Customers reporting authorized push payment (APP) scams to their banks are being exposed to “inconsistent outcomes” in terms of reimbursement, the UK payments regulator has warned. In a first-of-its-kind report, the Payment Systems Regulator (PSR) revealed the percentage of APP fraud cases that were fully and partially reimbursed by each of the UK’s largest 14
Month: October 2023
Oct 31, 2023NewsroomCyber War / Malware The threat actor known as Arid Viper (aka APT-C-23, Desert Falcon, or TAG-63) has been attributed as behind an Android spyware campaign targeting Arabic-speaking users with a counterfeit dating app designed to harvest data from infected handsets. “Arid Viper’s Android malware has a number of features that enable the
British police continue to hold millions of images of innocent citizens a decade after being ordered to destroy them, the UK’s outgoing biometrics and surveillance commissioner has revealed. Fraser Sampson, who will end his term tomorrow, told The Guardian that a high court ruling in 2012 ordered police to dispose of custody photographs for individuals
Oct 30, 2023The Hacker NewsWebinar / Web App Security Modern web app development relies on cloud infrastructure and containerization. These technologies scale on demand, handling millions of daily file transfers – it’s almost impossible to imagine a world without them. However, they also introduce multiple attack vectors that exploit file uploads when working with public
Microsoft has described the Octo Tempest (aka Scattered Spider, 0ktapus, UNC3944) group as “one of the most dangerous financial criminal groups” operating today. In a lengthy analysis, the tech giant explained that the financial extortion group is unusual in comprising English-speaking threat actors, even though it has collaborated with the Russian-speaking ALPHV/BlackCat ransomware operation. “Historically,
Video The zero-day exploit deployed by the Winter Vivern APT group only requires that the target views a specially crafted message in a web browser 27 Oct 2023 This week, ESET research described how the Winter Vivern APT group has been exploiting a zero-day XSS vulnerability in Roundcube Webmail servers to target European governmental entities
Oct 27, 2023NewsroomCyber Attack / Malware The North Korea-aligned Lazarus Group has been attributed as behind a new campaign in which an unnamed software vendor was compromised through the exploitation of known security flaws in another high-profile software. The attack sequences, according to Kaspersky, culminated in the deployment of malware families such as SIGNBT and
The UK’s National Cyber Security Centre (NCSC) has announced the launch of a new offering designed to prevent school users visiting malicious websites. PDNS for Schools is completely free and will be rolled out from now into the coming year, according to NCSC deputy director for economy and society, Sarah Lyons. “This timeframe will allow
Oct 28, 2023NewsroomPrivacy / Data Security New findings have shed light on what’s said to be a lawful attempt to covertly intercept traffic originating from jabber[.]ru (aka xmpp[.]ru), an XMPP-based instant messaging service, via servers hosted on Hetzner and Linode (a subsidiary of Akamai) in Germany. “The attacker has issued several new TLS certificates using
Generative AI is too beneficial to abandon despite the threats it poses to organizations, according to experts speaking at the ISC2 Security Congress 2023. During a session at the event, Kyle Hinterburg, Manager at LBMC and Brian Willis, Senior Manager at LBMC pointed out that while criminals will utilize generative AI tools and they carry
ESET Research ESET Research recommends updating Roundcube Webmail to the latest available version as soon as possible Matthieu Faou 25 Oct 2023 • , 5 min. read ESET Research has been closely tracking the cyberespionage operations of Winter Vivern for more than a year and, during our routine monitoring, we found that the group began
When organizations start incorporating cybersecurity regulations and cyber incident reporting requirements into their security protocols, it’s essential for them to establish comprehensive plans for preparation, mitigation, and response to potential threats. At the heart of your business lies your operational technology and critical systems. This places them at the forefront of cybercriminal interest, as they
Leading CISOs have offered best practices for security leaders on how to manage cyber risks effectively during the ISC2 Security Congress 2023 in Nashville, Tennessee. Andrew Smeaton, CISO at Affiniti, and Greg Rogers, CISO for the State of Maryland, set out a range of tips on how to undertake cyber risk management sustainably amid an
Oct 26, 2023NewsroomCyber Threat / Social Engineering The prolific threat actor known as Scattered Spider has been observed impersonating newly hired employees in targeted firms as a ploy to blend into normal on-hire processes and takeover accounts and breach organizations across the world. Microsoft, which disclosed the activities of the financially motivated hacking crew, described
Cybersecurity is not a strategic priority for 35% of SMBs considering cloud migration, Amazon Web Services (AWS) has revealed. The cloud infrastructure giant surveyed more than 800 C-suite execs, VPs and directors from global SMBs to better understand their attitudes to cloud security and uncovered three misconceptions. These were: Security is an added cost rather than
Digital Security Why use and keep track of a zillion discrete accounts when you can log into so many apps and websites using your Facebook or Google credentials, right? Not so fast. What’s the trade-off? André Lameiras 23 Oct 2023 • , 6 min. read “Continue with Google” – such a seamless way to sign
Oct 25, 2023NewsroomThreat Intelligence / Vulnerability The threat actor known as Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023, to harvest email messages from victims’ accounts. “Winter Vivern has stepped up its operations by using a zero-day vulnerability in Roundcube,” ESET security researcher Matthieu Faou said
Generative AI tools can save phishing actors 16 hours of work designing a scam email, but still can’t match a human knack for crafting more convincing missives, according to new IBM research. Social engineering expert Stephanie Carruthers revealed details of a new research project today, in which her team sought to understand whether generative AI
Oct 24, 2023NewsroomCyber Fraud / Cyber Crime Spanish law enforcement officials have announced the arrest of 34 members of a criminal group that carried out various online scams, netting the gang about €3 million ($3.2 million) in illegal profits. Authorities conducted searches across 16 locations Madrid, Malaga, Huelva, Alicante, and Murcia, seizing two simulated firearms,
The International Criminal Court (ICC) has revealed that a September cyber-attack on its IT systems was a highly targeted espionage attempt, although attribution thus far remains elusive. The Netherlands-headquartered tribunal, which tries individuals suspected of war crimes and crimes against humanity, first posted a brief message about the breach at the end of September. However,
Oct 21, 2023NewsroomZero-Day / Vulnerability Cisco has warned of a new zero-day flaw in IOS XE that has been actively exploited by an unknown threat actor to deploy a malicious Lua-based implant on susceptible devices. Tracked as CVE-2023-20273 (CVSS score: 7.2), the issue relates to a privilege escalation flaw in the web UI feature and
The Hoxhunt Challenge has unveiled alarming trends in employee susceptibility to phishing attacks, emphasizing the critical role of engagement in reducing human risk. The study, published today and conducted in 38 organizations across nine industries and 125 countries, revealed that 22% of phishing attacks in the first weeks of October 2023 used QR codes to
Video ESET’s analysis of cybercrime campaigns in Latin America reveals a notable shift from opportunistic crimeware to more complex threats, including those targeting enterprises and governments 20 Oct 2023 This week, ESET researchers announced the release of a report that looked at more than a dozen publicly documented malicious campaigns targeting Latin America between 2019
Europol on Friday announced the takedown of the infrastructure associated with Ragnar Locker ransomware, alongside the arrest of a “key target” in France. “In an action carried out between 16 and 20 October, searches were conducted in Czechia, Spain, and Latvia,” the agency said. “The main perpetrator, suspected of being a developer of the Ragnar
Vietnam-based cybercriminals are believed to be behind to attacks using DarkGate malware, which have targeted organizations in the UK, US and India since 2018. WithSecure researchers have tracked these attacks to an active cluster of cybercriminals using the Ducktail infostealer, which has been used in recent campaigns targeting Meta business accounts. The DarkGate and Ducktail
Business Security How robust backup practices can help drive resilience and improve cyber-hygiene in your company Phil Muncaster 18 Oct 2023 • , 5 min. read Could your company survive if its most critical data stores were suddenly encrypted or wiped out by cybercriminals? This is the worst-case scenario many organizations have been plunged into
Oct 21, 2023NewsroomData Breach / Cyber Attack Identity services provider Okta on Friday disclosed a new security incident that allowed unidentified threat actors to leverage stolen credentials to access its support case management system. “The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases,” David Bradbury,
The use of AI chatbots and AI-enabled manipulation of information by malicious actors is a key threat ahead of the upcoming 2024 elections across the continent, according to the European Union Agency for Cybersecurity (ENISA). The 11th edition of ENISA’s Threat Landscape report, published on October 19, 2023, compiles cyber threats observed by the Agency
Business Security Knowledge is a powerful weapon that can empower your employees to become the first line of defense against threats Phil Muncaster 19 Oct 2023 • , 5 min. read It’s Cybersecurity Awareness Month (CSAM) time again this October. This is an awareness-raising initiative that spans both consumer and corporate worlds, although there’s plenty
Oct 20, 2023NewsroomMalvertising / Cyber Threat Details have emerged about a malvertising campaign that leverages Google Ads to direct users searching for popular software to fictitious landing pages and distribute next-stage payloads. Malwarebytes, which discovered the activity, said it’s “unique in its way to fingerprint users and distribute time sensitive payloads.” The attack singles out