Discover all the ways MITRE ATT&CK can help you defend your organization. Build your security strategy and policies by making the most of this important framework. What is the MITRE ATT&CK Framework? MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a widely adopted framework and knowledge base that outlines and categorizes the tactics, techniques,
Month: July 2023
An international financial institution owned by the world’s central banks has published a new framework designed to help members mitigate cyber risks associated with their digital currencies. A number of countries including the US and UK are developing central bank digital currency (CBDC) systems. The Bank of England has claimed that a “digital pound” would
Jul 07, 2023Swati KhandelwalMobile Security / Malware Researchers have issued a warning about an emerging and advanced form of voice phishing (vishing) known as “Letscall.” This technique is currently targeting individuals in South Korea. The criminals behind “Letscall” employ a multi-step attack to deceive victims into downloading malicious apps from a counterfeit Google Play Store
Confidential information, including unreleased TV shows, scripts and materials, belonging to the popular children’s television channel Nickelodeon, have been reportedly compromised in a significant data leak. According to social media reports, an individual allegedly dumped approximately 500GB of animation files. The authenticity of the leaked content is yet to be confirmed by Nickelodeon. Still, a spokesperson
Jul 03, 2023The Hacker NewsWebsite Security Tool Every website owner or webmaster grapples with the issue of spam on their website forms. The volume of spam can be so overwhelming that finding useful information within it becomes quite challenging. What exacerbates this issue is that spam can populate your public pages, appearing in comments and
Originally a banking trojan, Emotet later evolved into a full-blown botnet and went on to become one of the most dangerous cyberthreats worldwide Originally a banking trojan, Emotet later evolved into a botnet that went on to become one of the most prevalent cyberthreats worldwide – until it was taken down by an international law
Two spyware applications posing as file management tools have been discovered on the Google Play Store with a total of at least 1.5 million installs. The apps, attributed to the same developer and discovered by cybersecurity firm Pradeo, exhibit similar malicious behaviors and operate without user interaction. Their main objective is to covertly extract and transmit
Jul 08, 2023Swati KhandelwalMobile Security / Spyware Two file management apps on the Google Play Store have been discovered to be spyware, putting the privacy and security of up to 1.5 million Android users at risk. These apps engage in deceptive behaviour and secretly send sensitive user data to malicious servers in China. Pradeo, a
A brief summary of what happened with Emotet since its comeback in November 2021 Emotet is a malware family active since 2014, operated by a cybercrime group known as Mealybug or TA542. Although it started as a banking trojan, it later evolved into a botnet that became one of the most prevalent threats worldwide. Emotet
Ransomware makes up over half (54%) of all cyber-threats targeting the health sector in the EU, a new report from the European Union Agency for Cybersecurity (ENISA) has found. The EU agency’s first cyber-threat landscape for the health sector analysis revealed that patient data, such as electronic health records, were the most targeted assets (30%)
by Paul Ducklin PUTTING THE X IN X-OPS First there was DevOps, then SecOps, then DevSecOps. Or should that be SecDevOps? Paul Ducklin talks to Sophos X-Ops insider Matt Holdcroft about how to get all your corporate “Ops” teams working together, with cybersecurity correctness as a guiding light. No audio player below? Listen directly on
Jul 07, 2023Swati KhandelwalEndpoint Security / Ransomware Ransomware attacks are a major problem for organizations everywhere, and the severity of this problem continues to intensify. Recently, Microsoft’s Incident Response team investigated the BlackByte 2.0 ransomware attacks and exposed these cyber strikes’ terrifying velocity and damaging nature. The findings indicate that hackers can complete the entire
Around two in five (39%) businesses experienced a data breach in their cloud environment in 2022, a rise of 4% compared with 2021, a new report has found. The 2023 Thales Global Cloud Security Study, which surveyed nearly 3000 IT and security professionals across 18 countries, also revealed a dramatic increase in sensitive data stored
by Paul Ducklin Firefox’s latest monthly update just came out, bumping the primary version of the popular alternative browser to 115.0. OK, it’s technically a once-every-four-weeks update, so that there will sometimes be two major updates in a single calendar month, just as you sometimes get two full moons in a month, but this month
Jul 06, 2023Ravie LakshmananCyber Crime / Hacking A suspected senior member of a French-speaking hacking crew known as OPERA1ER has been arrested as part of an international law enforcement operation codenamed Nervone, Interpol has announced. “The group is believed to have stolen an estimated USD 11 million — potentially as much as 30 million —
Here are some of the key insights on the evolving data breach landscape as revealed by Verizon’s analysis of more than 16,000 incidents Contrary to common perception, small and medium-sized businesses (SMBs) are often the target of cyberattacks. That’s understandable, as in the US and UK, they comprise over 99% of businesses, a majority of
Over half (56%) of UK citizens do not trust the NHS to use AI to analyze patient data due to security and privacy concerns, according to research by VMware. In addition, a quarter (25%) of the more than 2000 respondents to the VMware survey said they are completely against the NHS using AI to process
by Paul Ducklin Even if you haven’t heard of the venerable Ghostscript project, you may very well have used it without knowing. Alternatively, you may have it baked into a cloud service that you offer, or have it preinstalled and ready to go if you use a package-based software service such as a BSD or
Jul 05, 2023Ravie LakshmananSupply Chain / Software Security The npm registry for the Node.js JavaScript runtime environment is susceptible to what’s called a manifest confusion attack that could potentially allow threat actors to conceal malware in project dependencies or perform arbitrary script execution during installation. “A npm package’s manifest is published independently from its tarball,”
Criminals increasingly create deepfake nudes from people’s benign public photos in order to extort money from them, the FBI warns The U.S. Federal Bureau of Investigation (FBI) is warning about an increase in extortion campaigns where criminals tap into readily available artificial intelligence (AI) tools to create sexually explicit deepfakes from people’s innocent photos and
At least 19 US healthcare organizations (HCOs) have been breached by ransomware gangs so far this year, according to Emsisoft. Brett Callow, threat analyst for the New Zealand-based anti-malware specialist, revealed the news in a tweet yesterday. Read more on healthcare incidents: NextGen Healthcare Data Breach: One Million Patient Records Affected Callow claimed that, according to
by Paul Ducklin If you run a WordPress site with the Ultimate Members plugin installed, make sure you’ve updated it to the latest version. Over the weekend, the plugin’s creator published version 2.6.7, which is supposed to patch a serious security hole, described by user @softwaregeek on the WordPress support site as follows: A critical
Jul 04, 2023Ravie LakshmananCyber Crime / Mobile Security An e-crime actor of Mexican provenance has been linked to an Android mobile malware campaign targeting financial institutions globally, but with a specific focus on Spanish and Chilean banks, from June 2021 to April 2023. The activity is being attributed to an actor codenamed Neo_Net, according to
A supply chain attack is the likely cause of Taiwanese giant chipmaker TSMC finding itself on the infamous ransomware group LockBit’s leak dark web site on June 29, 2023. The accompanying $70m ransom is the fourth-largest sum demanded in ransomware history. The day before this information appeared on the leak site, a threat actor known
Jul 03, 2023Ravie LakshmananMalware / Hacking In yet another sign of a lucrative crimeware-as-a-service (CaaS) ecosystem, cybersecurity researchers have discovered a new Windows-based information stealer called Meduza Stealer that’s actively being developed by its author to evade detection by software solutions. “The Meduza Stealer has a singular objective: comprehensive data theft,” Uptycs said in a
The beginning of the summer break is the perfect time for parents to remind their children about the importance of safe online habits The sun’s out, and so is school. But despite our best efforts, the chances are that our children will spend the coming summer holiday period glued to their devices. Depending on their
A recent adversary simulation conducted by the MDSec ActiveBreach red team uncovered a critical vulnerability in ArcServe UDP Backup software. Tracked CVE-2023-26258, the flaw affects versions 7.0 to 9.0 of the software and allows for remote code execution (RCE), posing a significant risk to organizations relying on the software for backup infrastructure. “The importance of
Jul 01, 2023Ravie LakshmananEndpoint Security / Malware Researchers have pulled back the curtain on an updated version of an Apple macOS malware called Rustbucket that comes with improved capabilities to establish persistence and avoid detection by security software. “This variant of Rustbucket, a malware family that targets macOS systems, adds persistence capabilities not previously observed,”
The growing use of synthetic media and difficulties in distinguishing between real and fake content raises a slew of legal and ethical questions The news cycle is awash with articles about (what’s not always rightly called) artificial intelligence – some good, some bad, and some ugly. The fact that some individuals are using readily available
The Swiss Federal Intelligence Service (FIS) released its latest situation report on Tuesday, highlighting the ongoing impact of Russia’s aggression against Ukraine on national and international security. The report emphasized that the increasing rivalry between significant powers heavily influences Switzerland’s security. It also showed how the decline in the effectiveness of international forums like the