Security

Threat actors have been observed exploiting a critical vulnerability, CVE-2023-46604, in Apache systems.  Over the past few weeks, Fortiguard Labs identified multiple threat actors leveraging this vulnerability to unleash several malware strains. Among the discoveries is the emergence of a newly discovered Golang-based botnet named GoTitan. This sophisticated botnet has raised concerns due to its ability

Security researchers have uncovered the continuation and expansion of an Android mobile banking Trojan campaign targeting major Iranian banks.  Initially discovered in July 2023, the campaign has not only persisted but has also evolved with enhanced capabilities, according to a new report by Zimperium malware analysts Aazim Bill SE Yaswant and Vishnu Pratapagiri. A prior

Fidelity National Financial (FNF) has disclosed a cybersecurity incident that prompted the company to take down certain systems. The company made the announcement in a recent Form 8-K filing with the Securities and Exchange Commission (SEC) dated November 19 2023. A prominent player in the real estate and mortgage industry, FNF said it initiated an immediate

Security researchers have warned of triple-digit increase in the volume of phishing emails designed to trick shoppers, ahead of the Black Friday online sales bonanza which starts today. For the past few years, the Amazon-inspired event has signaled the unofficial start of the busy shopping season running through to the end of December. However, it

Security researchers have found a way to bypass the popular Windows Hello fingerprint authentication technology, after discovering multiple vulnerabilities. Microsoft’s Offensive Research and Security Engineering (MORSE) asked Blackwing Intelligence to evaluate the security of the top three fingerprint sensors embedded in laptops. The firm studied a Dell Inspiron 15, a Lenovo ThinkPad T14 and a Microsoft

House sales and purchases across the UK have been disrupted by a cyber-attack affecting multiple conveyancing firms. CTS, a legal sector specialist infrastructure service provider, confirmed in a statement that it has experienced a service outage caused by a cyber-incident. The firm said the cyber-attack has impacted a portion of the services it delivers to

The Akamai Security Incident Response Team (SIRT) has detected increased activity targeting a rarely used TCP port across its global honeypots.  The investigation conducted in late October 2023 revealed a specific HTTP exploit path, identifying two zero-day exploits being actively leveraged in the wild.  The first exploit targeted network video recorders (NVRs) used in CCTV

A critical vulnerability in Apache ActiveMQ, identified as CVE-2023-46604, has been exposed, revealing an active exploitation scenario by the notorious Kinsing malware.  According to an advisory published by Trend Micro on Monday, the discovery underscores the implications for Linux systems, as the vulnerability allows for remote code execution (RCE) due to inadequate validation of throwable

Security researchers have detected a Russian-language Word document carrying a malicious macro in the ongoing Konni campaign.  Despite its September 2023 creation date, FortiGuard Labs’ internal telemetry revealed continued activity on the campaign’s command-and-control (C2) server.  This long-running campaign utilizes a remote access Trojan (RAT) capable of extracting information and executing commands on compromised devices, employing

The US Cybersecurity and Infrastructure Security Agency (CISA) has released a Mitigation Guide specifically tailored for the Healthcare and Public Health (HPH) sector. The new guide outlines defensive mitigation strategies and best practices to counteract prevalent cyber-threats targeting critical infrastructure in the healthcare domain. The paper, published on Friday, emphasizes the importance of vulnerability management,

Royal Mail has revealed a multimillion-pound cost attached to a serious ransomware breach it suffered earlier this year. The British postal service company was hit by a LockBit affiliate, in an incident which caused “severe service disruption” for items sent abroad. It later transpired that the ransomware actors were demanding nearly $80m from the firm

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have released a detailed cybersecurity advisory on the sophisticated Scattered Spider threat group, urging critical infrastructure (CNI) firms to implement its mitigation recommendations. The group (also known as 0ktapus, Starfraud, UNC3944, Scatter Swine, Octo Tempest and Muddled Libra) is thought to be responsible for big-name

involving the spoofing of luxury brands, including Louis Vuitton, Rolex, and Ray-Ban. The hackers craft enticing emails promising heavy discounts on these luxury products, with the email addresses manipulated to mimic the authenticity of the brands. Despite the appearance of legitimacy, a closer look reveals that the email origins have no connection to the actual

The Cloud Security Alliance (CSA) has introduced the Certificate of Competence in Zero Trust (CCZT), the industry’s inaugural authoritative zero trust certification.  CSA said the certification responds to the evolving landscape of pervasive technology and the inadequacy of legacy security models. It aims to equip security professionals with the knowledge necessary to develop and implement

The US Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has unveiled its inaugural roadmap for artificial intelligence (AI). The initiative aligns with President Biden’s recent Executive Order, which directed DHS to globally promote AI safety standards, safeguard US networks and critical infrastructure, and address the potential weaponization of AI. The roadmap

Security researchers have discovered a total of 3938 unique secrets on PyPI, the official third-party package management system for the Python community, across all projects, with 768 of them validated as authentic.  Notably, 2922 projects contained at least one unique secret. Among the leaked secrets were various credentials, including AWS Keys, Redis credentials, Google API

Security researchers have identified a new cyber-threat targeting publicly exposed instances of the Docker Engine API.  In this campaign, attackers exploit misconfigurations to deploy a malicious Docker container with Python malware compiled as an ELF executable. The malicious tool, functioning as a Distributed Denial of Service (DDoS) bot agent, exhibits various attack methods for conducting

Two giants of the banking and legal sectors have been breached by suspected ransomware actors, according to reports. Allen & Overy is one of the UK’s “Magic Circle” law firms. It released a statement yesterday revealing a “data incident” impacting a “small number of storage servers.” Although the firm did not name ransomware as the

Microsoft has revealed a new threat campaign exploiting a zero-day vulnerability in the popular SysAid IT helpdesk software. Posting to X (formerly Twitter) yesterday, the Microsoft Threat Intelligence account said the group is the same one responsible for the MOVEit data theft and extortion campaign – a threat actor known as Lace Tempest (aka DEV-0950,

Most British lawmakers are unaware or misinformed about how and where facial recognition technology (FRT) is being used, and the privacy threats it poses, according to a new Privacy International study. The rights group commissioned YouGov to poll 114 UK MPs about the technology, which uses AI to extract biometric data from facial images captured

Security researchers have identified a watering-hole attack on a regional news website, Hunza News, which delivers news about Gilgit-Baltistan, a disputed region administered by Pakistan.  According to a new advisory published by ESET malware researcher Lukas Stefanko earlier today, the attack targets Urdu-speaking users in the region and deploys previously unknown spyware dubbed Kamran. The

Cybersecurity researchers at SentinelLabs have uncovered a new Python-based infostealer and hack tool named “Predator AI.” The malicious tool is specifically designed to target cloud services and integrates artificial intelligence (AI) technology, specifically a ChatGPT-driven class implemented into the Python script.  The inclusion of the GPTj class adds a chat-like text-processing interface to interact with

Security researchers have uncovered a new malware variant believed to be associated with the BlueNoroff Advanced Persistent Threat (APT) group.  BlueNoroff is known for its financially motivated campaigns, often targeting cryptocurrency exchanges, venture capital firms and banks. Writing in an advisory published today, Jamf Threat Labs said the discovery came during routine threat hunting, where

The US, Japan and South Korea have established a high-level consultative body designed to counter North Korea’s cyber activities. A key purpose of the new group is to prevent cyber-attacks and crypto heists used to fund North Korea’s weapons development, including its nuclear program, according to South Korea’s Office of National Security. The consultative body

Microsoft has announced a major new cybersecurity initiative designed to help the company better respond to the increasing speed, scale and sophistication of today’s cyber-threats. The Secure Future Initiative has been driven in part by the growing sophistication of state-sponsored actors, in particular the Volt Typhoon campaign targeting US critical infrastructure and the more recent

The UK Frontier AI Taskforce, a government-funded initiative launched in April 2023 as the Foundation Model Taskforce, is evolving to become the UK AI Safety Institute. British Prime Minister Rishi Sunak announced the creation of the Institute during his closing speech at the AI Safety Summit, held in Bletchley Park, England, on November 2, 2023.

Threat actors have compromised sensitive health data on tens of millions of US patients so far this year, according to new figures released by the Department of Health and Human Services (HHS). The HHS said that there had been a 239% increase in “large breaches” reported to its Office for Civil Rights (OCR) in the

Cybercriminals are using artificial intelligence (AI) to launch more sophisticated social engineering attacks, and experts are warning that it is becoming increasingly difficult to distinguish between what is real and what is AI-generated. This trend is being highlighted at the UK government’s AI Safety Summit, which is focusing on the risks of AI and strategies

The UK government called it a “landmark” decision for the future of artificial intelligence (AI). The Bletchley Declaration, an international agreement listing opportunities, risks and needs for global action on ‘frontier AI,’ systems that pose the most urgent and dangerous risks, has been signed by 28 countries, including the US, the UK, China, six EU

Customers reporting authorized push payment (APP) scams to their banks are being exposed to “inconsistent outcomes” in terms of reimbursement, the UK payments regulator has warned. In a first-of-its-kind report, the Payment Systems Regulator (PSR) revealed the percentage of APP fraud cases that were fully and partially reimbursed by each of the UK’s largest 14