0 Comments
ESET researchers reveal a detailed profile of TA410: we believe this cyberespionage umbrella group consists of three different teams using different toolsets, including a new version of the FlowCloud espionage backdoor discovered by ESET. ESET researchers have documented and analyzed TA410 activity going back to 2019. TA410 is a cyberespionage umbrella group loosely linked to
0 Comments
A cyberespionage threat actor known for targeting a variety of critical infrastructure sectors in Africa, the Middle East, and the U.S. has been observed using an upgraded version of a remote access trojan with information stealing capabilities. Calling TA410 an umbrella group comprised of three teams dubbed FlowingFrog, LookingFrog and JollyFrog, Slovak cybersecurity firm ESET
0 Comments
Most organizations have suffered a data breach connected with a shortage of skills in the cybersecurity industry, according to new research published today. Fortinet’s 2022 Cybersecurity Skills Gap Report identified multiple risks associated with cybersecurity’s skills gap. Most (80%) organizations surveyed for the report said they had suffered at least one breach they could attribute to a
0 Comments
Bad actors continuously evolve their tactics and are becoming more sophisticated. Within the past couple of years, we’ve seen supply chain attacks that quickly create widespread damage throughout entire industries. But the attackers aren’t just focusing their efforts on supply chains. For example, businesses are becoming increasingly more reliant on SaaS apps and the cloud
0 Comments
The British Army’s online recruitment portal has been offline for more than a month following a data breach.  Officials shut the computerized enrollment system down in the middle of March as a precaution after the personal data of more than 100 army recruits was found being offered for sale on the dark web. An investigation
0 Comments
Email accounts at a Kansas hospital were compromised for nearly a year in a prolonged data breach affecting more than 52,000 individuals. Emporia-based Newman Regional Health was breached by an unauthorized threat actor last year. In a data security notice on its website, the healthcare provider disclosed that the actor was able to access a limited number of email
0 Comments
Security researchers have disclosed a security vulnerability in the VirusTotal platform that could have been potentially weaponized to achieve remote code execution (RCE). The flaw, now patched, made it possible to “execute commands remotely within VirusTotal platform and gain access to its various scans capabilities,” Cysource researchers Shai Alfasi and Marlon Fabiano da Silva said
0 Comments
An American respiratory care provider is facing multiple lawsuits over a data breach that allegedly exposed the personal information of more than 300,000 current and former patients. SuperCare Health, headquartered in Downey, California, began notifying patients of a data security incident in late March. According to a notice on the healthcare provider’s website, SuperCare Health discovered unauthorized activity on
0 Comments
A Canadian youth employment services provider has launched a free cybersecurity training program. Funded by the Government of Ontario’s Skills Development Fund, the new program offered by Youth Employment Services (YES) aims to help Canadian youngsters who disclose mental health issues and Ukrainian refugees find work in the cybersecurity industry.  YES president and CEO Timothy Lang said:
0 Comments
Pennsylvania-based convenience store and gas station chain Wawa is seeking the return of penalties it paid to Mastercard following a 2019 data breach of its customer payment security systems. In December 2019, Wawa CEO Chris Gheysens announced that malware that steals credit card information had potentially been operating at Wawa’s 842 locations across Pennsylvania, New Jersey, Delaware, Maryland, Virginia, Washington, DC
0 Comments
A proof-of-concept (PoC) code demonstrating a newly disclosed digital signature bypass vulnerability in Java has been shared online. The high-severity flaw in question, CVE-2022-21449 (CVSS score: 7.5), impacts the following version of Java SE and Oracle GraalVM Enterprise Edition – Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18 Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1, 22.0.0.2
0 Comments
The company behind a popular American brand of whole-grain foods has notified its online customers that their personal data may have been exposed in a recent cyber-attack. Bob’s Red Mill Natural Foods issued a data breach notice on April 15 after learning that it had fallen victim to a data scraping cyber-attack that began two months ago. “We
0 Comments
by Paul Ducklin LISTEN NOW Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. [00’24”] Fun Fact. Do you know your Adam Osborne from your John Osbourne? [01’12”] Another 0-day in Chrome. [05’03”] How not to choose a cybersecurity holiday destination. [07’37”] This Week in Tech History.
0 Comments
A new set of phishing attacks delivering the more_eggs malware has been observed striking corporate hiring managers with bogus resumes as an infection vector, a year after potential candidates looking for work on LinkedIn were lured with weaponized job offers. “This year the more_eggs operation has flipped the social engineering script, targeting hiring managers with
0 Comments
The US government has warned that North Korean state-sponsored cyber actors are targeting organizations in the blockchain and cryptocurrency industries. A joint advisory issued this week by the FBI, CISA and the US Treasury revealed that the notorious Lazarus APT group is targeting organizations operating in this sector using trojanized cryptocurrency applications. These include crypto exchanges, cryptocurrency