0 Comments
The threat actors behind the 8Base ransomware are leveraging a variant of the Phobos ransomware to conduct their financially motivated attacks. The findings come from Cisco Talos, which has recorded an increase in activity carried out by cybercriminals. “Most of the group’s Phobos variants are distributed by SmokeLoader, a backdoor trojan,” security researcher Guilherme Venere
0 Comments
involving the spoofing of luxury brands, including Louis Vuitton, Rolex, and Ray-Ban. The hackers craft enticing emails promising heavy discounts on these luxury products, with the email addresses manipulated to mimic the authenticity of the brands. Despite the appearance of legitimacy, a closer look reveals that the email origins have no connection to the actual
0 Comments
Nov 18, 2023NewsroomCyber Attack / USB Worm Russian cyber espionage actors affiliated with the Federal Security Service (FSB) have been observed using a USB propagating worm called LitterDrifter in attacks targeting Ukrainian entities. Check Point, which detailed Gamaredon’s (aka Aqua Blizzard, Iron Tilden, Primitive Bear, Shuckworm, and Winterflounder) latest tactics, branded the group as engaging
0 Comments
The Cloud Security Alliance (CSA) has introduced the Certificate of Competence in Zero Trust (CCZT), the industry’s inaugural authoritative zero trust certification.  CSA said the certification responds to the evolving landscape of pervasive technology and the inadequacy of legacy security models. It aims to equip security professionals with the knowledge necessary to develop and implement
0 Comments
Nov 17, 2023NewsroomPatch Management / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild. The vulnerabilities are as follows – CVE-2023-36584 (CVSS score: 5.4) – Microsoft Windows Mark-of-the-Web (MotW) Security Feature Bypass Vulnerability
0 Comments
The US Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has unveiled its inaugural roadmap for artificial intelligence (AI). The initiative aligns with President Biden’s recent Executive Order, which directed DHS to globally promote AI safety standards, safeguard US networks and critical infrastructure, and address the potential weaponization of AI. The roadmap
0 Comments
Nov 16, 2023NewsroomCyber Warfare / Threat Intelligence Russian threat actors have been possibly linked to what’s been described as the “largest cyber attack against Danish critical infrastructure,” in which 22 companies associated with the operation of the country’s energy sector were targeted in May 2023. “22 simultaneous, successful cyberattacks against Danish critical infrastructure are not
0 Comments
Security researchers have discovered a total of 3938 unique secrets on PyPI, the official third-party package management system for the Python community, across all projects, with 768 of them validated as authentic.  Notably, 2922 projects contained at least one unique secret. Among the leaked secrets were various credentials, including AWS Keys, Redis credentials, Google API
0 Comments
The global online gaming community is facing a rising threat from cyber-criminals exploiting vulnerabilities inherent in gamers’ interactions with digital content.  A recent report by Sekoia.io has shed light on a targeted campaign using Discord messages and fake download websites to distribute information-stealing malware within the gaming sphere. According to the post, gamers, in their quest for
0 Comments
Two giants of the banking and legal sectors have been breached by suspected ransomware actors, according to reports. Allen & Overy is one of the UK’s “Magic Circle” law firms. It released a statement yesterday revealing a “data incident” impacting a “small number of storage servers.” Although the firm did not name ransomware as the
0 Comments
Business Security By collecting, analyzing and contextualizing information about possible cyberthreats, including the most advanced ones, threat intelligence offers a critical method to identify, assess and mitigate cyber risk Phil Muncaster 10 Nov 2023  •  , 4 min. read When it comes to mitigating an organization’s cyber risk, knowledge and expertise are power. That alone
0 Comments
Nov 13, 2023NewsroomNational Security / Cyber Attack Cybersecurity researchers have discovered what they say is malicious cyber activity orchestrated by two prominent Chinese nation-state hacking groups targeting 24 Cambodian government organizations. “This activity is believed to be part of a long-term espionage campaign,” Palo Alto Networks Unit 42 researchers said in a report last week.
0 Comments
Microsoft has revealed a new threat campaign exploiting a zero-day vulnerability in the popular SysAid IT helpdesk software. Posting to X (formerly Twitter) yesterday, the Microsoft Threat Intelligence account said the group is the same one responsible for the MOVEit data theft and extortion campaign – a threat actor known as Lace Tempest (aka DEV-0950,
0 Comments
Nov 11, 2023NewsroomThreat Intelligence / Cybercrime A sub-cluster within the infamous Lazarus Group has established new infrastructure that impersonates skills assessment portals as part of its social engineering campaigns. Microsoft attributed the activity to a threat actor it calls Sapphire Sleet, describing it as a “shift in the persistent actor’s tactics.” Sapphire Sleet, also called
0 Comments
ESET researchers have identified what appears to be a watering-hole attack on a regional news website that delivers news about Gilgit-Baltistan, a disputed region administered by Pakistan. When opened on a mobile device, the Urdu version of the Hunza News website offers readers the possibility to download the Hunza News Android app directly from the
0 Comments
Nov 10, 2023NewsroomCyber Warfare / Network Security The notorious Russian hackers known as Sandworm targeted an electrical substation in Ukraine last year, causing a brief power outage in October 2022. The findings come from Google’s Mandiant, which described the hack as a “multi-event cyber attack” leveraging a novel technique for impacting industrial control systems (ICS).
0 Comments
The Kaspersky Cyber Threat Intelligence team has unveiled crucial insights into the tactics, techniques and procedures (TTPs) employed by Asian Advanced Persistent Threat (APT) groups. The 370-page report, Modern Asian APT groups: Tactics, Techniques and Procedures, published today, is based on an examination of around one hundred cybersecurity incidents that unfolded across different regions globally, commencing
0 Comments
Nov 10, 2023NewsroomPrivacy / Cyber Espionage Urdu-speaking readers of a regional news website that caters to the Gilgit-Baltistan region have likely emerged as a target of a watering hole attack designed to deliver a previously undocumented Android spyware dubbed Kamran. The campaign, ESET has discovered, leverages Hunza News (urdu.hunzanews[.]net), which, when opened on a mobile
0 Comments
A new threat intelligence assessment released by Microsoft’s Threat Analysis Center (MTAC) has warned of potential unprecedented challenges to the security of elections over the next year. In its latest report, Microsoft suggested that authoritarian nation states may attempt to interfere with electoral processes using a combination of traditional methods and emerging technologies, including AI. 
0 Comments
Nov 09, 2023NewsroomCyber Attack / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw in the Service Location Protocol (SLP) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-29552 (CVSS score: 7.5), the issue relates to a denial-of-service (DoS) vulnerability that could be
0 Comments
The Singapore-based luxury complex Marina Bay Sands revealed it was hit by a security incident that exposed the personal data of 665,000 customers. According to a statement published by the resort, the incident occurred on October 19-20 and involved unauthorized third-party access to its non-casino customers’ loyalty program membership data. The leaked data included personally