Month: April 2023

0 Comments
The importance of understanding – and prioritizing – the privacy and security implications of large language models like ChatGPT cannot be overstated Thousands of security professionals descended on San Francisco this week to attend RSA Conference, the world’s leading gathering of the security community. What was the hottest topic at the event? You guessed it
0 Comments
Weekly cyber-attacks have increased worldwide by 7% in Q1 2023 compared to the same period last year, with each firm facing an average of 1248 attacks per week. The figures come from Check Point’s latest research report, which also suggests that the education and research sector experienced the highest number of attacks, rising to an
0 Comments
by Paul Ducklin Researchers at dark web monitoring company Cyble recently wrote about a data-stealing-as-a-service toolkit that they found being advertised in an underground Telegram channel. One somewhat unusual aspect of this “service” (and in this context, we don’t mean that word in any sort of positive sense!) is that it was specifically built to
0 Comments
Apr 29, 2023Ravie LakshmananHealthcare / Cybersecurity The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS) medical advisory warning of a critical flaw impacting Illumina medical devices. The issues impact the Universal Copy Service (UCS) software in the Illumina MiSeqDx, NextSeq 550Dx, iScan, iSeq 100, MiniSeq, MiSeq, NextSeq 500, NextSeq
0 Comments
Apr 28, 2023Ravie LakshmananEndpoint Security / Cryptocurrency Threat actors are advertising a new information stealer for the Apple macOS operating system called Atomic macOS Stealer (or AMOS) on Telegram for $1,000 per month, joining the likes of MacStealer. “The Atomic macOS Stealer can steal various types of information from the victim’s machine, including Keychain passwords,
0 Comments
ESET Research uncovers a campaign by the APT group known as Evasive Panda targeting an international NGO in China with malware delivered through updates of popular Chinese software ESET researchers have discovered a campaign that we attribute to the APT group known as Evasive Panda, where update channels of legitimate applications were mysteriously hijacked to
0 Comments
Artificial Intelligence (AI) tooling was the hot topic at this year’s RSA Conference, held in San Francisco. The potential of generative AI in cybersecurity tooling has sparked excitement among cybersecurity professionals. However, questions have been raised about the practical usage of AI in cybersecurity and the reliability of the data used to build AI models.
0 Comments
Apr 27, 2023Ravie LakshmananBotnet / Cyber Crime Google on Wednesday said it obtained a temporary court order in the U.S. to disrupt the distribution of a Windows-based information-stealing malware called CryptBot and “decelerate” its growth. The tech giant’s Mike Trinh and Pierre-Marc Bureau said the efforts are part of steps it takes to “not only
0 Comments
Lessons learned from the ongoing cyberwarfare that is raging between Russia and Ukraine ought to be applied to other scenarios, including ongoing tensions between China and Taiwan. Laura Galante, Director, Cyber Threat Intelligence Integration Center for the Office of the Director for National Intelligence, said during the RSA Conference 2023, “As we zoom out as
0 Comments
Apr 25, 2023Ravie LakshmananNetwork Security / DDoS Details have emerged about a high-severity security vulnerability impacting Service Location Protocol (SLP) that could be weaponized to launch volumetric denial-of-service attacks against targets. “Attackers exploiting this vulnerability could leverage vulnerable instances to launch massive Denial-of-Service (DoS) amplification attacks with a factor as high as 2200 times, potentially
0 Comments
It is hard to imagine a link between climate change and cybersecurity, but there are a number of reasons why industry professionals need to pay attention to this existential threat. Highlighting the connections between the two, Chloe Messdaghi, CEO & Founder, Global Secure Partners, said that  that the link between climate change and cybersecurity is
0 Comments
Apr 24, 2023Ravie LakshmananCyber Espionage The Russian-speaking threat actor behind a backdoor known as Tomiris is primarily focused on gathering intelligence in Central Asia, fresh findings from Kaspersky reveal. “Tomiris’s endgame consistently appears to be the regular theft of internal documents,” security researchers Pierre Delcher and Ivan Kwiatkowski said in an analysis published today. “The
0 Comments
Apr 22, 2023Ravie LakshmananPatch Management / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The three vulnerabilities are as follows – CVE-2023-28432 (CVSS score – 7.5) – MinIO Information Disclosure Vulnerability CVE-2023-27350 (CVSS score –
0 Comments
Similarities with newly discovered Linux malware used in Operation DreamJob corroborate the theory that the infamous North Korea-aligned group is behind the 3CX supply-chain attack ESET researchers have discovered a new Lazarus Operation DreamJob campaign targeting Linux users. Operation DreamJob is the name for a series of campaigns where the group uses social engineering techniques
0 Comments
Apr 22, 2023Ravie LakshmananSupply Chain / Cyber Threat Lazarus, the prolific North Korean hacking group behind the cascading supply chain attack targeting 3CX, also breached two critical infrastructure organizations in the power and energy sector and two other businesses involved in financial trading using the trojanized X_TRADER application. The new findings, which come courtesy of
0 Comments
Many routers that are offered for resale contain sensitive corporate information and allow third-party connections to corporate networks Did you mistakenly sell access to your network when you sold a decommissioned router? Recently, ESET researchers purchased several used core routers to set up a test environment, only to find that, in many cases, the previously
0 Comments
An employee from the US Consumer Financial Protection Bureau (CFPB) has reportedly forwarded confidential records of roughly 256,000 consumers and confidential supervisory information of approximately 50 institutions to a personal email account. Congressman Bill Huizenga addressed the claims in a letter to CFPB director, Rohit Chopra, dated April 18. “At the time of your notification,
0 Comments
Apr 21, 2023Ravie LakshmananKubernetes / Cryptocurrency A large-scale attack campaign discovered in the wild has been exploiting Kubernetes (K8s) Role-Based Access Control (RBAC) to create backdoors and run cryptocurrency miners. “The attackers also deployed DaemonSets to take over and hijack resources of the K8s clusters they attack,” cloud security firm Aqua said in a report