Security

North Korean hackers have reportedly stolen a total of $3bn in cryptocurrency since 2017, as revealed in a recent report by Recorded Future’s Insikt Group.  The revelation underscores the prolonged engagement of the regime in the cryptocurrency sector, transitioning from targeting financial institutions through the SWIFT network to a broader strategy during the 2017 cryptocurrency

Threat actors have been observed exploiting a critical vulnerability, CVE-2023-46604, in Apache systems.  Over the past few weeks, Fortiguard Labs identified multiple threat actors leveraging this vulnerability to unleash several malware strains. Among the discoveries is the emergence of a newly discovered Golang-based botnet named GoTitan. This sophisticated botnet has raised concerns due to its ability

Security researchers have uncovered the continuation and expansion of an Android mobile banking Trojan campaign targeting major Iranian banks.  Initially discovered in July 2023, the campaign has not only persisted but has also evolved with enhanced capabilities, according to a new report by Zimperium malware analysts Aazim Bill SE Yaswant and Vishnu Pratapagiri. A prior

Fidelity National Financial (FNF) has disclosed a cybersecurity incident that prompted the company to take down certain systems. The company made the announcement in a recent Form 8-K filing with the Securities and Exchange Commission (SEC) dated November 19 2023. A prominent player in the real estate and mortgage industry, FNF said it initiated an immediate

Security researchers have warned of triple-digit increase in the volume of phishing emails designed to trick shoppers, ahead of the Black Friday online sales bonanza which starts today. For the past few years, the Amazon-inspired event has signaled the unofficial start of the busy shopping season running through to the end of December. However, it

Security researchers have found a way to bypass the popular Windows Hello fingerprint authentication technology, after discovering multiple vulnerabilities. Microsoft’s Offensive Research and Security Engineering (MORSE) asked Blackwing Intelligence to evaluate the security of the top three fingerprint sensors embedded in laptops. The firm studied a Dell Inspiron 15, a Lenovo ThinkPad T14 and a Microsoft

House sales and purchases across the UK have been disrupted by a cyber-attack affecting multiple conveyancing firms. CTS, a legal sector specialist infrastructure service provider, confirmed in a statement that it has experienced a service outage caused by a cyber-incident. The firm said the cyber-attack has impacted a portion of the services it delivers to

The Akamai Security Incident Response Team (SIRT) has detected increased activity targeting a rarely used TCP port across its global honeypots.  The investigation conducted in late October 2023 revealed a specific HTTP exploit path, identifying two zero-day exploits being actively leveraged in the wild.  The first exploit targeted network video recorders (NVRs) used in CCTV

A critical vulnerability in Apache ActiveMQ, identified as CVE-2023-46604, has been exposed, revealing an active exploitation scenario by the notorious Kinsing malware.  According to an advisory published by Trend Micro on Monday, the discovery underscores the implications for Linux systems, as the vulnerability allows for remote code execution (RCE) due to inadequate validation of throwable

Security researchers have detected a Russian-language Word document carrying a malicious macro in the ongoing Konni campaign.  Despite its September 2023 creation date, FortiGuard Labs’ internal telemetry revealed continued activity on the campaign’s command-and-control (C2) server.  This long-running campaign utilizes a remote access Trojan (RAT) capable of extracting information and executing commands on compromised devices, employing

The US Cybersecurity and Infrastructure Security Agency (CISA) has released a Mitigation Guide specifically tailored for the Healthcare and Public Health (HPH) sector. The new guide outlines defensive mitigation strategies and best practices to counteract prevalent cyber-threats targeting critical infrastructure in the healthcare domain. The paper, published on Friday, emphasizes the importance of vulnerability management,

Royal Mail has revealed a multimillion-pound cost attached to a serious ransomware breach it suffered earlier this year. The British postal service company was hit by a LockBit affiliate, in an incident which caused “severe service disruption” for items sent abroad. It later transpired that the ransomware actors were demanding nearly $80m from the firm

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have released a detailed cybersecurity advisory on the sophisticated Scattered Spider threat group, urging critical infrastructure (CNI) firms to implement its mitigation recommendations. The group (also known as 0ktapus, Starfraud, UNC3944, Scatter Swine, Octo Tempest and Muddled Libra) is thought to be responsible for big-name

involving the spoofing of luxury brands, including Louis Vuitton, Rolex, and Ray-Ban. The hackers craft enticing emails promising heavy discounts on these luxury products, with the email addresses manipulated to mimic the authenticity of the brands. Despite the appearance of legitimacy, a closer look reveals that the email origins have no connection to the actual

The Cloud Security Alliance (CSA) has introduced the Certificate of Competence in Zero Trust (CCZT), the industry’s inaugural authoritative zero trust certification.  CSA said the certification responds to the evolving landscape of pervasive technology and the inadequacy of legacy security models. It aims to equip security professionals with the knowledge necessary to develop and implement

The US Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has unveiled its inaugural roadmap for artificial intelligence (AI). The initiative aligns with President Biden’s recent Executive Order, which directed DHS to globally promote AI safety standards, safeguard US networks and critical infrastructure, and address the potential weaponization of AI. The roadmap

Security researchers have discovered a total of 3938 unique secrets on PyPI, the official third-party package management system for the Python community, across all projects, with 768 of them validated as authentic.  Notably, 2922 projects contained at least one unique secret. Among the leaked secrets were various credentials, including AWS Keys, Redis credentials, Google API

The global online gaming community is facing a rising threat from cyber-criminals exploiting vulnerabilities inherent in gamers’ interactions with digital content.  A recent report by Sekoia.io has shed light on a targeted campaign using Discord messages and fake download websites to distribute information-stealing malware within the gaming sphere. According to the post, gamers, in their quest for

Two giants of the banking and legal sectors have been breached by suspected ransomware actors, according to reports. Allen & Overy is one of the UK’s “Magic Circle” law firms. It released a statement yesterday revealing a “data incident” impacting a “small number of storage servers.” Although the firm did not name ransomware as the

Microsoft has revealed a new threat campaign exploiting a zero-day vulnerability in the popular SysAid IT helpdesk software. Posting to X (formerly Twitter) yesterday, the Microsoft Threat Intelligence account said the group is the same one responsible for the MOVEit data theft and extortion campaign – a threat actor known as Lace Tempest (aka DEV-0950,

Most British lawmakers are unaware or misinformed about how and where facial recognition technology (FRT) is being used, and the privacy threats it poses, according to a new Privacy International study. The rights group commissioned YouGov to poll 114 UK MPs about the technology, which uses AI to extract biometric data from facial images captured

The Kaspersky Cyber Threat Intelligence team has unveiled crucial insights into the tactics, techniques and procedures (TTPs) employed by Asian Advanced Persistent Threat (APT) groups. The 370-page report, Modern Asian APT groups: Tactics, Techniques and Procedures, published today, is based on an examination of around one hundred cybersecurity incidents that unfolded across different regions globally, commencing

A new threat intelligence assessment released by Microsoft’s Threat Analysis Center (MTAC) has warned of potential unprecedented challenges to the security of elections over the next year. In its latest report, Microsoft suggested that authoritarian nation states may attempt to interfere with electoral processes using a combination of traditional methods and emerging technologies, including AI. 

The Singapore-based luxury complex Marina Bay Sands revealed it was hit by a security incident that exposed the personal data of 665,000 customers. According to a statement published by the resort, the incident occurred on October 19-20 and involved unauthorized third-party access to its non-casino customers’ loyalty program membership data. The leaked data included personally

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned a Russian national for her involvement in laundering and transferring funds using virtual currency on behalf of Russian elites.  Ekaterina Zhdanova reportedly played a pivotal role in assisting Russian elites and illicit actors in evading US and international sanctions, particularly by

Microsoft has announced a major new cybersecurity initiative designed to help the company better respond to the increasing speed, scale and sophistication of today’s cyber-threats. The Secure Future Initiative has been driven in part by the growing sophistication of state-sponsored actors, in particular the Volt Typhoon campaign targeting US critical infrastructure and the more recent

The UK Frontier AI Taskforce, a government-funded initiative launched in April 2023 as the Foundation Model Taskforce, is evolving to become the UK AI Safety Institute. British Prime Minister Rishi Sunak announced the creation of the Institute during his closing speech at the AI Safety Summit, held in Bletchley Park, England, on November 2, 2023.

Threat actors have compromised sensitive health data on tens of millions of US patients so far this year, according to new figures released by the Department of Health and Human Services (HHS). The HHS said that there had been a 239% increase in “large breaches” reported to its Office for Civil Rights (OCR) in the

A new social engineering campaign conducted by the “MuddyWater” group has been observed targeting two Israeli entities with tactics, techniques and procedures (TTPs) previously associated with this threat actor. MuddyWater, a group known for spear-phishing emails since 2020, has historically employed links and PDFs, RTFs and HTML attachments that direct victims to archives hosted on different file-sharing

North Korean hackers suspected to be associated with the Lazarus Group have been observed targeting blockchain engineers involved in cryptocurrency exchange platforms with a new macOS malware named Kandykorn.  This intrusion, tracked as REF7001 by Elastic Security Labs, utilized a combination of custom and open source capabilities to gain initial access and post-exploitation on macOS