Security

0 Comments
The US Cybersecurity and Infrastructure Security Agency (CISA) published the second version of its Zero Trust Maturity Model on Tuesday, which incorporates recommendations from a public comment period. The updated guidelines aim to further the federal government’s progress toward a zero trust approach to cybersecurity in support of the new National Cybersecurity Strategy. Read more
0 Comments
Spanish police have arrested a 19-year-old who they claim represents a national security threat due to the magnitude of the cyber-attacks he has conducted. An investigation into Jose Luis Huertas (aka “Alcasec”) began after he allegedly hacked the national council of the judiciary (CGPJ) and tax agency, and stole data on over half a million Spaniards.
0 Comments
Threat actors focusing on phishing techniques have been increasingly using Telegram to automate their activities and provide various services. The findings come from cybersecurity experts at Kaspersky, who described the new trend in a Wednesday advisory authored by web content analyst Olga Svistunova. “To promote their ‘goods,’ phishers create Telegram channels through which they educate
0 Comments
Threat actors have deployed a new, unique ransomware strain using the Palo Alto Cortex XDR Dump Service Tool, a commercial security product.  Dubbed Rorschach, the malware was discovered by the Check Point Research (CPR) and Check Point Incident Response Team (CPIRT) and discussed in an advisory publisher earlier today. “Unlike other ransomware cases, the threat
0 Comments
by Paul Ducklin Mathematics is a complex and esoteric field that underpins science and engineering, notably including the disciplines of cryptography and cybersecurity. (There… we’ve added a mention of cybersecurity, thus justifying the rest of this article.) The topic of mathematics has been extensively and fervently studied from at least ancient Babylonian times, and the
0 Comments
by Paul Ducklin Cybersecurity researchers in Belgium and the US recently published a paper scheduled for presentation later this year at the USENIX 2023 conference. The three co-authors couldn’t resist a punning title, dubbing their attack Framing Frames, with a slightly easier-to-follow strapline that says Bypassing Wi-Fi encryption by manipulating transmit queues. As security researchers
0 Comments
A new vulnerability has been discovered in Microsoft’s Azure Service Fabric Explorer (SFX) that would enable unauthenticated, remote threat actors to execute code on a container hosted on a Service Fabric node. Dubbed Super FabriXss by the Orca Security team, the cross-site scripting (XSS) flaw (CVE-2023-23383) has a CVSS score of 8.2 and affects SFX version 9.1.1436.9590 or
0 Comments
A new malware toolset has been discovered and analyzed by security experts at SentinelOne. Dubbed “AlienFox” by the team, the toolkit can harvest credentials for multiple cloud service providers. An advisory published on Thursday by SentinelOne threat researcher Alex Delamotte shows that attackers used AlienFox to successfully harvest API keys and secrets from various services, including
0 Comments
Threat actors suspected to be operating for the North Korean government have been observed trojanizing versions of the voice and video calling desktop client 3CX DesktopApp to launch attacks against several victims. The Symantec threat intelligence team shared the findings in an advisory published earlier today, explaining the attackers’ tactics were similar to those used against
0 Comments
Google’s Threat Analysis Group (TAG) has revealed tracking over 30 commercial spyware vendors that facilitate the spread of malware by government-backed threat actors. Writing in a blog post published earlier today, TAG’s Clement Lecigne said these vendors are arming countries that would otherwise not be able to develop these tools. “While the use of surveillance
0 Comments
A malware campaign targeting cryptocurrency wallets has been recently discovered by security researchers at Kaspersky. Discussing the findings in an advisory published today, the company said the attacks were first observed in September 2022 and relied on malware replacing part of the clipboard contents with cryptocurrency wallet addresses. “Despite the attack being fundamentally simple, it