The UK’s National Cyber Security Centre (NCSC) has set out plans to launch a new version of its Active Cyber Defence (ACD) initiative to help businesses address evolving cyber-threats. ACD 2.0 will develop a “next generation” suite of cybersecurity tools and services that aim to plug gaps in the commercial market. The NCSC will also
Aug 03, 2024Ravie LakshmananDDoS Attack / Server Security Cybersecurity researchers have disclosed details of a new distributed denial-of-service (DDoS) attack campaign targeting misconfigured Jupyter Notebooks. The activity, codenamed Panamorfi by cloud security firm Aqua, utilizes a Java-based tool called mineping to launch a TCP flood DDoS attack. Mineping is a DDoS package designed for Minecraft
The US Environmental Protection Agency (EPA) urgently needs to address rising cyber risks to water and wastewater systems, a new report by the US Government Accountability Office (GAO) has found. The warning comes amid rising targeting of water systems, including by nation-state actors. In December 2023, the Cybersecurity and Infrastructure Security Agency (CISA) attributed a
Video Organizations that leveraged AI and automation in security prevention cut the cost of a data breach by US$2.22 million compared to those that didn’t deploy these technologies, according to IBM 02 Aug 2024 Organizations that leveraged the power of artificial intelligence (AI) and automation in security prevention cut the cost of a data breach
Aug 03, 2024Ravie LakshmananPrivacy / Data Protection The U.S. Department of Justice (DoJ), along with the Federal Trade Commission (FTC), filed a lawsuit against popular video-sharing platform TikTok for “flagrantly violating” children’s privacy laws in the country. The agencies claimed the company knowingly permitted children to create TikTok accounts and to view and share short-form
The UK’s Information Commissioner’s Office (ICO) has put 11 social media and video sharing platforms “on notice” for failing to do enough to safeguard children’s privacy. The regulator warned the 11 platforms that they could face enforcement action if they do not bring themselves into compliance or demonstrate a compelling reason for their current approach.
Aug 02, 2024Ravie LakshmananCyber Espionage / Malware A Taiwanese government-affiliated research institute that specializes in computing and associated technologies was breached by nation-state threat actors with ties to China, according to new findings from Cisco Talos. The unnamed organization was targeted as early as mid-July 2023 to deliver a variety of backdoors and post-compromise tools
Russian Coms, the scam platform behind 1.8 million fraudulent calls, has been shut down by the UK’s National Crime Agency (NCA). Russian Coms was established in 2021 and is thought to be behind financial losses in the tens of millions of pounds, according to an NCA statement published on August 1. The NCA said
Business Security Many smaller organizations are turning to cyber risk insurance, both to protect against the cost of a cyber incident and to use the extensive post-incident services that insurers provide Tony Anscombe 31 Jul 2024 • , 4 min. read If we were to stop people on the street and ask for words to
Aug 01, 2024Ravie LakshmananVulnerability / Threat Intelligence Over a million domains are susceptible to takeover by malicious actors by means of what has been called a Sitting Ducks attack. The powerful attack vector, which exploits weaknesses in the domain name system (DNS), is being exploited by over a dozen Russian-nexus cybercriminal actors to stealthily hijack
An urgent appeal for blood donations has been issued following a ransomware attack on US blood donation center OneBlood. The non-profit center, headquartered in Florida, said the cyber-attack is impacting its software system, significantly reducing its capacity to collect, test and distribute blood to hospitals in Southeastern US. In a statement on July 31, Susan
ESET Research ESET researchers detected multiple, widespread phishing campaigns targeting SMBs in Poland during May 2024, distributing various malware families Jakub Kaloč 30 Jul 2024 • , 8 min. read Just a few months back, ESET Research published a blogpost about massive phishing campaigns across Central and Eastern Europe carried out during the second half
Jul 31, 2024Ravie LakshmananWeb Security / Compliance Certificate authority (CA) DigiCert has warned that it will be revoking a subset of SSL/TLS certificates within 24 hours due to an oversight with how it verified if a digital certificate is issued to the rightful owner of a domain. The company said it will be taking the
Security researchers have uncovered a sophisticated phishing campaign targeting Microsoft OneDrive users. The campaign employs advanced social engineering tactics to trick users into executing a PowerShell script, compromising their systems. The attack, discovered by the Trellix Advanced Research Center, begins with an email containing an HTML file urging users to resolve a DNS issue to
Generative AI (GenAI) is making waves across the world. Its popularity and widespread use has also attracted the attention of cybercriminals, leading to various cyberthreats. Yet much discussion around threats associated with tools like ChatGPT has focused on how the technology can be misused to help fraudsters create convincing phishing messages, produce malicious code or
Jul 30, 2024Ravie LakshmananMobile Security / Spyware A new iteration of a sophisticated Android spyware called Mandrake has been discovered in five applications that were available for download from the Google Play Store and remained undetected for two years. The applications attracted a total of more than 32,000 installations before being pulled from the app
Security researchers have shed light on a new iteration of Mandrake, a sophisticated Android cyber-espionage malware tool. Initially analyzed by Bitdefender in May 2020, Mandrake had operated undetected for at least four years. In April 2024, Kaspersky researchers discovered suspicious samples that were confirmed to be a new version of Mandrake. This latest variant was
Jul 29, 2024Ravie LakshmananEnterprise Security / Data Protection Cybersecurity company Acronis is warning that a now-patched critical security flaw impacting its Cyber Infrastructure (ACI) product has been exploited in the wild. The vulnerability, tracked as CVE-2023-45249 (CVSS score: 9.8), concerns a case of remote code execution that stems from the use of default passwords. The
Organizations are concerned about security threats stemming from developers using AI, according to a new Checkmarx report. The cloud-native application security provider found that 15% of organizations explicitly prohibit the use of AI tools for code generation, however 99% say that AI code-generating tools are being used regardless. Meanwhile, just 29% of organizations have established
Jul 27, 2024NewsroomCybersecurity / Cloud Security Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that targets Apple macOS systems with the goal of stealing users’ Google Cloud credentials from a narrow pool of victims. The package, named “lr-utils-lib,” attracted a total of 59 downloads before it was taken down.
A hacktivist group has claimed to have leaked CrowdStrike’s entire internal threat actor list, including indicators of compromise (IoC). CrowdStrike acknowledged the claims by the USDoD threat actor in a blog post on July 25, 2024. The firm noted that USDoD provided a link to download the alleged threat actor list and provided a sample
Video Attackers abusing the “EvilVideo” vulnerability could share malicious Android payloads via Telegram channels, groups, and chats, all while making them appear as legitimate multimedia files 26 Jul 2024 This week, ESET researchers documented their discovery of a zero-day exploit that appeared for sale on underground forums and targets the Telegram app for Android. The
Jul 27, 2024NewsroomMalware / Cyber Intelligence French judicial authorities, in collaboration with Europol, have launched a so-called “disinfection operation” to rid compromised hosts of a known malware called PlugX. The Paris Prosecutor’s Office, Parquet de Paris, said the initiative was launched on July 18 and that it’s expected to continue for “several months.” It further
Pathology services provider Synnovis has rebuilt “substantial parts” of its systems since the ransomware attack on June 3, 2024, restoring critical blood supplies to NHS hospitals. Despite this, the NHS issued an alert over blood supply shortages on July 25. However, in an update on July 25, Synnovis revealed it has made significant progress in
A Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service (MaaS) offerings to the next level. Singaporean cybersecurity company Group-IB, which has been tracking the e-crime actor since January 2023, described the crimeware solution as a “sophisticated AI-powered phishing-as-a-service platform” capable of targeting users of more
Ransomware and business email compromise (BEC) attacks accounted for 60% of all incidents in the second quarter of 2024, according to a Cisco Talos report. Technology was the most targeted sector in this period, making up 24% of incidents – a 30% rise on the previous quarter. The researchers said that attackers may view technology
In the past few months, the Telegram clicker game Hamster Kombat has taken the world of cryptocurrency game enthusiasts by storm. Even though the gameplay, which mostly entails repeatedly tapping the screen of one’s mobile device, might be rather simple, players are after something more: the possibility of earning big once Hamster Kombat’s creators unveil
Jul 25, 2024NewsroomMalware / Cyber Espionage A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country. Google-owned Mandiant is tracking the activity cluster under a new moniker APT45, which overlaps
Read more coverage on the CrowdStrike IT outage: CrowdStrike has published a preliminary Post Incident Review (PIR) into the global IT outage on July 19, which was caused by a bug in a content update for its Falcon platform. The cybersecurity vendor revealed the incident was caused by a Rapid Response Content update containing an
Digital Security Organizations, including those that weren’t struck by the CrowdStrike incident, should resist the temptation to attribute the IT meltdown to exceptional circumstances Tony Anscombe 23 Jul 2024 • , 3 min. read As the dust settles on the cyber-incident caused by CrowdStrike releasing a corrupted update, many businesses will, or should, conduct a
- « Previous Page
- 1
- …
- 10
- 11
- 12
- 13
- 14
- …
- 118
- Next Page »