Security

0 Comments
Trojanized crypto-currency miners, also known as cryptojackers, continue to spread across computers around the world, while also becoming stealthier and increasingly avoiding detection. The data comes from Microsoft’s 365 Defender Research Team, who published a new analysis of cryptojackers on Thursday on its blog. “In the past several months, Microsoft Defender Antivirus detected cryptojackers on
0 Comments
The Chinese advanced persistent threat (APT) actor known as APT41 (or Barium, Bronze Atlas, Double Dragon and Wicked Panda) has targeted at least 13 organizations across the US, Taiwan, India, Vietnam and China as part of four different campaigns in 2021. The news comes from Group-IB Security researchers, who published an advisory detailing APT41 activities from
0 Comments
The Estonian government has revealed that the country was on the receiving end of the “most extensive” DDoS attacks in 15 years this week after angering Moscow. The former Soviet state reportedly removed a Red Army monument from Tallin square this week, while a Soviet-era tank was removed in the eastern city of Narva. The government has
0 Comments
Security experts have repeated warnings about malicious applications hiding on official mobile app stores after finding dozens of them on Google Play. Bitdefender said it identified 35 in total by using behavioral analysis technology to scan the marketplace. They totaled over two million downloads. The apps perform various malicious activities to achieve persistence on the user’s
0 Comments
Removable media represents the second greatest threat to operational technology (OT) systems so far this year, according to new data from IBM X-Force. The vendor analyzed its incident response and managed security services (MSS) data in light of the ongoing threat from Russia and a fast-expanding digital attack surface for many OT asset owners and
0 Comments
Microsoft claims to have disrupted a prolific Russian state-backed threat group known for conducting long-running cyber-espionage campaigns against mainly NATO countries. In an update on August 15, the tech giant said it had disabled accounts used by the “Seaborgium” group for reconnaissance, phishing, and email collection, and updated detections against its phishing domains in Microsoft
0 Comments
by Paul Ducklin At the well-known DEF CON security shindig in Las Vegas, Nevada, last week, Mac cybersecurity researcher Patrick Wardle revealed a “get-root” elevation of privilege (EoP) bug in Zoom for Mac: Mahalo to everybody who came to my @defcon talk “You’re M̶u̶t̶e̶d̶ Rooted” 🙏🏽 Was stoked to talk about (& live-demo 😅) a
0 Comments
Only a fifth of North American organizations have cyber-insurance coverage over $600,000, leaving a potentially significant shortfall in funds if they are compromised by ransomware, according to BlackBerry. The security software developer teamed up with Corvus Insurance to produce its BlackBerry Cyber Insurance Coverage study, compiled from interviews with 450 IT decision makers in the
0 Comments
A key NHS IT partner that was hit by a ransomware attack last week has said it could take three to four weeks before all systems are back to normal. Advanced runs several key systems for the health service, including clinical patient management software (Adastra) and financial management software (eFinancials). One of its most important
0 Comments
The threat actor known as DeathStalker has continued to target and disrupt foreign and cryptocurrency exchanges around the world throughout 2022 using the VileRAT malware, according to security researchers from Kaspersky. The findings are detailed in an advisory published on August 10 2022, which mentions a number of VileRAT-focussed campaigns  supposedly perpetrated by DeathStalker, starting
0 Comments
Security researchers from Check Point have spotted 10 malicious packages on Python Package Index (PyPI), the primary Python package index used by Python developers. The first of them was Ascii2text, a malicious package that mimicked the popular art package by name and description. “Interestingly, [threat actors] were smart enough to copy the entire project description without
0 Comments
A “perfect storm” of surging threats, economic headwinds and evolving regulations will see many organizations miss out on cyber-insurance in 2023, experts have warned. Insurers have been increasing premiums whilst reducing coverage over recent months in response to the rising frequency, severity and cost of cyber-attacks. UK pricing increased 102% in the first quarter of 2022,
0 Comments
by Paul Ducklin Popular collaboration tool Slack (not to be confused with the nickname of the world’s longest-running Linux distro, Slackware) has just owned up to a cybersecurity SNAFU. According to a news bulletin entitled Notice about Slack password resets, the company admitted that it had inadvertently been oversharing personal data “when users created or
0 Comments
ReversingLabs researchers discovered a new ransomware family targeting Linux-based systems in South Korea. Dubbed GwisinLocker, the malware was detected by ReversingLabs on July 19 while undertaking successful campaigns targeting firms in the industrial and pharmaceutical space. “In those incidents, it often launched attacks on public holidays and during the early morning hours (Korean time) – looking to
0 Comments
Cybersecurity experts from Deepwatch spotted activity from threat actors (TA) that “highly likely” exploited a security flaw in the Atlassian Confluence server (CVE-2022-26134) to deploy a new backdoor dubbed “Ljl” against a number of unnamed organizations. Deepwatch’s Adversary Tactics and Intelligence group (ATI) described the findings in an advisory published on Tuesday. After gaining initial
0 Comments
Security researchers from ThreatLabz have uncovered a new strain of a large-scale phishing campaign using adversary-in-the-middle (AiTM) techniques along with several evasion tactics. According to an advisory published by the company on Tuesday, similar AiTM phishing techniques were used in a separate phishing campaign described by Microsoft last month. Now, ThreatLabz revealed that using intelligence