The advanced persistent threat known as Winter Vivern has been linked to campaigns targeting government officials in India, Lithuania, Slovakia, and the Vatican since 2021. The activity targeted Polish government agencies, the Ukraine Ministry of Foreign Affairs, the Italy Ministry of Foreign Affairs, and individuals within the Indian government, SentinelOne said in a report shared with The Hacker … [Read more...]
Google Uncovers 18 Severe Security Vulnerabilities in Samsung Exynos Chips
Mar 17, 2023Ravie LakshmananMobile Security / Firmware Google is calling attention to a set of severe security flaws in Samsung's Exynos chips, some of which could be exploited remotely to completely compromise a phone without requiring any user interaction. The 18 zero-day vulnerabilities affect a wide range of Android smartphones from Samsung, Vivo, Google, wearables using the Exynos W920 … [Read more...]
Chinese and Russian Hackers Using SILKLOADER Malware to Evade Detection
Threat activity clusters affiliated with the Chinese and Russian cybercriminal ecosystems have been observed using a new piece of malware that's designed to load Cobalt Strike onto infected machines. Dubbed SILKLOADER by Finnish cybersecurity company WithSecure, the malware leverages DLL side-loading techniques to deliver commercial adversary simulation software. The development comes as improved … [Read more...]
Cryptojacking Group TeamTNT Suspected of Using Decoy Miner to Conceal Data Exfiltration
Mar 16, 2023Ravie LakshmananCryptojacking / Cyber Attack The cryptojacking group known as TeamTNT is suspected to be behind a previously undiscovered strain of malware used to mine Monero cryptocurrency on compromised systems. That's according to Cado Security, which found the sample after Sysdig detailed a sophisticated attack known as SCARLETEEL aimed at containerized environments to … [Read more...]
Authorities Shut Down ChipMixer Platform Tied to Crypto Laundering Scheme
Mar 16, 2023Ravie LakshmananCyber Crime / Cryptocurrency A coalition of law enforcement agencies across Europe and the U.S. announced the takedown of ChipMixer, an unlicensed cryptocurrency mixer that began its operations in August 2017. "The ChipMixer software blocked the blockchain trail of the funds, making it attractive for cybercriminals looking to launder illegal proceeds from criminal … [Read more...]
What's Wrong with Manufacturing?
In last year's edition of the Security Navigator we noted that the Manufacturing Industry appeared to be totally over-represented in our dataset of Cyber Extortion victims. Neither the number of businesses nor their average revenue particularly stood out to explain this. Manufacturing was also the most represented Industry in our CyberSOC dataset – contributing more Incidents than any other … [Read more...]
Multiple Hacker Groups Exploit 3-Year-Old Vulnerability to Breach U.S. Federal Agency
Mar 16, 2023Ravie LakshmananCyber Attack / Vulnerability Multiple threat actors, including a nation-state group, exploited a critical three-year-old security flaw in Progress Telerik to break into an unnamed federal entity in the U.S. The disclosure comes from a joint advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and … [Read more...]
CISA Issues Urgent Warning: Adobe ColdFusion Vulnerability Exploited in the Wild
Mar 16, 2023Ravie LakshmananZero-Day / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on March 15 added a security vulnerability impacting Adobe ColdFusion to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The critical flaw in question is CVE-2023-26360 (CVSS score: 8.6), which could be exploited by a threat actor to … [Read more...]
YoroTrooper Stealing Credentials and Information from Government and Energy Organizations
Mar 15, 2023Ravie LakshmananCyber Espionage / Data Security A previously undocumented threat actor dubbed YoroTrooper has been targeting government, energy, and international organizations across Europe as part of a cyber espionage campaign that has been active since at least June 2022. "Information stolen from successful compromises include credentials from multiple applications, browser … [Read more...]
New Cryptojacking Operation Targeting Kubernetes Clusters for Dero Mining
Mar 15, 2023Ravie LakshmananServer Security / Cryptocurrency Cybersecurity researchers have discovered the first-ever illicit cryptocurrency mining campaign used to mint Dero since the start of February 2023. "The novel Dero cryptojacking operation concentrates on locating Kubernetes clusters with anonymous access enabled on a Kubernetes API and listening on non-standard ports accessible from … [Read more...]
The Different Methods and Stages of Penetration Testing
Mar 15, 2023The Hacker NewsPenetration Testing / Cyber Security The stakes could not be higher for cyber defenders. With the vast amounts of sensitive information, intellectual property, and financial data at risk, the consequences of a data breach can be devastating. According to a report released by Ponemon institute, the cost of data breaches has reached an all-time high, averaging $4.35 … [Read more...]
Tick APT Targeted High-Value Customers of East Asian Data-Loss Prevention Company
Mar 15, 2023Ravie LakshmananCyber Attack / Data Safety A cyberespionage actor known as Tick has been attributed with high confidence to a compromise of an East Asian data-loss prevention (DLP) company that caters to government and military entities. "The attackers compromised the DLP company's internal update servers to deliver malware inside the software developer's network, and trojanized … [Read more...]
Microsoft Rolls Out Patches for 80 New Security Flaws — Two Under Active Attack
Mar 15, 2023Ravie LakshmananPatch Tuesday / Software Update Microsoft's Patch Tuesday update for March 2023 is rolling out with remediations for a set of 80 security flaws, two of which have come under active exploitation in the wild. Eight of the 80 bugs are rated Critical, 71 are rated Important, and one is rated Moderate in severity. The updates are in addition to 29 flaws the tech giant … [Read more...]
GoBruteforcer: New Golang-Based Malware Breaches Web Servers Via Brute-Force Attacks
Mar 14, 2023Ravie LakshmananNetwork Security / Botnet A new Golang-based malware dubbed GoBruteforcer has been found targeting web servers running phpMyAdmin, MySQL, FTP, and Postgres to corral the devices into a botnet. "GoBruteforcer chose a Classless Inter-Domain Routing (CIDR) block for scanning the network during the attack, and it targeted all IP addresses within that CIDR range," Palo … [Read more...]
The Prolificacy of LockBit Ransomware
Today, the LockBit ransomware is the most active and successful cybercrime organization in the world. Attributed to a Russian Threat Actor, LockBit has stepped out from the shadows of the Conti ransomware group, who were disbanded in early 2022. LockBit ransomware was first discovered in September 2019 and was previously known as ABCD ransomware because of the ".abcd virus" extension first … [Read more...]
Microsoft Warns of Large-Scale Use of Phishing Kits to Send Millions of Emails Daily
Mar 14, 2023Ravie LakshmananThreat Intelligence / Cyber Attack An open source adversary-in-the-middle (AiTM) phishing kit has found a number of takers in the cybercrime world for its ability to orchestrate attacks at scale. Microsoft Threat Intelligence is tracking the threat actor behind the development of the kit under its emerging moniker DEV-1101. An AiTM phishing attack typically involves a … [Read more...]
Fortinet FortiOS Flaw Exploited in Targeted Cyberattacks on Government Entities
Mar 14, 2023Ravie LakshmananNetwork Security / Cyber Attack Government entities and large organizations have been targeted by an unknown threat actor by exploiting a security flaw in Fortinet FortiOS software to result in data loss and OS and file corruption. "The complexity of the exploit suggests an advanced actor and that it is highly targeted at governmental or government-related targets," … [Read more...]
Large-scale Cyber Attack Hijacks East Asian Websites for Adult Content Redirects
Mar 13, 2023Ravie LakshmananWeb Security / Cyber Threat A widespread malicious cyber operation has hijacked thousands of websites aimed at East Asian audiences to redirect visitors to adult-themed content since early September 2022. The ongoing campaign entails injecting malicious JavaScript code to the hacked websites, often connecting to the target web server using legitimate FTP credentials … [Read more...]
Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising
Mar 13, 2023Ravie LakshmananBrowser Security / Artificial Intelligence A fake ChatGPT-branded Chrome browser extension has been found to come with capabilities to hijack Facebook accounts and create rogue admin accounts, highlighting one of the different methods cyber criminals are using to distribute malware. "By hijacking high-profile Facebook business accounts, the threat actor creates an … [Read more...]
How to Apply NIST Principles to SaaS in 2023
Mar 13, 2023The Hacker NewsNIST / SaaS Security The National Institute of Standards and Technology (NIST) is one of the standard-bearers in global cybersecurity. The U.S.-based institute's cybersecurity framework helps organizations of all sizes understand, manage, and reduce their cyber-risk levels and better protect their data. Its importance in the fight against cyberattacks can't be … [Read more...]
- « Previous Page
- 1
- …
- 94
- 95
- 96
- 97
- 98
- …
- 104
- Next Page »