Security

Most British lawmakers are unaware or misinformed about how and where facial recognition technology (FRT) is being used, and the privacy threats it poses, according to a new Privacy International study. The rights group commissioned YouGov to poll 114 UK MPs about the technology, which uses AI to extract biometric data from facial images captured

The Kaspersky Cyber Threat Intelligence team has unveiled crucial insights into the tactics, techniques and procedures (TTPs) employed by Asian Advanced Persistent Threat (APT) groups. The 370-page report, Modern Asian APT groups: Tactics, Techniques and Procedures, published today, is based on an examination of around one hundred cybersecurity incidents that unfolded across different regions globally, commencing

Google-owned Mandiant has revealed that Sandowrm, a Russia-backed hacking group, conducted a disruptive cyber-attack targeting a Ukrainian critical infrastructure organization in late 2022. Mandiant, which was involved in responding to the attack, shared some of the findings of its post-mortem analysis in a report published on November 9, 2023. The intrusion began on, or before,

The Singapore-based luxury complex Marina Bay Sands revealed it was hit by a security incident that exposed the personal data of 665,000 customers. According to a statement published by the resort, the incident occurred on October 19-20 and involved unauthorized third-party access to its non-casino customers’ loyalty program membership data. The leaked data included personally

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned a Russian national for her involvement in laundering and transferring funds using virtual currency on behalf of Russian elites.  Ekaterina Zhdanova reportedly played a pivotal role in assisting Russian elites and illicit actors in evading US and international sanctions, particularly by

Microsoft has announced a major new cybersecurity initiative designed to help the company better respond to the increasing speed, scale and sophistication of today’s cyber-threats. The Secure Future Initiative has been driven in part by the growing sophistication of state-sponsored actors, in particular the Volt Typhoon campaign targeting US critical infrastructure and the more recent

The UK Frontier AI Taskforce, a government-funded initiative launched in April 2023 as the Foundation Model Taskforce, is evolving to become the UK AI Safety Institute. British Prime Minister Rishi Sunak announced the creation of the Institute during his closing speech at the AI Safety Summit, held in Bletchley Park, England, on November 2, 2023.

Threat actors have compromised sensitive health data on tens of millions of US patients so far this year, according to new figures released by the Department of Health and Human Services (HHS). The HHS said that there had been a 239% increase in “large breaches” reported to its Office for Civil Rights (OCR) in the

A new social engineering campaign conducted by the “MuddyWater” group has been observed targeting two Israeli entities with tactics, techniques and procedures (TTPs) previously associated with this threat actor. MuddyWater, a group known for spear-phishing emails since 2020, has historically employed links and PDFs, RTFs and HTML attachments that direct victims to archives hosted on different file-sharing

North Korean hackers suspected to be associated with the Lazarus Group have been observed targeting blockchain engineers involved in cryptocurrency exchange platforms with a new macOS malware named Kandykorn.  This intrusion, tracked as REF7001 by Elastic Security Labs, utilized a combination of custom and open source capabilities to gain initial access and post-exploitation on macOS

Cybersecurity experts at Cisco Talos have exposed the latest operations of the espionage-driven Arid Viper advanced persistent threat (APT) group. The new campaign, active since April 2022, has been targeting Arabic-speaking Android users. According to an advisory published earlier today, the modus operandi of Arid Viper involves the deployment of customized mobile malware in the

A new malicious campaign by the notorious Lazarus Group has been observed leveraging malware distributed through legitimate software. Kaspersky’s Research and Analysis Team (GReAT) unveiled the cyber campaign at the Security Analyst Summit (SAS). The team’s investigation identified a series of cyber incidents where targets were infected through legitimate software designed to encrypt web communications

Microsoft has described the Octo Tempest (aka Scattered Spider, 0ktapus, UNC3944) group as “one of the most dangerous financial criminal groups” operating today. In a lengthy analysis, the tech giant explained that the financial extortion group is unusual in comprising English-speaking threat actors, even though it has collaborated with the Russian-speaking ALPHV/BlackCat ransomware operation. “Historically,

The UK’s National Cyber Security Centre (NCSC) has announced the launch of a new offering designed to prevent school users visiting malicious websites. PDNS for Schools is completely free and will be rolled out from now into the coming year, according to NCSC deputy director for economy and society, Sarah Lyons. “This timeframe will allow

Generative AI is too beneficial to abandon despite the threats it poses to organizations, according to experts speaking at the ISC2 Security Congress 2023. During a session at the event, Kyle Hinterburg, Manager at LBMC and Brian Willis, Senior Manager at LBMC pointed out that while criminals will utilize generative AI tools and they carry

In an update to previous reports, Kaspersky’s Global Research and Analysis Team (GReAT) has disclosed new insights into the notorious Operation Triangulation at the recent Security Analyst Summit.  The investigation delves into the complex cyber assault that targeted both the public and Kaspersky’s own employees, offering fresh details on the attack chain and its implications

ESET Research has discovered a significant cybersecurity threat as the Winter Vivern group exploited a zero-day cross-site scripting (XSS) vulnerability in the Roundcube Webmail server.  The new campaign, described in an advisory published today, targeted Roundcube Webmail servers of governmental entities and a think tank in Europe. ESET Research promptly reported the vulnerability to the

Salt Security has revealed research unveiling critical API security vulnerabilities in the OAuth protocol implementations of popular online platforms like Grammarly, Vidio and Bukalapak.  These vulnerabilities, which have now been addressed, had the potential to compromise user credentials and enable full account takeovers, endangering billions of users. The research paper, published today, marks the final chapter

A recent research report by Uptycs has highlighted the evolution of QuasarRAT, an open-source remote administration tool (RAT) known for its lightweight nature and range of malicious functions.  According to an advisory published on Friday by Uptycs security researcher Tejaswini Sandapolla, the C#-based tool, also referred to as CinaRAT or Yggdrasil, has been discovered employing

Valve is bolstering the security of its Steamworks platform by introducing SMS verification for developers, aiming to prevent future incidents of hackers infiltrating developer accounts.  The move comes in response to previous breaches where malevolent actors compromised developers’ accounts and injected malware into various game builds. While these attacks, as confirmed by PC Gamer, impacted fewer

Vietnam-based cybercriminals are believed to be behind to attacks using DarkGate malware, which have targeted organizations in the UK, US and India since 2018. WithSecure researchers have tracked these attacks to an active cluster of cybercriminals using the Ducktail infostealer, which has been used in recent campaigns targeting Meta business accounts. The DarkGate and Ducktail

The use of AI chatbots and AI-enabled manipulation of information by malicious actors is a key threat ahead of the upcoming 2024 elections across the continent, according to the European Union Agency for Cybersecurity (ENISA). The 11th edition of ENISA’s Threat Landscape report, published on October 19, 2023, compiles cyber threats observed by the Agency

The Hoxhunt Challenge has unveiled alarming trends in employee susceptibility to phishing attacks, emphasizing the critical role of engagement in reducing human risk.  The study, published today and conducted in 38 organizations across nine industries and 125 countries, revealed that 22% of phishing attacks in the first weeks of October 2023 used QR codes to

Google has bolstered the security of Android devices with a significant update to Google Play Protect. According to the tech giant, this development is in response to the growing prevalence of cyber-threats targeting mobile devices. Google Play Protect is an existing security feature that scans approximately 125 billion apps daily for malware and unwanted software. 

Cybersecurity experts at Kaspersky have unveiled a covert and highly advanced espionage campaign, codenamed “TetrisPhantom.” The persistent operation has specifically targeted government institutions in the Asia-Pacific region (APAC), utilizing a unique method involving secure USB drives for data infiltration. Kaspersky’s findings are part of their latest quarterly APT threat landscape report. The clandestine campaign, which

Unpatched WS_FTP servers exposed to the internet have become prime targets for ransomware attacks, with threat actors exploiting a critical vulnerability.  Writing on Infosec Exchange last Thursday, Sophos X-Ops’ incident responders described an attempted ransomware attack by the self-proclaimed Reichsadler Cybercrime Group. The attack reportedly utilized a stolen LockBit 3.0 builder to create ransomware payloads. Despite Progress

A new vulnerability in the User Submitted Posts WordPress plugin (versions 20230902 and below) has been discovered by the Patchstack team. With over 20,000 active installations, this popular plugin is used for user-generated content submissions and is developed by Plugin Planet. The vulnerability, discussed by Patchstack security researcher Rafie Muhammad in an advisory published today,

Email security provider Cofense has discovered a new phishing campaign comprising over 800 emails and using LinkedIn Smart Links. The campaign was active between July and August 2023 and involved various subject themes, such as financial, document, security, and general notification lures, reaching users’ inboxes across multiple industries. The financial, manufacturing and energy sectors are

The UK’s financial regulator has fined Equifax Ltd. over £11m ($13.4m) for failing to protect UK consumer data stolen in the notorious 2017 data breach. The Financial Conduct Authority (FCA) announced the financial penalty on October 13, 2023. The FCA stated that Equifax’s UK business failed to take appropriate action to protect the personal data

CISO salary growth has slowed with 20% receiving no raise at all in 2023, according to a new study by IANS Research and Artico Search. The research found an average total compensation increase of 11% over the past 12 months. This represents a reduction of 14% from the previous year. The average base salary increase