Security

0 Comments
China–Taiwan tensions have led to a significant increase in cyber-attacks targeting Taiwan, according to a new report by security experts at Trellix. In particular, the company spotted a surge in cyber-attacks aimed at Taiwanese industries, with the primary goal of deploying malware and stealing sensitive information. “Trellix has observed a surge in malicious emails targeted
0 Comments
Several new ways of effectively abusing Microsoft Teams via social engineering have been discovered by security researchers at Proofpoint. “[We] recently analyzed over 450 million malicious sessions, detected throughout the second half of 2022 and targeting Microsoft 365 cloud tenants,” reads a report published by the company earlier today. “According to our findings, Microsoft Teams is
0 Comments
A Chinese state-sponsored APT group known as Camaro Dragon has been observed exploiting TP-Link routers via a malicious firmware implant. The findings come from security experts at Check Point Research (CPR) and were described in an advisory published by the company earlier today. “The implant features several malicious components, including a custom backdoor named ‘Horse
0 Comments
New information has emerged regarding the Qilin ransomware group’s operations and Ransomware-as-a-Service (RaaS) program. In their latest research study, Group-IB’s threat intelligence team said it infiltrated and analyzed Qilin’s inner workings, revealing insights into its targeting of critical sectors and the sophisticated techniques they employed. Qilin, also known as Agenda ransomware, has emerged as a
0 Comments
A newly discovered vulnerability in the Essential Addons for Elementor plugin has put over one million WordPress websites at risk of attacks aimed at gaining unauthorized access to user accounts with elevated privileges. Cybersecurity experts at Patchstack described the new vulnerability (CVE-2023-32243) in an advisory published on Thursday. “This plugin suffers from an unauthenticated privilege
0 Comments
Toyota Motor Corp acknowledged earlier today that the vehicle data of approximately 2.15 million users was publicly accessible in Japan for nearly a decade, from November 2013 to mid-April 2023. Reuters first reported the news, specifying that according to Toyota spokesperson Hideaki Homma, the issue with Toyota’s cloud-based Connected service affects only vehicles in Japan. The
0 Comments
The US Cybersecurity and Infrastructure Security Agency (CISA) has warned against a critical flaw discovered in PaperCut software, which has now been linked to a series of ransomware attacks. The vulnerability (CVE-2023-27350) in PaperCut, a widely adopted print management solution, has allowed cyber-criminals to remotely execute malicious code without requiring any authentication credentials.  Consequently, these
0 Comments
A critical vulnerability has been discovered in the Linux-based Ruckus access points (AP) that allows remote attackers to take control of vulnerable systems. Tracked CVE-2023-25717 and first discovered in February, the flaw has been recently exploited by a new botnet named AndoryuBot, according to a new advisory by Fortinet. “[AndoryuBot] contains DDoS attack modules for
0 Comments
European police have arrested scores of suspects and seized thousands of stolen artefacts after a joint physical and cyber operation last year, according to Europol. Operation Pandora VII involved police from Austria, Bulgaria, the Czech Republic, Croatia, Cyprus, Greece, Ireland, Italy, Poland, Portugal, Romania, Spain, Sweden and Bosnia and Herzegovina. As with previous iterations, the
0 Comments
Several harmful Python .whl files containing a new type of malware called “Kekw” have been discovered on PyPI (Python Package Index). According to new data by Cyble Research and Intelligence Labs (CRIL), Kekw malware can steal sensitive information from infected systems and perform clipper activities that can hijack cryptocurrency transactions. “Following our investigation, we found that
0 Comments
by Paul Ducklin World Password Day is always hard to write tips for, because the primary advice you’ll hear has been the same for many years. That’s because the “passwordless future” that we’ve all been promised is still some time away, even if some services already support it. Simply put, we’re stuck with the old,
0 Comments
The North Korean state-sponsored APT group known as Kimsuky has been observed using a new malware component called ReconShark. According to an advisory published by SentinelOne security researchers on Thursday, ReconShark is distributed through targeted spear-phishing emails, which contain OneDrive links that lead to downloading documents and activating harmful macros. “The spear-phishing emails are made
0 Comments
The City of Dallas in Texas, US, has confirmed a ransomware attack took down essential services, including some 911 dispatch systems.  “Wednesday morning, the City’s security monitoring tools notified our Security Operations Center (SOC) that a likely ransomware attack had been launched within our environment,” the City wrote in a press release. “Subsequently, the City has
0 Comments
The US Cybersecurity and Infrastructure Security Agency (CISA) has urged organizations to incorporate the Covered List created by the Federal Communications Commission (FCC) into their risk management plans. The list encompasses a number of communications equipment and service providers that have been determined by the US government to pose a potential national security risk according
0 Comments
German IT service provider Bitmarck has confirmed bringing all of its customer and internal systems offline due to a cyber-attack discovered over the weekend. Writing on a temporary website on Sunday (and then on Monday), the company said the cyber-attack was detected by its early warning systems. “In compliance with our security protocol, we have
0 Comments
by Paul Ducklin We’ve written about the uncertainty of Apple’s security update process many times before. We’ve had urgent updates accompanied by email notifications that warned us of zero-day bugs that needed fixing right away, because crooks were already onto them… …but without even the vaguest description of what sort of criminals, and what they