US President Joe Biden has warned that Chinese manufactured automobiles could be used to steal sensitive data of US citizens and critical infrastructure. The White House statement announced it will be conducting an investigation into the impact of “connected vehicles” containing technology from China on US national security. “I have directed my Secretary of Commerce
Mar 01, 2024NewsroomPhishing Kit / Cryptocurrency A novel phishing kit has been observed impersonating the login pages of well-known cryptocurrency services as part of an attack cluster designed to primarily target mobile devices. “This kit enables attackers to build carbon copies of single sign-on (SSO) pages, then use a combination of email, SMS, and voice
Leading drug distributor Cencora has disclosed a cybersecurity incident where data from its information systems was compromised, potentially containing personal information. The breach was discovered on February 21 2024, according to a Securities and Exchange Commission (SEC) filing published on the same day. “Upon initial detection of the unauthorized activity, the Company immediately took containment steps
Virtual Private Network (VPN) services have emerged as essential tools for modern businesses in recent years, doubly so since helping save the day for many of them amid the pandemic-fueled, pell-mell rush to remote work in 2020. By creating an encrypted tunnel for corporate data traveling between company networks and employee devices, VPNs help secure
Feb 29, 2024NewsroomThreat Intelligence / Cyber Threat Cybersecurity researchers have disclosed a new attack technique called Silver SAML that can be successful even in cases where mitigations have been applied against Golden SAML attacks. Silver SAML “enables the exploitation of SAML to launch attacks from an identity provider like Entra ID against applications configured to
A joint Cybersecurity Advisory (CSA) issued by the Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command and international partners has raised alarms regarding Russian state-sponsored cyber actors’ exploitation of compromised Ubiquiti EdgeRouters. Identified as the Russian General Staff Main Intelligence Directorate (GRU), 85th Main Special Service Center (GTsSS), these actors, also known
Social Media Do you often take to social media to broadcast details from your life? Here’s why this habit may put your privacy and security at risk. Phil Muncaster 26 Feb 2024 • , 5 min. read Hundreds of millions of us log on to our favorite social media sites every day. We shop, share
Feb 28, 2024NewsroomCyber Espionage / Malware An Iran-nexus threat actor known as UNC1549 has been attributed with medium confidence to a new set of attacks targeting aerospace, aviation, and defense industries in the Middle East, including Israel and the U.A.E. Other targets of the cyber espionage activity likely include Turkey, India, and Albania, Google-owned Mandiant
France’s National Cybersecurity Agency (ANSSI) observed a significant rise in cyber espionage campaigns targeting strategic organizations in 2023. These operations are increasingly focused on individuals and non-governmental structures that create, host or transmit sensitive data, ANSSI observed in its 2023 Cyber Threat Landscape report, published on February 27, 2024. Besides public administration, the primary targets
Feb 27, 2024NewsroomVulnerability / Website Security A security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their privileges. Tracked as CVE-2023-40000, the vulnerability was addressed in October 2023 in version 5.7.0.1. “This plugin suffers from unauthenticated site-wide stored [cross-site scripting] vulnerability and could allow any
The White House has called on the tech industry to adopt memory safe programming languages, eliminating most memory safety vulnerabilities from hardware and software. The report by the Office of the National Cyber Director (ONCD) noted that memory safety vulnerabilities are one of the “most pervasive” classes of bugs. Up to 70% of security vulnerabilities
How To Why and how are we subjected to so much disinformation nowadays, and is there a way to spot the fakes? Márk Szabó 20 Feb 2024 • , 6 min. read One of the best things about the internet is that it’s an expansive repository of knowledge – and this wealth of knowledge is
Feb 26, 2024The Hacker NewsSteganography / Malware Ukrainian entities based in Finland have been targeted as part of a malicious campaign distributing a commercial remote access trojan known as Remcos RAT using a malware loader called IDAT Loader. The attack has been attributed to a threat actor tracked by the Computer Emergency Response Team of
Almost four in five (78%) of organizations who paid a ransom demand were hit by a second ransomware attack, often by the same threat actor, according to Cybereason’s Ransomware: The Cost to Business Study 2024. Nearly two-thirds (63%) of these organizations were asked to pay more the second time. Of the 78% breached a second
Digital Security You would never give your personal ID to random strangers, right? So why provide the ID of your computer? Unsuspecting users beware, IP grabbers do not ask for your permission. Márk Szabó 22 Feb 2024 • , 6 min. read A common message that any user of a social platform like Discord might
LockBitSupp, the individual(s) behind the persona representing the LockBit ransomware service on cybercrime forums such as Exploit and XSS, “has engaged with law enforcement,” authorities said. The development comes following the takedown of the prolific ransomware-as-a-service (RaaS) operation as part of a coordinated international operation codenamed Cronos. Over 14,000 rogue accounts on third-party services like
Serco Leisure has been ordered to stop using facial recognition technology (FRT) and fingerprint scanning to monitor employee attendance by the UK’s data protection enforcement authority. The Information Commissioner’s Office (ICO) said the company unlawfully processed biometric data of more than 2000 employees across 38 sporting and leisure facilities under UK data protection law. Serco
Video Coming in two waves, the campaign sought to demoralize Ukrainians and Ukrainian speakers abroad with disinformation messages about war-related subjects 23 Feb 2024 This week, ESET researchers revealed their findings about Operation Texonto, a disinformation/psychological (PSYOP) campaign where Russia-aligned threat actors sought to demoralize Ukrainians and Ukrainian speakers abroad with disinformation messages about war-related
Feb 24, 2024NewsroomActive Directory / Data Protection Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light. “Microsoft will automatically enable the logs in customer accounts and increase
Read more about LockBit Ransomware: LockBit Takedown: What You Need to Know about Operation Cronos LockBit Infrastructure Disrupted by Global Law Enforcers LockBit and Royal Mail Ransomware Negotiation Leaked LockBit Remains Top Global Ransomware Threat “We know who he is. We know where he lives. We know how much he is worth. LockbitSupp has engaged
ESET products and research have been protecting Ukrainian IT infrastructure for years. Since the start of the war in February 2022, we have prevented and investigated a significant number of attacks launched by Russia-aligned groups. We have also published some of the most interesting findings on WeLiveSecurity: Even though our main focus remains on analyzing
Feb 23, 2024NewsroomSupply Chain Attack / Malware A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer malware called Nova Sentinel. The package, named django-log-tracker, was first published to PyPI in April 2022, according to software supply chain security firm Phylum, which detected
Cybersecurity experts at Kaspersky have uncovered a new phishing campaign that specifically targets small and medium-sized businesses (SMBs). The attack method involves exploiting the email service provider (ESP) SendGrid to gain access to client mailing lists, subsequently utilizing stolen credentials to send out convincing phishing emails. These emails are crafted to appear authentic, posing a
Feb 23, 2024NewsroomPrivacy / Regulatory Compliance The U.S. Federal Trade Commission (FTC) has hit antivirus vendor Avast with a $16.5 million fine over charges that the firm sold users’ browsing data to advertisers after claiming its products would block online tracking. In addition, the company has been banned from selling or licensing any web browsing
Over 40% of companies globally are struggling to fill critical cybersecurity roles, particularly in information security research and malware analysis, as highlighted by a recent report from Kaspersky. This shortage is particularly acute in Europe, Russia and Latin America. Additionally, security operations center (SOC) and security assessment and network security roles are understaffed, with figures
Feb 21, 2024NewsroomNetwork Security / Vulnerability Cybersecurity researchers have identified two authentication bypass flaws in open-source Wi-Fi software found in Android, Linux, and ChromeOS devices that could trick users into joining a malicious clone of a legitimate network or allow an attacker to join a trusted network without a password. The vulnerabilities, tracked as CVE-2023-52160
Security researchers have identified a concerning uptick in malicious activities infiltrating open-source platforms and code repositories. This trend encompasses a wide array of malicious activities, including hosting command-and-control (C2) infrastructure, storing stolen data and disseminating various forms of malware. In a recent discovery, ReversingLabs reverse engineer Karlo Zanki uncovered two suspicious packages on the Python
Feb 20, 2024NewsroomServer Security / Cryptojacking A novel malware campaign has been observed targeting Redis servers for initial access with the ultimate goal of mining cryptocurrency on compromised Linux hosts. “This particular campaign involves the use of a number of novel system weakening techniques against the data store itself,” Cado security researcher Matt Muir said
The Anatsa banking Trojan campaign has been observed increasingly targeting European banks, according to new data by ThreatFabric researchers. Since its reemergence in November 2023, the Anatsa campaign has manifested in five distinct waves, targeting various regions, including Slovakia, Slovenia and Czechia, alongside previously affected areas like the UK, Germany and Spain. Notably, the campaign
Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the surveillance-for-hire industry. The findings are part of its Adversarial Threat Report for the fourth quarter of 2023. The spyware targeted iOS, Android, and Windows devices.