Prolific Chinese espionage group Daggerfly (aka Evasive Panda, Bronze Highland) has extensively updated its malware toolkit, increasing its abilities to target most major operating systems (OS), according to an analysis by Symantec. The latest developments suggest the group is using a shared framework to enable it to effectively target Windows, Linux, macOS and Android OS.
Security
The Play ransomware group has introduced a Linux variant of its malware that specifically targets VMWare ESXi environments, according to recent findings from Trend Micro. First detected in June 2022, the Play ransomware has gained notoriety for its sophisticated double-extortion tactics, custom-built tools and significant impact on organizations, especially in Latin America. Expansion to ESXi
Researchers have uncovered a new form of malware called HotPage.exe. Initially detected at the end of 2023, this malware masquerades as an installer that ostensibly improves web browsing by blocking ads and malicious websites. However, it actually injects code into remote processes and intercepts browser traffic. As described in an advisory published by ESET earlier
A suspected technical issue at cybersecurity vendor CrowdStrike is causing mass IT outages across the world, disrupting critical sectors such as airlines, banks, media and retailing. The issue appears to concern an update to CrowdStrike’s security platform Falcon Sensor, which is impacting Microsoft Windows operating systems. Reports suggest the affected systems are struggling to boot
A US judge has dismissed most of the US Securities and Exchange Commission (SEC) accusations against IT management software company SolarWinds and its CISO, Timothy Brown, over a major 2020 cyberattack. In a 107-page decision made public on July 18, US District Judge Paul Engelmayer in Manhattan said SEC statements claiming that SolarWinds and Brown
Security researchers have identified several vulnerabilities in SAP AI Core, a platform that enables users to develop, train and run AI services. These vulnerabilities, found by Wiz and discussed in an advisory published on Wednesday, highlight significant risks associated with tenant isolation in AI infrastructure. In particular, the investigation into SAP AI Core revealed that
Security researchers have unveiled more information about the Qilin ransomware group, which recently targeted the healthcare sector with a $50 million ransom demand. The attack on Synnovis, a pathology services provider, significantlyimpacted several key NHS hospitals in London earlier this month. Since its identification in July 2022, Qilin has gained notoriety for offering Ransomware-as-a-Service (RaaS)
Security experts have uncovered a critical remote code execution (RCE) vulnerability, identified as CVE-2024-38112, within the MHTML protocol handler. This vulnerability, dubbed ZDI-CAN-24433, was reported from CVE-2024-38112 to Microsoft upon discovery (and later patched by the tech giant), with evidence suggesting it was actively exploited by the advanced persistent threat (APT) group Void Banshee. Known
The Sysdig Threat Research Team (TRT) has revealed significant developments in the activities of the SSH-Snake threat actor. The group, now referred to as CRYSTALRAY, has notably expanded its operations, increasing its victim count tenfold to more than 1500. According to a new advisory published by Sysdig last week, CRYSTALRAY has been observed using a
A leading US car parts provider has revealed that a high-profile data breach earlier in 2024 will impact over two million job applicants and current and former employees. Advance Auto Parts is said to operate nearly 5000 stores and employ around 70,000 people across North America. A breach notification letter filed with the Office of
A County in Indiana, US, has filed a disaster declaration following a ransomware attack on local government networks, which has prevented the administration of critical services. Clay County made the declaration after confirming the incident has resulted in an inability to operate Clay County Courthouse and Clay County Probation/Community Corrections facilities. The July 11 declaration
Telecommunications giant AT&T has revealed that customer data has been illegally downloaded by threat actors. Hackers have downloaded the data from AT&T’s its workspace on a third-party cloud platform, the company confirmed in a statement published on July 12. According to a filing with the US Securities and Exchange Commission (SEC), the company first learned
The US government has urged software manufacturers to work towards the elimination of operating system (OS) command injection vulnerabilities. The alert from the Cybersecurity and Infrastructure Security Agency (CISA) and FBI was issued in response to several high-profile threat actor campaigns in 2024 that exploited OS command injection defects in network edge devices to compromise
A recent surge in fraudulent smishing attacks impersonating India Post, the government-operated postal system, has prompted warnings from Indian authorities and cybersecurity experts. The Press Information Bureau (PIB) issued alerts in June urging vigilance against suspicious messages falsely claiming to be from India Post, part of India’s Ministry of Communications. This tactic, known as smishing,
Evolve Bank & Trust, a prominent US banking-as-a-service company, has recently confirmed that a cyber-attack earlier in 2024 compromised the personal data of millions of customers. In a statement filed with Maine’s attorney general on July 8, Evolve confirmed that the breach affected at least 7.6m individuals, including over 20,000 customers in Maine. This disclosure
Cybersecurity researchers have uncovered a new advanced persistent threat (APT) targeting Russian government entities, dubbed CloudSorcerer. This sophisticated cyberespionage tool, discovered by Kaspersky in May 2024 and discussed in an advisory published by the firm on June 8, is designed for stealth monitoring, data collection and exfiltration, utilizing Microsoft Graph, Yandex Cloud and Dropbox for
Brazil’s National Data Protection Authority (ANPD) has issued a preventive measure halting Meta’s processing of personal data for the training of artificial intelligence (AI) systems. The action comes in response to concerns over the company’s updatedprivacy policy, which permits the use of publicly available data and user-generated content from platforms like Facebook, Messenger and Instagram
The EU Commission has opened applications for over €210m ($227.3m) in funding for cybersecurity and digital skills programs. The latest funding round of the Digital Europe Programme (DEP) will provide €35m ($37.8m) to projects protecting large industrial installations and critical infrastructures. A further €35m will be used for the deployment of state-of-the-art cybersecurity technologies and
Vinted, the leading online platform for second-hand sales, has been fined €2,385,276 ($2,582,730) for breaching the EU’s General Data Protection Regulation (GDPR) in relation to personal data deletion requests. The fine was issued on July 2 by the Lithuanian Data Protection Office (VDAI), the country where Vinted UAB’s global headquarters are based. It follows a
Europol has released a position paper today highlighting significant challenges posed by privacy enhancing technologies (PET) in home routing to lawful interception by law enforcement. The report emphasizes that home routing, which allows telecommunications service providers to maintain services for customers traveling abroad by routing communications through the home network, creates barriers for law enforcement
WordPress plugins are currently facing significant security risks due to a recent discovery detailed in a security advisory published by Patchstack today. The advisory references a Polyfill supply chain attack initially reported on June 25 by Sansec. This attack targets Polyfill.js, a widely used JavaScript library that enables modern functionality on older web browsers lacking native
Election 2024 mobile political spam volumes have seen a threefold increase compared with 2022 midterms. The data comes from recent research by Proofpoint, which also suggests that US voters increasingly turn to digital platforms for information, making them more susceptible to cybercriminal activities. With 60% of US adults preferring digital media for news and 86% using
The EU Commission has informed Meta that its ‘pay or consent’ model breaches EU law as it does not allow users to freely consent to their personal data being collected for advertising purposes. The Commission’s preliminary view is that the tech giant’s new approach is not compliant with Article 5(2) of the Digital Markets Act
Google blocked over 10,000 instances of Dragon Bridge activity in Q1 2024, a China-affiliated influence operator that pushes pro-People’s Republic of China (PRC) views online. The tech giant also disrupted over 65,000 instances of Dragon Bridge activity across YouTube and Blogger in 2023. The Threat Analysis Group (TAG) at Google described the group as the
Large organizations have significantly strengthened their cyber workforce in 2024, according to cyber consultancy Wavestone. In its Cyber Benchmark 2024 report, Wavestone found that, on average, companies with over $1bn in revenues have one expert dedicated to cybersecurity for 1086 employees. In 2023, the same organizations had one cyber professional for 1285 employees – a
Remote software provider TeamViewer has been hit by a cyber-attack that it has attributed to Russian state-affiliated threat actor Midnight Blizzard/APT29. The firm revealed it identified suspicious behavior on a standard employee account within its corporate IT environment on Wednesday, June 26. It has tied the incident to the credentials of that account. TeamViewer said
A third (33%) of security leaders believe companies often sacrifice long-term security for cost savings. The data comes from Bugcrowd’s 2024 Inside the Mind of a CISO report, which also suggests that 40% of security leaders think fewer than one-third of companies understand their breach risks. Despite these concerns, nearly 87% of security leaders are actively
Progress Software has disclosed two fresh vulnerabilities in its MOVEit file transfer products. The first is an authentication bypass affecting the MOVEit Transfer SFTP service in a default configuration (CVE-2024-5806). It affects the Secure File Transfer Protocol (SFTP) service from version 2023.0.0 to 2023.0.11, 2023.1.0 to 2023.1.6 and 2024.0.0 to 2024.0.2. The second is an
New fraud campaigns have been discovered involving the Medusa (TangleBot) banking Trojan, which had evaded detection for nearly a year. An analysis published by Cleafy researchers last week revealed that this sophisticated malware family, first identified in 2020, has resurfaced with significant changes. This malware, known for its remote access Trojan (RAT) capabilities, includes keylogging,
Security researchers from Group-IB have unveiled the operations of a threat actor known as Boolka, whose activities involve deploying sophisticated malware and engaging in web attacks. According to an advisory published by the company on Friday, the group has been observed exploiting vulnerabilities through SQL injection attacks since 2022, targeting websites across various countries. The
- « Previous Page
- 1
- …
- 4
- 5
- 6
- 7
- 8
- …
- 51
- Next Page »