London’s transport authority has confirmed that several services are temporarily suspended, as it scrambles to respond to a cyber-attack that occurred a week ago. Transport for London (TfL) first revealed news of the incident on the evening of September 2 but played down its impact on transport services in the capital. However, an update on
Sep 09, 2024Ravie LakshmananCyber Attack / Threat Intelligence A previously undocumented threat actor with likely ties to Chinese-speaking groups has predominantly singled out drone manufacturers in Taiwan as part of a cyber attack campaign that commenced in 2024. Trend Micro is tracking the adversary under the moniker TIDRONE, stating the activity is espionage-driven given the
The US, UK and seven other governments have accused the Russian military of launching cyber-attacks targeting critical infrastructure for espionage and sabotage purposes. The joint advisory, published on September 5, highlighted the cyber activities of Unit 29155, which the agencies assess to be affiliated with the Main Directorate of the General Staff of the Armed
Video The schemes disproportionately victimize senior citizens, as those aged 60 or over were more than three times as likely as younger adults to fall prey to the scams 06 Sep 2024 Consumers in the United States lost more than $114 million to scams involving Bitcoin ATMs (BTMs) last year, with the figure soaring ten-fold
Sep 07, 2024Ravie LakshmananCybercrime / Dark Web Two men have been indicted in the U.S. for their alleged involvement in managing a dark web marketplace called WWH Club that specializes in the sale of sensitive personal and financial information. Alex Khodyrev, a 35-year-old Kazakhstan national, and Pavel Kublitskii, a 37-year-old Russian national, have been charged
Read more about the international crackdown on spyware US Moves to Ban “Anti-Democratic” Spyware US Cracks Down on Spyware with Visa Restrictions Governments and Tech Giants Unite Against Commercial Spyware Global scrutiny on hack-for-hire services and spyware tools has heightened over the past few months, with many countries strengthening their legal response to human rights
Business Security Would a more robust cybersecurity posture impact premium costs? Does the policy offer legal cover? These are some of the questions organizations should consider when reviewing their cyber insurance options Tony Anscombe 04 Sep 2024 • , 3 min. read There must be a consideration of the ethical question of contributing to the
Sep 07, 2024Ravie LakshmananCyber Security / Malware Threat actors affiliated with North Korea have been observed leveraging LinkedIn as a way to target developers as part of a fake job recruiting operation. These attacks employ coding tests as a common initial infection vector, Google-owned Mandiant said in a new report about threats faced by the
A new software supply chain attack is being exploited in the wild, according to security researchers. The technique targets Python applications distributed via the Python Package Index, or PyPI. Researchers at software supply chain security firm JFrog believe that the attack, dubbed “Revival Hijack,” could affect 22,000 existing Python packages. That, in turn, could lead
ESET Research ESET researchers discuss HotPage, a recently discovered adware armed with a highest-privilege, yet vulnerable, Microsoft-signed driver ESET Research 05 Sep 2024 • , 1 min. read Usually when someone mentions adware, people think of low-quality half-baked malicious code used to spam victims with sketchy ads. But as we explain in this episode of
Sep 06, 2024Ravie LakshmananWordPress / Webinar Security Cybersecurity researchers have discovered yet another critical security flaw in the LiteSpeed Cache plugin for WordPress that could allow unauthenticated users to take control of arbitrary accounts. The vulnerability, tracked as CVE-2024-44000 (CVSS score: 7.5), impacts versions before and including 6.4.1. It has been addressed in version 6.5.0.1.
The US government has set out measures to improve the security for a key part of the internet. The Office of the National Cyber Director (ONCD) has released a roadmap to improve internet routing security, by tackling weaknesses associated with the Border Gateway Protocol (BGP). The ONCD’s roadmap calls for wider adoption of Resource Public
Malware Sometimes there’s more than just an enticing product offer hiding behind an ad Márk Szabó 03 Sep 2024 • , 3 min. read One thing is true: Malware developers are deeply invested in improving their malware and exploring different ways to compromise end users. Malware spreading through ads is nothing new; for a long
Sep 05, 2024Ravie LakshmananCyber Attack / Malware The Chinese-speaking threat actor known as Earth Lusca has been observed using a new backdoor dubbed KTLVdoor as part of a cyber attack targeting an unnamed trading company based in China. The previously unreported malware is written in Golang, and thus is a cross-platform weapon capable of targeting
Civil society and journalists’ groups in Europe are calling on the EU to take tougher action against spyware applications. The Center for Democracy and Technology (CDT Europe), and the fellow organizations in a “co-ordination group”, argue that spyware “poses a significant threat to EU democratic values, public debate and healthy civic spaces.” In a joint
Sep 04, 2024Ravie LakshmananMalware / Network Security A new malware campaign is spoofing Palo Alto Networks’ GlobalProtect VPN software to deliver a variant of the WikiLoader (aka WailingCrab) loader by means of a search engine optimization (SEO) campaign. The malvertising activity, observed in June 2024, is a departure from previously observed tactics wherein the malware
Fota Wildlife Park, in County Cork, Ireland, has been forced to advise customers to cancel their payment cards following a cyber-attack. The attraction is warning customers who carried out “financial transactions on our website” between 12 May and 27 August 2024, to cancel their debit or credit cards via their bank. The park says it has
In the digital realm, secrets (API keys, private keys, username and password combos, etc.) are the keys to the kingdom. But what if those keys were accidentally left out in the open in the very tools we use to collaborate every day? A Single Secret Can Wreak Havoc Imagine this: It’s a typical Tuesday in
The ransomware group BlackByte, believed to be a spin-off of the infamous Conti group, has been observed by cybersecurity experts exploiting a recently disclosed VMware ESXi vulnerability to gain control over virtual machines and escalate privileges within compromised environments. The pivot, discovered by Cisco Talos Incident Response, shows BlackByte’s ability to quickly integrate new vulnerabilities
Sep 02, 2024The Hacker NewsCybercrime / CISO Insights The FBI and CISA Issue Joint Advisory on New Threats and How to Stop Ransomware Note: on August 29, the FBI and CISA issued a joint advisory as part of their ongoing #StopRansomware effort to help organizations protect against ransomware. The latest advisory, AA24-242A, describes a new
In a world-first, a Russian state-sponsored hacking group has used software vulnerability exploits “identical or strikingly similar” to ones previously used by NSO Group and Intellexa, two infamous commercial spyware vendors. In a new report, Google Threat Analysis Group (TAG) shared insights on two watering hole attacks targeting Mongolian government websites between November 2023 and
Aug 31, 2024Ravie LakshmananRootkit / Threat Intelligence A recently patched security flaw in Google Chrome and other Chromium web browsers was exploited as a zero-day by North Korean actors in a campaign designed to deliver the FudModule rootkit. The development is indicative of the persistent efforts made by the nation-state adversary, which had made a
Published vulnerabilities rose by 43% in H1 2024 compared to H1 2023, with attackers heavily targeting flaws in virtual private networks (VPNs) and other perimeter devices for initial access, a new report from Forescout has found. A total of 23,668 vulnerabilities were reported in the first six months of 2024, with an average of 111
ESET researchers discovered a code execution vulnerability in WPS Office for Windows (CVE-2024-7262), as it was being exploited by APT-C-60, a South Korea-aligned cyberespionage group. Upon analyzing the root cause, we subsequently discovered another way to exploit the faulty code (CVE-2924-7263). Following a coordinated disclosure process, both vulnerabilities are now patched – in this blogpost,
Cybersecurity researchers have uncovered a novel malware campaign that leverages Google Sheets as a command-and-control (C2) mechanism. The activity, detected by Proofpoint starting August 5, 2024, impersonates tax authorities from governments in Europe, Asia, and the U.S., with the goal of targeting over 70 organizations worldwide by means of a bespoke tool called Voldemort that’s
A recent surge in malicious activity involving North Korean-linked threat groups has been identified by cybersecurity researchers, revealing a coordinated campaign targeting thenpm ecosystem. The campaign began on August 12 2024, and involved publishing malicious npm packages designed to infiltrate developer environments and steal sensitive data. The newly discovered packages, including temp-etherscan-api, ethersscan-api and telegram-con, exhibit
Video The discovery of the NGate malware by ESET Research is another example of how sophisticated Android threats have become 28 Aug 2024 Recently, ESET Researchers have discovered a crimeware campaign that targeted the clients of prominent Czech banks. The malware, named NGate by ESET, can relay data from victims’ stored payment cards via a
Aug 30, 2024Ravie LakshmananCryptocurrency / Malware Threat actors with ties to North Korea have been observed publishing a set of malicious packages to the npm registry, indicating “coordinated and relentless” efforts to target developers with malware and steal cryptocurrency assets. The latest wave, which was observed between August 12 and 27, 2024, involved packages named
Ransomware attacks on US schools and colleges have surged in recent years, with 491 incidents recorded since 2018, impacting over 8000 educational institutions and exposing 6.7 million individual records. According to a new report by Comparitech, estimated costs exceed $2.5b in downtime alone as schools struggle to restore systems, recover data and strengthen cybersecurity measures.
Internet of Things In the digital graveyard, a new threat stirs: Out-of-support devices becoming thralls of malicious actors Márk Szabó 27 Aug 2024 • , 4 min. read Outdated devices are often easy targets for attackers, especially if they have vulnerabilities that can be exploited and no patches are available due to their end-of-life status.
- « Previous Page
- 1
- …
- 7
- 8
- 9
- 10
- 11
- …
- 118
- Next Page »