Read more about the international crackdown on spyware US Moves to Ban “Anti-Democratic” Spyware US Cracks Down on Spyware with Visa Restrictions Governments and Tech Giants Unite Against Commercial Spyware Global scrutiny on hack-for-hire services and spyware tools has heightened over the past few months, with many countries strengthening their legal response to human rights
Security
A new software supply chain attack is being exploited in the wild, according to security researchers. The technique targets Python applications distributed via the Python Package Index, or PyPI. Researchers at software supply chain security firm JFrog believe that the attack, dubbed “Revival Hijack,” could affect 22,000 existing Python packages. That, in turn, could lead
The US government has set out measures to improve the security for a key part of the internet. The Office of the National Cyber Director (ONCD) has released a roadmap to improve internet routing security, by tackling weaknesses associated with the Border Gateway Protocol (BGP). The ONCD’s roadmap calls for wider adoption of Resource Public
Civil society and journalists’ groups in Europe are calling on the EU to take tougher action against spyware applications. The Center for Democracy and Technology (CDT Europe), and the fellow organizations in a “co-ordination group”, argue that spyware “poses a significant threat to EU democratic values, public debate and healthy civic spaces.” In a joint
Fota Wildlife Park, in County Cork, Ireland, has been forced to advise customers to cancel their payment cards following a cyber-attack. The attraction is warning customers who carried out “financial transactions on our website” between 12 May and 27 August 2024, to cancel their debit or credit cards via their bank. The park says it has
The ransomware group BlackByte, believed to be a spin-off of the infamous Conti group, has been observed by cybersecurity experts exploiting a recently disclosed VMware ESXi vulnerability to gain control over virtual machines and escalate privileges within compromised environments. The pivot, discovered by Cisco Talos Incident Response, shows BlackByte’s ability to quickly integrate new vulnerabilities
In a world-first, a Russian state-sponsored hacking group has used software vulnerability exploits “identical or strikingly similar” to ones previously used by NSO Group and Intellexa, two infamous commercial spyware vendors. In a new report, Google Threat Analysis Group (TAG) shared insights on two watering hole attacks targeting Mongolian government websites between November 2023 and
Published vulnerabilities rose by 43% in H1 2024 compared to H1 2023, with attackers heavily targeting flaws in virtual private networks (VPNs) and other perimeter devices for initial access, a new report from Forescout has found. A total of 23,668 vulnerabilities were reported in the first six months of 2024, with an average of 111
A recent surge in malicious activity involving North Korean-linked threat groups has been identified by cybersecurity researchers, revealing a coordinated campaign targeting thenpm ecosystem. The campaign began on August 12 2024, and involved publishing malicious npm packages designed to infiltrate developer environments and steal sensitive data. The newly discovered packages, including temp-etherscan-api, ethersscan-api and telegram-con, exhibit
LummaC2, an infostealer malware actively exploiting PowerShell commands, has resurfaced to infiltrate and exfiltrate sensitive data. Discovered by cybersecurity researchers at Ontinue, the malware’s latest variant demonstrates sophisticated tactics that pose significant risks to targeted systems. LummaC2, initially identified in Russian-speaking forums in 2022, is a toolwritten in C and distributed as Malware-as-a-Service (MaaS). It
A vulnerability in Microsoft 365 Copilot that allowed attackers to steal users’ sensitive information has been disclosed by a cybersecurity researcher. Johann Rehberger, who discovered the flaw, described the exploit chain in a blog post published on August 26. The attack combines several advanced techniques, including prompt injection, automatic tool invocation and a novel method called
A long-standing but stealthy group allegedly helping cyber-attackers penetrate IT systems by offering CAPTCHA-solving services has recently been discovered. In a new report, Arkose Cyber Threat Intelligence Research (ACTIR) shared that it had identified a cyber-attack enabling business it named Greasy Opal after observing the group’s tools being used to attack Arkose Labs’ customers. Greasy
YouTube has released a new AI troubleshooting tool to help users recover their accounts after they’ve been hacked. The AI chatbot “support assistant” will act as a guide for users to resecure their login and recover their account after its been hacked. Eligible users will be able to access the tool in the YouTube Help
Qilin, the ransomware group believed to be behind the recent Synnovis attack, has been observed stealing credentials stored in Google Chrome after gaining access to a target’s network. Researchers at Sophos X-Ops, who detected the activity, said this is an unusual tactic for ransomware groups, and one that could be a bonus multiplier for the
The US government has filed a lawsuit against the Georgia Institute of Technology (Georgia Tech) and its affiliate Georgia Tech Research Corporation (GTRC) for alleged cybersecurity violations. The Department of Justice (DoJ) has joined a whistleblower to file a “complaint-in-intervention” against the institutions for “knowingly” failing to implement cybersecurity controls as required by their Department
A newly discovered malware, Cthulhu Stealer, has been observed targeting macOS users, marking another significant cybersecurity threat to Apple’s operating system. The tool, identified by Cado Security, operates as a malware-as-a-service (MaaS) and leverages Apple disk images (DMG) to disguise itself as legitimate software. How Cthulhu Stealer Works The Cthulhu Stealer primarily focuses on stealing
A newly discovered remote access Trojan (RAT) family, MoonPeak, has been linked to a North Korean-affiliated threat group known as UAT-5394. This sophisticated malware, based on the open-source XenoRAT, is undergoing active development, showcasing significant enhancements aimed at evading detection and improving functionality, according to recent research from Cisco Talos. Connection to Kimsuky UAT-5394, an
A recently discovered sophisticated mobile phishing technique has been observed in financial fraud campaigns across the Czech Republic, Hungary and Georgia. This phishing method leverages progressive web applications (PWA), these types of web applications offer a native-app-like experience and are gaining momentum on both Android and iOS devices. This technique is noteworthy because it installs
Read more about election security: Potential ransomware attacks during the 2024 election cycle have been deemed unlikely to compromise the security or accuracy of vote casting or counting. The news comes from a public service announcement (PSA) issued on August 15 by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency
National Public Data, a US background check company, suffered a data breach in April 2024 that could have exposed sensitive data records of millions of US, UK and Canadian residents. The Florida-based data broker, which provides access to data from various public record databases, court records, state and national databases and other repositories nationwide, confirmed
Microsoft has announced it is mandating multi-factor authentication (MFA) for all Azure sign-ins. Customers can select from multiple MFA options through Microsoft Entra to meet their needs. These are: Users approving sign-ins from a mobile app using push notifications, biometrics, or one-time passcodes though Microsoft Authenticator FIDO2 security keys, enabling sign-ins without a username or
Two US House of Representatives members have called on the US Department of Commerce to investigate Chinese-made Wi-Fi routers deployed in the US over hacking and espionage concerns. John Moolenaar (R-MI), chairman of the House Select Committee on the Strategic Competition Between the United States and the Chinese Communist Party, and Raja Krishnamoorthi (D-IL), a
Read more about cybersecurity at the Paris Olympics: A new report has revealed a surge in malicious online activities leading up to the Paris Olympic Games, which started on July 26, 2024. Published by cybersecurity researchers at BforeAI today, the new data shows threat actors exploited the popularity of the event by setting up fake
A new sophisticated phishing attack featuring a stealthy infostealer malware that exfiltrates a wide range of sensitive data has been uncovered by threat analysts. This malware not only targets traditional data types like saved passwords but also includes session cookies, credit card information, Bitcoin-related extensions and browsing history. The collected data is then sent as a
Australian gold mining firm Evolution Mining recently reported a ransomware attack on its IT systems, identified on August 8, 2024. In a Monday filing with the Australian Securities Exchange (ASX), the company stated that the incident was contained. “The incident has been proactively managed with a focus on protecting the health, safety and privacy of
A newly discovered vulnerability, identified as CVE-2024-6768, has surfaced in the Common Log File System (CLFS.sys) driver of Windows. This issue, identified by Fortra cybersecurity researcher, Ricardo Narvaja, highlights a flaw that could allow an unprivileged user to cause a system crash, resulting in Blue Screen of Death (BSOD). The vulnerability exists due to improper input
OpenAI has a tool to automatically watermark AI-generated content, but company leadership is split on whether to release it to the public. According to The Wall Street Journal, the company behind ChatGPT started developing a tool capable of labeling content generated by its large language models (LLMs) two years ago. People familiar with the matter
In early July 2024, some of the world’s leading AI companies joined forces to create the Coalition for Secure AI (CoSAI). During a conversation with Infosecurity at Black Hat USA 2024, Jason Clinton, CISO at Anthropic, one of CoSAI’s founding members, explained some of the key goals of the new coalition and the cybersecurity focus
One of the US Cybersecurity and Infrastructure Security Agency’s (CISA) flagship initiatives is Secure by Design, launched in 2023. Now, the agency is imploring software customers to take the approach of Secure by Demand. This was the message given by CISA director Jen Easterly during the primary stage talk at Black Hat USA. “You have to
As the 2024 US election approaches, cybersecurity leaders intensify their efforts to safeguard the democratic process, drawing insights from global partners to address evolving threats. Jen Easterly, the director of the US Cybersecurity and Infrastructure Security Agency (CISA) spoke at Black Hat USA about her confidence in the integrity of the nation’s election officials. However,
- 1
- 2
- 3
- …
- 56
- Next Page »