Dec 29, 2023NewsroomEmail Security / Malware The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign orchestrated by the Russia-linked APT28 group to deploy previously undocumented malware such as OCEANMAP, MASEPIE, and STEELHOOK to harvest sensitive information. The activity, which was detected by the agency between December 15 and 25,
Month: December 2023
The German authorities have announced the takedown of a notorious dark web marketplace known for selling drugs, malware and other illegal items. The federal police service (BKA) and the Frankfurt prosecutor’s office for cybercrime (ZIT) announced the news on Wednesday, but revealed the coordinated action took place on December 16. The English-language Kingdom Market, which was
Dec 30, 2023NewsroomCryptocurrency / Phishing Scam Cybersecurity researchers are warning about an increase in phishing attacks that are capable of draining cryptocurrency wallets. “These threats are unique in their approach, targeting a wide range of blockchain networks, from Ethereum and Binance Smart Chain to Polygon, Avalanche, and almost 20 other networks by using a crypto
Security vendor Ivanti has released an update to its Avalanche mobile device management (MDM) product which fixes 22 vulnerabilities, 13 of which are rated critical. Ivanti Avalanche is described by the vendor as an enterprise MDM solution capable of managing distributed deployments of more than 100,000 mobile devices – including anything from warehouse scanners to
Digital Security As we draw the curtain on another eventful year in cybersecurity, let’s review some of the high-profile cyber-incidents that occurred in 2023 Phil Muncaster 28 Dec 2023 • , 5 min. read It’s been another monumental year in cybersecurity. Threat actors thrived against a backdrop of continued macroeconomic and geopolitical uncertainty, using all
Dec 29, 2023NewsroomCyber Attack / Web Security The Assembly of the Republic of Albania and telecom company One Albania have been targeted by cyber attacks, the country’s National Authority for Electronic Certification and Cyber Security (AKCESK) revealed this week. “These infrastructures, under the legislation in force, are not currently classified as critical or important information
Security researchers have warned against the DarkGate threat actor, who has recently gained notoriety in the realm of remote access Trojans (RATs) and loaders. Earlier today, Proofpoint confirmed it has been tracking a distinct operator of the DarkGate malware, temporarily named BattleRoyal, noting its use in at least 20 email campaigns from September to November
Digital Security Before getting rid of your no-longer-needed device, make sure it doesn’t contain any of your personal documents or information Phil Muncaster 27 Dec 2023 • , 5 min. read The planet is warming and we’re all becoming more environmentally aware. When it comes to IT, this manifests in a surge in “e-waste” recycling.
Dec 28, 2023NewsroomCloud Security / Data Protection Google Cloud has addressed a medium-severity security flaw in its platform that could be abused by an attacker who already has access to a Kubernetes cluster to escalate their privileges. “An attacker who has compromised the Fluent Bit logging container could combine that access with high privileges required
The threat landscape has been bustling in the second half of 2023, according to cybersecurity provider ESET. In its Threat Report: H2 2023, the firm recorded many significant cybersecurity incidents between June and November 2023, a period dominated by AI-related malicious activity and the emergence of new Android spyware. According to the report, a new
Dec 27, 2023NewsroomZero-Day / Vulnerability A new zero-day security flaw has been discovered in the Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system that could be exploited to bypass authentication protections. The vulnerability, tracked as CVE-2023-51467, resides in the login functionality and is the result of an incomplete patch for another critical vulnerability (CVE-2023-49070,
Cybercriminals unleashed an average of 411,000 malicious files every day in 2023, representing a 3% increase from the previous year, according to Kaspersky. The firm’s Security Bulletin: Statistics of the Year Report, published on December 14, 2023, showed that particular types of threats also escalated. One example is the use of malicious desktop files (Microsoft
Dec 26, 2023NewsroomMalware / Cybercrime The banking malware known as Carbanak has been observed being used in ransomware attacks with updated tactics. “The malware has adapted to incorporate attack vendors and techniques to diversify its effectiveness,” cybersecurity firm NCC Group said in an analysis of ransomware attacks that took place in November 2023. “Carbanak returned
After a quieter month in October, ransomware groups seemed to return with a vengeance in November, with the highest number of listed victims ever recorded, according to Corvus Insurance. In a report published on December 18, 2023, Corvus Threat Intel observed 484 new ransomware victims posted to leak sites in November. This represents a 39.08%
Dec 25, 2023NewsroomCyber Espionage / Malware The threat actor referred to as Cloud Atlas has been linked to a set of spear-phishing attacks on Russian enterprises. Targets included a Russian agro-industrial enterprise and a state-owned research company, according to a report from F.A.C.C.T., a standalone cybersecurity company formed after Group-IB’s formal exit from Russia earlier
Security researchers have discovered a new series of “crypto drainer” malware attacks that have stolen $59m from victims so far after luring them to phishing pages via Google and X (formerly Twitter) ads. A crypto drainer is a type of malware that tricks the user into approving a transaction which then automatically drains their cryptocurrency
When shopping for a new smartphone, you’re likely to look for the best bang for your buck. If you’re on the hunt for a top-of-the-range device but aren’t keen on paying top dollar for it, offerings from lesser-known manufacturers will probably make your shortlist. Indeed, in the fiercely competitive smartphone market you may be even
Dec 24, 2023NewsroomCyber Crime / Data Breach Two British teens part of the LAPSUS$ cyber crime and extortion gang have been sentenced for their roles in orchestrating a string of high-profile attacks against a number of companies. Arion Kurtaj, an 18-year-old from Oxford, has been sentenced to an indefinite hospital order due to his intent
The UK’s secretary of state for justice has warned of a “clear and present danger” to British democracy from deepfakes ahead of the upcoming general election. Robert Buckland made the remarks on BBC Radio 4’s Today program yesterday, claiming the technology delivers a “liar’s dividend” in that, by undermining trust in the veracity of information,
Video How cybercriminals take advantage of the popularity of ChatGPT and other tools of its ilk to direct people to sketchy sites, plus other interesting findings from ESET’s latest Threat Report 22 Dec 2023 This week, the ESET research team released the H2 2023 issue of its Threat Report that looked at the key trends
Dec 22, 2023NewsroomMalware / Cyber Threat Indian government entities and the defense sector have been targeted by a phishing campaign that’s engineered to drop Rust-based malware for intelligence gathering. The activity, first detected in October 2023, has been codenamed Operation RusticWeb by enterprise security firm SEQRITE. “New Rust-based payloads and encrypted PowerShell commands have been
UK telco EE has warned customers they could be deluged with millions of scam SMS messages on December 23 as fraudsters look to capitalize on last-minute Christmas shopping. The mobile operator claimed that the equivalent day last year saw it block three million text message scams (aka “smishing”), the highest daily number in 2022. This
Digital Security Unwrapping a new gadget this holiday season will put a big smile on your face but things may quickly turn sour if the device and data on it aren’t secured properly Phil Muncaster 21 Dec 2023 • , 4 min. read As the festive season approaches, we’re all looking forward to being pampered
Dec 22, 2023NewsroomSkimming / Web Security Threat hunters have discovered a rogue WordPress plugin that’s capable of creating bogus administrator users and injecting malicious JavaScript code to steal credit card information. The skimming activity is part of a Magecart campaign targeting e-commerce websites, according to Sucuri. “As with many other malicious or fake WordPress plugins
ESO Solutions, a data and software provider for emergency responders and healthcare entities, has commenced the notification process for 2.7 million individuals affected by a ransomware attack. The breach, which unfolded on September 28, compelled ESO to shut down systems temporarily to curb the incident’s reach. Although the attackers accessed and encrypted internal systems, ESO said it
Dec 21, 2023NewsroomZero-Day / Mobile Security A new analysis of the sophisticated commercial spyware called Predator has revealed that its ability to persist between reboots is offered as an “add-on feature” and that it depends on the licensing options opted by a customer. “In 2021, Predator spyware couldn’t survive a reboot on the infected Android
Cybersecurity researchers have uncovered a novel targeted malspam operation deploying password-stealing malware. The campaign was discovered by Sophos X-Ops and described in an advisory published today. According to the report, the attackers employed social engineering tactics, utilizing emailed complaints about service issues or requests for information to establish trust with their targets before sending malicious
ESET Research, Threat Reports A view of the H2 2023 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts Jiří Kropáč 19 Dec 2023 • , 2 min. read The second half of 2023 witnessed significant cybersecurity incidents. Cl0p, a notorious cybercriminal group known for carrying
Dec 20, 2023NewsroomNetwork Security / Data Breach Ransomware groups are increasingly switching to remote encryption in their attacks, marking a new escalation in tactics adopted by financially motivated actors to ensure the success of their campaigns. “Companies can have thousands of computers connected to their network, and with remote ransomware, all it takes is one
The takedown of the ALPHV/BlackCat ransomware group’s leak site has been confirmed as a result of global law enforcement action. The FBI is now urging over 500 of the group’s victims to come forward to receive a decryption key that will enable them to restore their systems. A notice on the notorious Ransomware-as-a-Group’s (RaaS) website