admin

0 Comments
The North Korean state-sponsored actor Lazarus Group recently started a new campaign targeting internet backbone infrastructure and healthcare entities in Europe and the US, security researchers from Cisco Talos have found. The researchers said that the attackers began exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) in January 2023, only five days after it was disclosed. This
0 Comments
Aug 24, 2023THNCyber Attack / Hacking The North Korea-linked threat actor known as Lazarus Group has been observed exploiting a now-patched critical security flaw impacting Zoho ManageEngine ServiceDesk Plus to distribute a remote access trojan called such as QuiteRAT. Targets include internet backbone infrastructure and healthcare entities in Europe and the U.S., cybersecurity company Cisco
0 Comments
The notorious XLoader malware has resurfaced, posing as a seemingly innocuous office productivity app named “OfficeNote.” Known for its malicious activities since 2015, XLoader started targeting macOS systems in 2021, leveraging Java dependencies for its operation. However, according to an advisory published by SentinelOne on Monday, this new iteration is self-sufficient, programmed in C and
0 Comments
Aug 23, 2023THNCryptocurrency / Cyber Attack The U.S. Federal Bureau of Investigation (FBI) on Tuesday warned that threat actors affiliated with North Korea may attempt to cash out stolen cryptocurrency worth more than $40 million. The law enforcement agency attributed the blockchain activity to an adversary the U.S. government tracks as TraderTraitor, which is also
0 Comments
Cybersecurity-as-a-Service provider Critical Insight has unveiled its 2023 H1 Healthcare Data Breach Report, offering insights into the cybersecurity landscape of the healthcare sector.  The analysis is based on reported data breaches from healthcare organizations to the US Department of Health and Human Services (HHS). The report notes an overall decrease of 15% in total breaches
0 Comments
Aug 23, 2023THNSoftware Security / Malware More than a dozen malicious packages have been discovered on the npm package repository since the start of August 2023 with capabilities to deploy an open-source information stealer called Luna Token Grabber on systems belonging to Roblox developers. The ongoing campaign, first detected on August 1 by ReversingLabs, employs
0 Comments
Cyber-criminals have been exploiting fraudulent artificial intelligence (AI) bots to attempt and install malicious software under the guise of genuine AI applications. According to a new advisory published by ESET security researchers, the campaign came to light when an advertisement on Facebook promoted the download of what seemed to be the latest version of Google’s
0 Comments
by Paul Ducklin Researchers at Apple device management company Jamf recently published an intriguing paper entitled Fake Airplane Mode: A mobile tampering technique to maintain connectivity. We’ll start with the good news: the tricks that Jamf discovered can’t magically be triggered remotely, for example merely by enticing you to a booby-trapped website. Attackers need to
0 Comments
Aug 22, 2023THNMalware / Endpoint Security A new variant of an Apple macOS malware called XLoader has surfaced in the wild, masquerading its malicious features under the guise of an office productivity app called “OfficeNote.” “The new version of XLoader is bundled inside a standard Apple disk image with the name OfficeNote.dmg,” SentinelOne security researchers
0 Comments
A collaborative effort led by Interpol, known as Africa Cyber Surge II, has yielded significant results in combating cybercrime across the African continent.  The joint initiative, supported by international and national law enforcement agencies alongside private sector cybersecurity companies, has led to the successful arrest of 14 suspected cyber-criminals. The operation also identified over 20,000
0 Comments
Aug 21, 2023THNCyber Threat / Malware The threat actors behind the HiatusRAT malware have returned from their hiatus with a new wave of reconnaissance and targeting activity aimed at Taiwan-based organizations and a U.S. military procurement system. Besides recompiling malware samples for different architectures, the artifacts are said to have been hosted on new virtual
0 Comments
A recent cybersecurity study has brought to light a concerning vulnerability crisis affecting web applications.  CyCognito’s semi-annual State of External Exposure Management report unveiled a distressing landscape of digital threats across public cloud, mobile and web platforms. The comprehensive analysis of 3.5 million assets, encompassing Fortune 500 entities, highlights the precarious state of data security. The
0 Comments
Aug 19, 2023THNMalvertising / Website Security Cybersecurity researchers have detailed an updated version of an advanced fingerprinting and redirection toolkit called WoofLocker that’s engineered to conduct tech support scams. The sophisticated traffic redirection scheme was first documented by Malwarebytes in January 2020, leveraging JavaScript embedded in compromised websites to perform anti-bot and web traffic filtering
0 Comments
A significant phishing campaign employing QR codes has recently come to light, with a major US-based energy company as one of the primary targets.  The campaign, which began in May 2023, has witnessed a 2400% surge in volume since then, underscoring the urgency of addressing this emerging threat. Cybersecurity company Cofense has been closely monitoring
0 Comments
Aug 18, 2023THNCyber Crime / Hacking News A coordinated law enforcement operation across 25 African countries has led to the arrest of 14 suspected cybercriminals, INTERPOL announced Friday. The exercise, conducted in partnership with AFRIPOL, enabled investigators to identify 20,674 cyber networks that were linked to financial losses of more than $40 million. “The four-month
0 Comments
The US Cybersecurity and Infrastructure Security Agency (CISA) has unveiled its Remote Monitoring and Management (RMM) Cyber Defense Plan.  Created in collaboration with industry and government stakeholders through the Joint Cyber Defense Collaborative (JCDC), the plan is a decisive step in countering the escalating risks associated with exploiting RMM software. RMM tools, designed for continuous
0 Comments
by Paul Ducklin CELEBRATING THE TRUE CRYPTO BROS No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify and anywhere that good podcasts are found. Or just drop the URL of our
0 Comments
Aug 17, 2023THNEndpoint Security / Vulnerability A previously undetected attack method called NoFilter has been found to abuse the Windows Filtering Platform (WFP) to achieve privilege escalation in the Windows operating system. “If an attacker has the ability to execute code with admin privilege and the target is to perform LSASS Shtinkering, these privileges are
0 Comments
Cleaning product manufacturer Clorox has confirmed significant operational disruption caused by a recent cyber-attack.  According to a notice published on the company’s website, the attack was detected on August 14, prompting Clorox’s IT team to take immediate action by halting suspicious activity and shutting down affected systems. As a precautionary measure, the compromised systems have remained
0 Comments
Aug 17, 2023THNVulnerability / Enterprise Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Citrix ShareFile storage zones controller to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active in-the-wild exploitation. Tracked as CVE-2023-24489 (CVSS score: 9.8), the shortcoming has been described as an improper access
0 Comments
Aug 16, 2023THNVulnerability / Enterprise Security Nearly 2,000 Citrix NetScaler instances have been compromised with a backdoor by weaponizing a recently disclosed critical security vulnerability as part of a large-scale attack. “An adversary appears to have exploited CVE-2023-3519 in an automated fashion, placing web shells on vulnerable NetScalers to gain persistent access,” NCC Group said
0 Comments
Alberta Dental Service Corporation (ADSC) has revealed that nearly 1.47 million individuals have been affected by a data breach that occurred between May 7 and July 9 2023.  ADSC, a partner of the Government of Alberta, US, administers dental benefits through various programs, and the incident has raised concerns over compromised personal information. The breach was