known as Temp.Hermit or Labyrinth Chollima). “Mandiant identified several overlaps between UNC4034 and threat clusters we suspect have a North
0 Comments
Cybersecurity agencies in the US, UK, Australia and Canada have warned that Iranian state-sponsored hackers are exploiting Log4j vulnerabilities in ransomware campaigns. An alert published this week said Tehran’s Islamic Revolutionary Guard Corps (IRGC) was behind multiple attacks exploiting VMware Horizon Log4j bugs on unprotected networks to enable disk encryption and data extortion. These include
0 Comments
Some 80% of organizations suffered a “severe” cloud security incident over the past year, while a quarter worry they’ve suffered a cloud data breach and aren’t aware of it, according to new research from Snyk. The developer security specialist polled 400 cloud engineering and security practitioners from organizations of various sizes and sectors, to compile
0 Comments
by Paul Ducklin Researchers at threat intelligence company Group-IB just wrote an intriguing real-life story about an annoyingly simple but surprisingly effective phishing trick known as BitB, short for browser-in-the-browser. You’ve probably heard of several types of X-in-the-Y attack before, notably MitM and MitB, short for manipulator-in-the-middle and manipulator-in-the-browser. In a MitM attack, the attackers
0 Comments
Threat actors exploited a vulnerability in a popular VoIP appliance to gain access to a victim’s corporate network, researchers have revealed. A team at Arctic Wolf said that the unnamed organization was compromised by the Lorenz ransomware variant. The group apparently targeted the Mitel Service Appliance component of MiVoice Connect, via remote code execution bug
0 Comments
Investigators have disrupted a major organized crime gang believed to have tricked thousands of British victims into handing over money. The UK’s National Crime Agency (NCA) and Romanian police searched two penthouse apartments in Bucharest thought to have been the nerve center for a fraud operation that targeted consumers across Europe on a “massive scale.”
0 Comments
More than 10% of enterprise IT assets are missing endpoint protection and roughly 5% are not covered by enterprise patch management solutions.  The figures come from new research by Sevco Security, which the company has compiled in the State of the Cybersecurity Attack Surface report. “Attackers are very adept at exploiting enterprise vulnerabilities. Security and IT
0 Comments
On April 20, 2022, Rapid7 discovered vulnerabilities in two TCP/IP–enabled medical devices produced by Baxter Healthcare. The flaws, four in total, affected the company’s SIGMA Spectrum Infusion Pump and SIGMA WiFi Battery. Almost five months after Rapid7 first reported the issues to Baxter, the companies are now revealing they have worked together to discuss the