Category: Attack Feeds

– [[{“value”:”For years, securing a company’s systems was synonymous with securing its “perimeter.” There was what was safe “inside” and the unsafe outside world. We built sturdy firewalls and deployed sophisticated detection systems, confident that keeping the barbarians outside the walls kept our data and systems safe. The problem is that we no longer operate within the confines of physical...

– [[{“value”:” Microsoft and the U.S. Department of Justice on Thursday announced the seizure of more than 100 domains used by a Russian-backed hacking unit to target more than two dozen civil society organizations between January 2023 and August 2024. Microsoft’s Digital Crimes Unit filed a lawsuit with the NGO Information Sharing and Analysis Center (NGO-ISAC) to seize 66 unique...

– Torrance, United States / California, 3rd October 2024, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software. “Perfctl is particularly elusive and persistent, employing several sophisticated techniques,” Aqua security researchers Assaf Morag and Idan Revivo said in a report shared with The Hacker News. “When a new user...

– Singapore, Singapore, 3rd October 2024, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”Threat actors with ties to North Korea have been observed delivering a previously undocumented backdoor and remote access trojan (RAT) called VeilShell as part of a campaign targeting Cambodia and likely other Southeast Asian countries. The activity, dubbed SHROUDED#SLEEP by Securonix, is believed to be the handiwork of APT37, which is also known as InkySquid, Reaper, RedEyes, Ricochet Chollima,”}]] ...

– [[{“value”:” Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researchers say these illicit chat bots, which use custom jailbreaks to bypass content filtering, often veer into darker role-playing scenarios, including child sexual exploitation and...

– [[{“value”:”International law enforcement continues to dismantle the LockBit ransomware gang’s infrastructure. Read more in my article on the Tripwire State of Security blog.”}]]  – Read More  – Graham Cluley 

– [[{“value”:”INTERPOL has announced the arrest of eight individuals in Côte d’Ivoire and Nigeria as part of a crackdown on phishing scams and romance cyber fraud. Dubbed Operation Contender 2.0, the initiative is designed to tackle cyber-enabled crimes in West Africa, the agency said. One such threat involved a large-scale phishing scam targeting Swiss citizens that resulted in financial losses...

– [[{“value”:”A new wave of international law enforcement actions has led to four arrests and the takedown of nine servers linked to the LockBit (aka Bitwise Spider) ransomware operation, marking the latest salvo against what was once a prolific financially motivated group. This includes the arrest of a suspected LockBit developer in France while on holiday outside of Russia, two...

– [[{“value”:”The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2024-29824, carries a CVSS score of 9.6 out of a maximum of 10.0, indicating critical severity. “An”}]]  –...

– [[{“value”:”From family tree to jail cell? A hacker is alleged to have exploited information on genealogy websites to steal millions from public companies. Meanwhile, Kaspersky’s US customers are wondering – what on earth is UltraAV? All this and more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole...

– This article explores the Linux vulnerability discovered by Simone Margaritelli, which, according to cybersecurity companies Uptycs and Akamai,…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” Researchers uncovered 14 vulnerabilities, one of them the most severe kind, that left more than 700,000 routers made by Taiwan-based DrayTek exposed to the public internet, but that the company has since patched. ForeScout’s Vedere Labs revealed the vulnerabilities Wednesday and urged security pros to make sure they implemented the fixes, adding that 75% of the routers are...

– Explore four pressing cybersecurity challenges organizations face in 2024 and how to overcoming them  – Read More  – Sophos News 

– [[{“value”:”A large-scale fraud campaign leveraged fake trading apps published on the Apple App Store and Google Play Store, as well as phishing sites, to defraud victims, per findings from Group-IB. The campaign is part of a consumer investment fraud scheme that’s also widely known as pig butchering, in which prospective victims are lured into making investments in cryptocurrency or...

– [[{“value”:” Russian authorities announced Wednesday the arrests of nearly 100 people related to the UAPS payment system and Cryptex cryptocurrency exchanges in an investigation into cybercrime-related money laundering. The Main Investigative Department of the Investigative Committee of Russia — Russia’s top federal law enforcement agency — released the information along with a one-minute video showing authorities breaking down doors, making arrests,...

– [[{“value”:”A previously undocumented threat actor called CeranaKeeper has been linked to a string of data exfiltration attacks targeting Southeast Asia. Slovak cybersecurity firm ESET, which observed campaigns targeting governmental institutions in Thailand starting in 2023, attributed the activity cluster as aligned to China, leveraging tools previously identified as used by the Mustang Panda actor. “The”}]]  – Read More  –...

– Pig Butchering scam targets crypto users with fake trading apps on Apple and Google Play Stores. Disguised as…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”A spear-phishing email campaign has been observed targeting recruiters with a JavaScript backdoor called More_eggs, indicating persistent efforts to single out the sector under the guise of fake job applicant lures. “A sophisticated spear-phishing lure tricked a recruitment officer into downloading and executing a malicious file disguised as a resume, leading to a more_eggs backdoor infection,””}]]  – Read More ...

– [[{“value”:”A little over a dozen new security vulnerabilities have been discovered in residential and enterprise routers manufactured by DrayTek that could be exploited to take over susceptible devices. “These vulnerabilities could enable attackers to take control of a router by injecting malicious code, allowing them to persist on the device and use it as a gateway into enterprise networks,”...

– Silver Spring, Maryland, 2nd October 2024, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”Cybersecurity researchers have disclosed that 5% of all Adobe Commerce and Magento stores have been hacked by malicious actors by exploiting a security vulnerability dubbed CosmicSting. Tracked as CVE-2024-34102 (CVSS score: 9.8), the critical flaw relates to an improper restriction of XML external entity reference (XXE) vulnerability that could result in remote code execution. The shortcoming,”}]]  – Read More ...

– How to make the most of the new features in Sophos Firewall v21.  – Read More  – Sophos News 

– [[{“value”:”Dynamic malware analysis is a key part of any threat investigation. It involves executing a sample of a malicious program in the isolated environment of a malware sandbox to monitor its behavior and gather actionable indicators. Effective analysis must be fast, in-depth, and precise. These five tools will help you achieve it with ease. 1. Interactivity Having the ability...

– [[{“value”:”Three different organizations in the U.S. were targeted in August 2024 by a North Korean state-sponsored threat actor called Andariel as part of a likely financially motivated attack. “While the attackers didn’t succeed in deploying ransomware on the networks of any of the organizations affected, it is likely that the attacks were financially motivated,” Symantec, part of Broadcom, said...

– SSSCIP reports a strategic shift in Russian cyber operations in H1 2024. Targeting Ukraine’s defence sectors, attacks doubled,…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” Something interesting is happening across America’s cyber allies. From the United Kingdom to the Netherlands, Japan, South Korea, and Canada, there is an evolution in cyber strategic thought taking root. The United States spearheaded this fresh approach to securing national interests in and through cyberspace with its 2023 Defend Forward strategy, which built on a 2018 strategy pivot....

– In today’s digitally connected world, political messaging and misinformation are becoming increasingly sophisticated. Political campaigns and misinformation efforts, particularly those that are well-funded, have significant societal impacts. These campaigns have historically exploited political and ideological views to resonate with people, convince them to act, or even lure them into scams. Generative AI technologies such as […]  – Read More ...

– [[{“value”:”A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery and management services, only to siphon sensitive data and facilitate the theft of valuable digital assets. “The attack targeted users of Atomic, Trust Wallet, Metamask, Ronin, TronLink, Exodus, and other prominent wallets in the crypto ecosystem,””}]]  –...

– [[{“value”:”Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor’s Zimbra Collaboration. Enterprise security firm Proofpoint said it began observing the activity starting September 28, 2024. The attacks seek to exploit CVE-2024-45519, a severe security flaw in its postjournal service that could enable unauthenticated attackers to”}]]  – Read More  – The Hacker News 

– Did you know that over 80% of web applications fail due to poor planning and execution? Now imagine…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– Checkmarx researchers discovered PyPI malware posing as crypto wallet tools. These malicious packages stole private keys and recovery…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”The threat actors behind the Rhadamanthys information stealer have added new advanced features to the malware, including using artificial intelligence (AI) for optical character recognition (OCR) as part of what’s called “Seed Phrase Image Recognition.” “This allows Rhadamanthys to extract cryptocurrency wallet seed phrases from images, making it a highly potent threat for anyone dealing in”}]]  – Read More ...

– Sophos’ Younghoo Lee will present his research on the use of AI to analyze both text and image data to classify spam, phishing, and unsafe web content in Dublin.  – Read More  – Sophos News 

– [[{“value”:”In episode 18 of “The AI Fix” our hosts discover that OpenAI’s Advanced Voice mode is too emotional for Europeans, a listener writes a Viking saga about LinkedIn, ChatGPT is a terrible doctor, and the voice of Meta AI takes to Meta’s platforms to complain about Meta AI reading things people post on Meta’s platforms. Mark discovers what Darth...

– [[{“value”:” An international consortium of law enforcement agencies on Tuesday announced additional arrests, seizures and sanctions targeting LockBit ransomware infrastructure, the latest actions taken to hobble what was once among the most prolific ransomware operations going. The actions include four arrests, seized servers and sanctions targeting an affiliate working with LockBit who authorities say has links to Evil Corp.,...

– AFP news agency suffers a cyberattack disrupting its content delivery systems. News coverage continues as experts investigate, with…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” Kevin Mandia, founder of Mandiant and co-founder and general partner at Ballistic Ventures, has joined SpecterOps, a Virginia-based startup focused on attack path management, as the chair of its board of directors.  Founded in 2017, SpecterOps offers software that allows companies to better defend identities, particularly those used in conjunction with Microsoft Active Directory, Azure AD, Entra ID...

– Since its emergence, Generative AI has revolutionized enterprise productivity. GenAI tools enable faster and more effective software development, financial analysis, business planning, and customer engagement. However, this business agility comes with significant risks, particularly the potential for sensitive data leakage. As organizations attempt to balance productivity gains with security  – Read More  – The Hacker News 

– Investing in the cybersecurity experts of tomorrow.  – Read More  – Sophos News 

– [[{“value”:”More than 140,000 phishing websites have been found linked to a phishing-as-a-service (PhaaS) platform named Sniper Dz over the past year, indicating that it’s being used by a large number of cybercriminals to conduct credential theft. “For prospective phishers, Sniper Dz offers an online admin panel with a catalog of phishing pages,” Palo Alto Networks Unit 42 researchers Shehroze...

– [[{“value”:”Cybersecurity researchers have uncovered a new cryptojacking campaign targeting the Docker Engine API with the goal of co-opting the instances to join a malicious Docker Swarm controlled by the threat actor. This enabled the attackers to “use Docker Swarm’s orchestration features for command-and-control (C2) purposes,” Datadog researchers Matt Muir and Andy Giron said in an analysis. The attacks”}]]  –...

– [[{“value”:”The U.S. Department of Justice (DoJ) has charged a 39-year-old U.K. national for perpetrating a hack-to-trade fraud scheme that netted him nearly $3.75 million in illegal profits. Robert Westbrook of London was arrested last week and is expected to be extradited to the U.S. to face charges related to securities fraud, wire fraud, and five counts of computer fraud....

– [[{“value”:” Telecom giant T-Mobile will pay a $31.5 million fine to settle investigations with the Federal Communications Commission for past data breaches that exposed the personal data of millions of customers. While half of that total will take the form of a traditional fine, the other half will be invested into fulfilling a consent decree mandating that T-Mobile put...

– [[{“value”:” A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, a new indictment charges. KrebsOnSecurity has learned that many of the man’s alleged targets were members of...

– [[{“value”:” Leading spyware company NSO Group said in a court filing that it agreed with Apple on its recent motion to drop its lawsuit against the Israel-based firm over the alleged targeting of its users, and asked a judge to consider reimbursing it for its legal expenses. The NSO Group filing, dated Friday, offers largely different reasons for why...