Security

In a world-first, a Russian state-sponsored hacking group has used software vulnerability exploits “identical or strikingly similar” to ones previously used by NSO Group and Intellexa, two infamous commercial spyware vendors. In a new report, Google Threat Analysis Group (TAG) shared insights on two watering hole attacks targeting Mongolian government websites between November 2023 and

Published vulnerabilities rose by 43% in H1 2024 compared to H1 2023, with attackers heavily targeting flaws in virtual private networks (VPNs) and other perimeter devices for initial access, a new report from Forescout has found. A total of 23,668 vulnerabilities were reported in the first six months of 2024, with an average of 111

A recent surge in malicious activity involving North Korean-linked threat groups has been identified by cybersecurity researchers, revealing a coordinated campaign targeting thenpm ecosystem. The campaign began on August 12 2024, and involved publishing malicious npm packages designed to infiltrate developer environments and steal sensitive data. The newly discovered packages, including temp-etherscan-api, ethersscan-api and telegram-con, exhibit

Ransomware attacks on US schools and colleges have surged in recent years, with 491 incidents recorded since 2018, impacting over 8000 educational institutions and exposing 6.7 million individual records. According to a new report by Comparitech, estimated costs exceed $2.5b in downtime alone as schools struggle to restore systems, recover data and strengthen cybersecurity measures.

A vulnerability in Microsoft 365 Copilot that allowed attackers to steal users’ sensitive information has been disclosed by a cybersecurity researcher. Johann Rehberger, who discovered the flaw, described the exploit chain in a blog post published on August 26. The attack combines several advanced techniques, including prompt injection, automatic tool invocation and a novel method called

A long-standing but stealthy group allegedly helping cyber-attackers penetrate IT systems by offering CAPTCHA-solving services has recently been discovered. In a new report, Arkose Cyber Threat Intelligence Research (ACTIR) shared that it had identified a cyber-attack enabling business it named Greasy Opal after observing the group’s tools being used to attack Arkose Labs’ customers. Greasy

YouTube has released a new AI troubleshooting tool to help users recover their accounts after they’ve been hacked. The AI chatbot “support assistant” will act as a guide for users to resecure their login and recover their account after its been hacked. Eligible users will be able to access the tool in the YouTube Help

Qilin, the ransomware group believed to be behind the recent Synnovis attack, has been observed stealing credentials stored in Google Chrome after gaining access to a target’s network. Researchers at Sophos X-Ops, who detected the activity, said this is an unusual tactic for ransomware groups, and one that could be a bonus multiplier for the

The US government has filed a lawsuit against the Georgia Institute of Technology (Georgia Tech) and its affiliate Georgia Tech Research Corporation (GTRC) for alleged cybersecurity violations. The Department of Justice (DoJ) has joined a whistleblower to file a “complaint-in-intervention” against the institutions for “knowingly” failing to implement cybersecurity controls as required by their Department

A newly discovered malware, Cthulhu Stealer, has been observed targeting macOS users, marking another significant cybersecurity threat to Apple’s operating system.  The tool, identified by Cado Security, operates as a malware-as-a-service (MaaS) and leverages Apple disk images (DMG) to disguise itself as legitimate software. How Cthulhu Stealer Works The Cthulhu Stealer primarily focuses on stealing

A newly discovered remote access Trojan (RAT) family, MoonPeak, has been linked to a North Korean-affiliated threat group known as UAT-5394. This sophisticated malware, based on the open-source XenoRAT, is undergoing active development, showcasing significant enhancements aimed at evading detection and improving functionality, according to recent research from Cisco Talos. Connection to Kimsuky UAT-5394, an

A recently discovered sophisticated mobile phishing technique has been observed in financial fraud campaigns across the Czech Republic, Hungary and Georgia. This phishing method leverages progressive web applications (PWA), these types of web applications offer a native-app-like experience and are gaining momentum on both Android and iOS devices. This technique is noteworthy because it installs

Read more about election security: Potential ransomware attacks during the 2024 election cycle have been deemed unlikely to compromise the security or accuracy of vote casting or counting. The news comes from a public service announcement (PSA) issued on August 15 by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency

National Public Data, a US background check company, suffered a data breach in April 2024 that could have exposed sensitive data records of millions of US, UK and Canadian residents. The Florida-based data broker, which provides access to data from various public record databases, court records, state and national databases and other repositories nationwide, confirmed

Microsoft has announced it is mandating multi-factor authentication (MFA) for all Azure sign-ins. Customers can select from multiple MFA options through Microsoft Entra to meet their needs. These are: Users approving sign-ins from a mobile app using push notifications, biometrics, or one-time passcodes though Microsoft Authenticator FIDO2 security keys, enabling sign-ins without a username or

Two US House of Representatives members have called on the US Department of Commerce to investigate Chinese-made Wi-Fi routers deployed in the US over hacking and espionage concerns. John Moolenaar (R-MI), chairman of the House Select Committee on the Strategic Competition Between the United States and the Chinese Communist Party, and Raja Krishnamoorthi (D-IL), a

Read more about cybersecurity at the Paris Olympics:  A new report has revealed a surge in malicious online activities leading up to the Paris Olympic Games, which started on July 26, 2024.  Published by cybersecurity researchers at BforeAI today, the new data shows threat actors exploited the popularity of the event by setting up fake

A new sophisticated phishing attack featuring a stealthy infostealer malware that exfiltrates a wide range of sensitive data has been uncovered by threat analysts.  This malware not only targets traditional data types like saved passwords but also includes session cookies, credit card information, Bitcoin-related extensions and browsing history. The collected data is then sent as a

Australian gold mining firm Evolution Mining recently reported a ransomware attack on its IT systems, identified on August 8, 2024.  In a Monday filing with the Australian Securities Exchange (ASX), the company stated that the incident was contained.  “The incident has been proactively managed with a focus on protecting the health, safety and privacy of

A newly discovered vulnerability, identified as CVE-2024-6768, has surfaced in the Common Log File System (CLFS.sys) driver of Windows.  This issue, identified by Fortra cybersecurity researcher, Ricardo Narvaja, highlights a flaw that could allow an unprivileged user to cause a system crash, resulting in Blue Screen of Death (BSOD).  The vulnerability exists due to improper input

OpenAI has a tool to automatically watermark AI-generated content, but company leadership is split on whether to release it to the public. According to The Wall Street Journal, the company behind ChatGPT started developing a tool capable of labeling content generated by its large language models (LLMs) two years ago. People familiar with the matter

In early July 2024, some of the world’s leading AI companies joined forces to create the Coalition for Secure AI (CoSAI). During a conversation with Infosecurity at Black Hat USA 2024, Jason Clinton, CISO at Anthropic, one of CoSAI’s founding members, explained some of the key goals of the new coalition and the cybersecurity focus

One of the US Cybersecurity and Infrastructure Security Agency’s (CISA) flagship initiatives is Secure by Design, launched in 2023. Now, the agency is imploring software customers to take the approach of Secure by Demand. This was the message given by CISA director Jen Easterly during the primary stage talk at Black Hat USA. “You have to

As the 2024 US election approaches, cybersecurity leaders intensify their efforts to safeguard the democratic process, drawing insights from global partners to address evolving threats. Jen Easterly, the director of the US Cybersecurity and Infrastructure Security Agency (CISA) spoke at Black Hat USA about her confidence in the integrity of the nation’s election officials. However,

The recent CrowdStrike IT outage served as a dress rehearsal for a potential cyber-attack on critical infrastructure that could potentially be orchestrated by a nation-state like China. The CrowdStrike IT outage was a useful exercise in what may happen if China were to act in a disruptive manner against critical systems. “It’s really about building

Darktrace researchers have reported that 17.8 million phishing emails were detected between December 2023 and July 2024. The new report, published today at Black Hat USA, analyzes cyber-threats faced by businesses in the first half of the year and highlights the ongoing dominance of cybercrime-as-a-service.  According to the new figures, models like malware-as-a-service (MaaS) and

A new report from HP Wolf Security has highlighted the growing danger from threat actors targeting physical device supply chains with 19% of organizations saying they have been impacted by nation-state threat actors targeting physical PC, laptop or printer supply chains. Of the 800 IT and security decision makers surveyed, almost all (91%) believe nation-state

The UK’s National Cyber Security Centre (NCSC) has set out plans to launch a new version of its Active Cyber Defence (ACD) initiative to help businesses address evolving cyber-threats. ACD 2.0 will develop a “next generation” suite of cybersecurity tools and services that aim to plug gaps in the commercial market. The NCSC will also

The US Environmental Protection Agency (EPA) urgently needs to address rising cyber risks to water and wastewater systems, a new report by the US Government Accountability Office (GAO) has found. The warning comes amid rising targeting of water systems, including by nation-state actors. In December 2023, the Cybersecurity and Infrastructure Security Agency (CISA) attributed a

The UK’s Information Commissioner’s Office (ICO) has put 11 social media and video sharing platforms “on notice” for failing to do enough to safeguard children’s privacy. The regulator warned the 11 platforms that they could face enforcement action if they do not bring themselves into compliance or demonstrate a compelling reason for their current approach.