Security

0 Comments
Security researchers have observed a new DoppelGänger campaign dubbed Operation Matriochka aimed at challenging the credibility of journalists and fact-checkers since May 2022.  By leveraging X (formerly Twitter), the operation not only disseminated disinformation articles but also engaged in commenting and sharing to prompt further investigation. According to a technical write-up published by the Sekoia
0 Comments
A new report has revealed that 59% of geographically distributed businesses encounter network issues at least once a month.  Kaspersky’s findings, titled “Managing geographically distributed businesses: challenges and solutions,” highlight the frequent network outages, lost connections and poor performance of services and applications that these companies face. The study also shows that 46% of these businesses
0 Comments
Australian healthcare company MediSecure has suffered a “large scale” ransomware attack, putting individuals’ personal and health information at risk. The electronic prescriptions provider confirmed the incident in a statement on May 16, which it admitted has impacted the personal and health information of individuals. The company confirmed that the attack was caused by an attack
0 Comments
A new banking Trojan targeting Android devices has been detected by Cyble Research and Intelligence Labs (CRIL), the research branch of threat intelligence provider Cycble. In a report published on May 16, CRIL described sophisticated malware incorporating a range of malicious features, including overlay attacks, keylogging and obfuscation capabilities. The researchers called the Trojan “Antidot”
0 Comments
Security researchers have detected Storm-1811, a financially motivated cybercriminal group, exploiting Quick Assist, a client management tool, in social engineering attacks.  According to a technical blog post published by Microsoft on Wednesday, Storm-1811, notorious for deploying Black Basta ransomware, has been observed initiating these attacks through voice phishing (vishing) since mid-April 2024, employing tactics like
0 Comments
A cyber-attack has disrupted auction house Christie’s attempts to sell art and other high-value items worth an estimated $840m. Among the items up for auction are a Vincent van Gogh painting valued at $35m and a rare wine.  The cyber-attack has taken Christie’s website offline, possibly last week, preventing potential buyers from viewing the lots
0 Comments
Since 2005, educational institutions in the United States have experienced 3713 data breaches, impacting over 37.6m records.  According to new data by Comparitech, 2023 marked a record year, with 954 breaches recorded – a dramatic rise from 139 in 2022 and 783 in 2021. This surge was primarily attributed to MOVEit file transfer software vulnerabilities,
0 Comments
Critical vulnerabilities have been found within Cinterion cellular modems. Disclosed during a Kaspersky presentation at OffensiveCon in Berlin on May 11, these flaws could allow remote attackers to execute arbitrary code, posing a significant threat to the integrity of millions of industrial devices reliant on these modems. The identified vulnerabilities, including CVE-2023-47610, highlight severe security weaknesses within
0 Comments
As cybercriminals and threat actors increase their tooling and capabilities, new sophisticated attack techniques are emerging and it is vital that defenders stay abreast of this evolution. Daniel Blackford, senior manager, threat research at Proofpoint, explained: “A lot of money is following into the hands of bad actors, they’re being very successful. That has allowed
0 Comments
Global mobile banking malware has grown by 32% compared to 2022, according to data from Kaspersky’s latest annual Financial Threats Report for 2023. The report, published on May 6, highlighted a surge in attacks targeting Android users, with Afghanistan, Turkmenistan and Tajikistan experiencing the highest share of encounters with banking Trojans. Notably, Turkey leads in mobile
0 Comments
Data breaches and device losses within UK government departments have potentially put the information of over 10,000 customers at risk. The findings come from Apricorn, a manufacturer of hardware-encrypted USB drives, based on a compilation of annual Freedom of Information (FOI) responses. Disclosed today, the figures reveal alarming statistics regarding breaches reported to the Information
0 Comments
Microsoft’s research team has unearthed a concerning vulnerability pattern in numerous popular Android applications, posing significant security risks to billions of users worldwide.  The identified vulnerability pattern, linked to path traversal, enables a malicious application to manipulate files within the vulnerable app’s home directory. The impact of this vulnerability reportedly extended to several widely used
0 Comments
Indonesia has become a hub for spyware and surveillance tools that threaten citizens’ rights and privacy, Amnesty International has found. Building on existing research into the sale of surveillance technologies to Indonesia, the NGO has conducted a months-long investigation in collaboration with several media outlets in Switzerland, Greece, Israel and Indonesia. Amnesty International found evidence
0 Comments
North Korean threat actors are exploiting weak email policies to spoof legitimate domains during espionage phishing campaigns, a new US government advisory has warned. The FBI, the US Department of State and the National Security Agency (NSA) said North Korea-linked Kimsuky group is exploiting poorly configured DNS Domain-based Message Authentication, Reporting and Conformance (DMARC) protocols
0 Comments
The ransomware attack that hit US health tech titan Change Healthcare earlier this year was orchestrated by hackers who leveraged stolen credentials to infiltrate the company’s systems lacking multi-factor authentication (MFA).  The revelation surfaced in UnitedHealth CEO Andrew Witty’s written testimony submitted before a House subcommittee hearing today, which is set to probe the February
0 Comments
Three large-scale malware campaigns have infiltrated Docker Hub, deploying millions of malicious “imageless” containers. The data comes from JFrog’s security research team, which recently revealed a concerning trend within Docker Hub. The platform, known for facilitating Docker image development, collaboration and distribution, hosts over 12.5 million repositories. However, according to JFrog, approximately 25% of these repositories
0 Comments
US government and critical infrastructure entities were sent 1754 ransomware vulnerability notifications under the Ransomware Vulnerability Warning Pilot (RVWP) program in 2023, resulting in 852 vulnerable devices being secured or taken offline. The highest number of alerts were sent to government facilities (641), which encompasses a range of federal, state and local government organizations, including
0 Comments
A state-sponsored threat actor has launched a sophisticated cyber espionage campaign that exploits two vulnerabilities in Cisco firewall platforms, according to an advisory from Cisco Talos. The campaign, dubbed ArcaneDoor, targets perimeter network devices to enable the attacker to undertake a range of actions inside an organization’s systems, including rerouting or modifying traffic and monitoring
0 Comments
The US Treasury has sanctioned several companies and individuals that have conducted cyber operations against American businesses and government entities on behalf of the Iranian regime. The companies in question acted as “fronts” for the Iranian Islamic Revolutionary Guard Corps Cyber Electronic Command (IRGC-CEC) to attack US businesses and government entities using techniques like spear
0 Comments
In a move away from traditional phishing scams, attackers are increasingly exploiting vulnerabilities in computer systems to gain initial network access, according to Mandiant’s M-Trends 2024 Report. In 2023, attackers gained initial access through exploiting vulnerabilities in 38% of intrusions, a 6% increase from the previous year. Mandiant also found phishing’s prevalence declined from 22%
0 Comments
A dependency confusion vulnerability has been found within an archived Apache project.  According to new data by Legit Security, who made the discovery, the finding underscores the importance of scrutinizing third-party projects and dependencies, particularly those archived and potentially neglected in terms of updates and security patches.  The technical post, published today, suggests that despite