Month: July 2023

0 Comments
Confidential information, including unreleased TV shows, scripts and materials, belonging to the popular children’s television channel Nickelodeon, have been reportedly compromised in a significant data leak.  According to social media reports, an individual allegedly dumped approximately 500GB of animation files.  The authenticity of the leaked content is yet to be confirmed by Nickelodeon. Still, a spokesperson
0 Comments
Two spyware applications posing as file management tools have been discovered on the Google Play Store with a total of at least 1.5 million installs.  The apps, attributed to the same developer and discovered by cybersecurity firm Pradeo, exhibit similar malicious behaviors and operate without user interaction. Their main objective is to covertly extract and transmit
0 Comments
A brief summary of what happened with Emotet since its comeback in November 2021 Emotet is a malware family active since 2014, operated by a cybercrime group known as Mealybug or TA542. Although it started as a banking trojan, it later evolved into a botnet that became one of the most prevalent threats worldwide. Emotet
0 Comments
Jul 07, 2023Swati KhandelwalMobile Security / Malware Researchers have issued a warning about an emerging and advanced form of voice phishing (vishing) known as “Letscall.” This technique is currently targeting individuals in South Korea. The criminals behind “Letscall” employ a multi-step attack to deceive victims into downloading malicious apps from a counterfeit Google Play Store
0 Comments
In response to an ongoing incident, JumpCloud has reset the admin Application Programming Interface (API) keys for affected customers. In a notice sent to impacted customers and verified by Infosecurity, JumpCloud emphasized the precautionary nature of the action and its purpose of safeguarding sensitive information. “Out of an abundance of caution relating to an ongoing
0 Comments
by Paul Ducklin PUTTING THE X IN X-OPS First there was DevOps, then SecOps, then DevSecOps. Or should that be SecDevOps? Paul Ducklin talks to Sophos X-Ops insider Matt Holdcroft about how to get all your corporate “Ops” teams working together, with cybersecurity correctness as a guiding light. No audio player below? Listen directly on
0 Comments
The Nagoya Port Unified Terminal System (NUTS) in Japan suffered a significant system outage on Tuesday that was attributed to a ransomware attack. According to a notice (in Japanese) sent to customers, the attack disrupted container operations across all terminals within the port. In particular, container import and export operations via trailer transportation have been
0 Comments
Jul 05, 2023Ravie LakshmananCritical Infrastructure Security A sophisticated stealer-as-a-ransomware threat dubbed RedEnergy has been spotted in the wild targeting energy utilities, oil, gas, telecom, and machinery sectors in Brazil and the Philippines through their LinkedIn pages. The malware “possesses the ability to steal information from various browsers, enabling the exfiltration of sensitive data, while also
0 Comments
A new report by the Kaspersky Digital Footprint Intelligence team has revealed that several companies worldwide are severely unprepared when dealing with darknet data leaks. The initiative, carried out in 2022, tracked dark web posts offering access to companies, compromised accounts and other critical incidents. Kaspersky said it promptly notified victim companies about these threats.
0 Comments
Criminals increasingly create deepfake nudes from people’s benign public photos in order to extort money from them, the FBI warns The U.S. Federal Bureau of Investigation (FBI) is warning about an increase in extortion campaigns where criminals tap into readily available artificial intelligence (AI) tools to create sexually explicit deepfakes from people’s innocent photos and
0 Comments
Jul 04, 2023Ravie LakshmananPrivacy / Online Security The Swedish data protection watchdog has warned companies against using Google Analytics due to risks posed by U.S. government surveillance, following similar moves by Austria, France, and Italy last year. The development comes in the aftermath of an audit initiated by the Swedish Authority for Privacy Protection (IMY)
0 Comments
The US Patent and Trademark Office (USPTO) has recently disclosed a data security incident involving domicile information in certain trademark filings between February 2020 and March 2023. According to information provided to Infosecurity, approximately 61,000 domicile addresses, constituting 3% of the total number of applications during the relevant period, were affected. “On February 24, 2023,
0 Comments
Jul 03, 2023Ravie LakshmananMalware Attack / Cyberespionage A Chinese nation-state group has been observed targeting Foreign Affairs ministries and embassies in Europe using HTML smuggling techniques to deliver the PlugX remote access trojan on compromised systems. Cybersecurity firm Check Point said the activity, dubbed SmugX, has been ongoing since at least December 2022. “The campaign
0 Comments
8Base ransomware has emerged as a prominent player in the cybercrime landscape, according to a new blog post by VMware Carbon Black’s TAU (Threat Analysis Unit) and MDR-POC (Managed Detection and Response Proof of Concept) teams. The company explained that 8Base employs a combination of encryption and “name-and-shame” tactics to extort victims into paying ransoms. 
0 Comments
Jul 01, 2023Ravie LakshmananEndpoint Security / Malware Researchers have pulled back the curtain on an updated version of an Apple macOS malware called Rustbucket that comes with improved capabilities to establish persistence and avoid detection by security software. “This variant of Rustbucket, a malware family that targets macOS systems, adds persistence capabilities not previously observed,”
0 Comments
A recent adversary simulation conducted by the MDSec ActiveBreach red team uncovered a critical vulnerability in ArcServe UDP Backup software. Tracked CVE-2023-26258, the flaw affects versions 7.0 to 9.0 of the software and allows for remote code execution (RCE), posing a significant risk to organizations relying on the software for backup infrastructure. “The importance of
0 Comments
Jul 01, 2023Ravie LakshmananWebsite Security / Cyber Threat As many as 200,000 WordPress websites are at risk of ongoing attacks exploiting a critical unpatched security vulnerability in the Ultimate Member plugin. The flaw, tracked as CVE-2023-3460 (CVSS score: 9.8), impacts all versions of the Ultimate Member plugin, including the latest version (2.6.6) that was released
0 Comments
The Swiss Federal Intelligence Service (FIS) released its latest situation report on Tuesday, highlighting the ongoing impact of Russia’s aggression against Ukraine on national and international security. The report emphasized that the increasing rivalry between significant powers heavily influences Switzerland’s security. It also showed how the decline in the effectiveness of international forums like the
0 Comments
Jun 30, 2023The Hacker NewsCyber Espionage/ Malware Charming Kitten, the nation-state actor affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC), has been attributed to a bespoke spear-phishing campaign that delivers an updated version of a fully-featured PowerShell backdoor called POWERSTAR. “There have been improved operational security measures placed in the malware to make it more