Medieval castles stood as impregnable fortresses for centuries, thanks to their meticulous design. Fast forward to the digital age, and this medieval wisdom still echoes in cybersecurity. Like castles with strategic layouts to withstand attacks, the Defense-in-Depth strategy is the modern counterpart — a multi-layered approach with strategic redundancy and a blend of passive and
ESET researchers have recently unveiled a highly sophisticated implant known as NSPX30, which has been linked to a newly identified Advanced Persistent Threat (APT) group named Blackwood. The findings, detailed in a Wednesday publication on the ESET blog, indicate that Blackwood has been actively engaged in cyber-espionage since at least 2018. From a technical standpoint,
ESET researchers provide an analysis of an attack carried out by a previously undisclosed China-aligned threat actor we have named Blackwood, and that we believe has been operating since at least 2018. The attackers deliver a sophisticated implant, which we named NSPX30, through adversary-in-the-middle (AitM) attacks hijacking update requests from legitimate software. Key points in
Jan 25, 2024NewsroomRemote Access Trojan Cybersecurity researchers have shed light on the command-and-control (C2) server of a known malware family called SystemBC. “SystemBC can be purchased on underground marketplaces and is supplied in an archive containing the implant, a command-and-control (C2) server, and a web administration portal written in PHP,” Kroll said in an analysis
Security researchers have observed a notable surge in dark web discussions regarding the illicit use of ChatGPT and other Large Language Models (LLMs), according to findings from Kaspersky’s Digital Footprint Intelligence service in 2023. Nearly 3000 dark web posts were identified, focusing on a spectrum of cyber-threats, from creating malicious chatbot versions to exploring alternative
Scams As AI-powered voice cloning turbocharges imposter scams, we sit down with ESET’s Jake Moore to discuss how to hang up on ‘hi-fi’ scam calls – and what the future holds for deepfake detection Cameron Camp 23 Jan 2024 • , 4 min. read Would you fall for a faked call from your CEO asking
Jan 24, 2024NewsroomCloud Security / Kubernetes Cybersecurity researchers have discovered a loophole impacting Google Kubernetes Engine (GKE) that could be potentially exploited by threat actors with a Google account to take control of a Kubernetes cluster. The critical shortcoming has been codenamed Sys:All by cloud security firm Orca. As many as 250,000 active GKE clusters
Security researchers have uncovered two new malicious packages on the npm open source package manager that utilized GitHub to store stolen Base64-encrypted SSH keys taken from developer systems. These packages, identified earlier this month, have since been removed from npm. According to a ReversingLabs report published today, this discovery highlights an ongoing trend of cybercriminals
The threat actors behind ClearFake, SocGholish, and dozens of other actors have established partnerships with another entity known as VexTrio as part of a massive “criminal affiliate program,” new findings from Infoblox reveal. The latest development demonstrates the “breadth of their activities and depth of their connections within the cybercrime industry,” the company said, describing
LoanDepot, one of the largest US-based retail mortgage lenders, has confirmed that around 16.6 million of its customers have had their personal information stolen. In a new filing to the US Securities and Exchange Commission (SEC) on January 22, LoanDepot gave further detail about the cyber incident that affected the firm’s computer systems on January
Jan 22, 2024NewsroomCyber Attack / Hacking Media organizations and high-profile experts in North Korean affairs have been at the receiving end of a new campaign orchestrated by a threat actor known as ScarCruft in December 2023. “ScarCruft has been experimenting with new infection chains, including the use of a technical threat research report as a
Security researchers have uncovered a novel cyber-attack campaign targeting vulnerable Docker services. The attacks mark the first documented case of malware utilizing the 9hits application as a payload. Discovered by Cado Security Labs, the campaign deploys two containers to the vulnerable Docker instance – a standard XMRig miner and the 9hits viewer application. The latter
Jan 20, 2024NewsroomNetwork Security / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch (FCEB) agencies to implement mitigations against two actively exploited zero-day flaws in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) products. The development came after the vulnerabilities –
South Africa, known to be ‘the world’s most internet-addicted country,’ finds itself plagued by the internet’s dark underbelly: ransomware. It is the most targeted nation in Africa for these cyber-attacks and places eighth globally, according to the South African Council for Scientific and Industrial Research. Despite its digital dependency, the country’s cyber strategy is still
Video The job of a CISO is becoming increasingly stressful as cybersecurity chiefs face overwhelming workloads and growing concerns over personal liability for security failings 19 Jan 2024 The job of a chief information security officer (CISO) is becoming increasingly stressful, to the point that some security leaders are seeking out more peaceful career paths.
Jan 20, 2024NewsroomZero Day / Cyber Espionage An advanced China-nexus cyber espionage group previously linked to the exploitation of security flaws in VMware and Fortinet appliances has been linked to the abuse of a critical vulnerability in VMware vCenter Server as a zero-day since late 2021. “UNC3886 has a track record of utilizing zero-day vulnerabilities
Russian threat group Coldriver has expanded its targeting of Western officials with the use of malware to steal sensitive data, Google’s Threat Analysis Group (TAG) has revealed. Coldriver, AKA Star Blizzard, is linked to Russia’s intelligence service, the FSB. It is known to focus on credential phishing campaigns targeting high-profile NGOs, former intelligence and military
Scams Phone fraud takes a frightening twist as fraudsters can tap into AI to cause serious emotional and financial damage to the victims Phil Muncaster 18 Jan 2024 • , 4 min. read It’s every parent’s worst nightmare. You get a call from an unknown number and on the other end of the line hear
Jan 19, 2024NewsroomMalware / Endpoint Security Pirated applications targeting Apple macOS users have been observed containing a backdoor capable of granting attackers remote control to infected machines. “These applications are being hosted on Chinese pirating websites in order to gain victims,” Jamf Threat Labs researchers Ferdous Saljooki and Jaron Bradley said. “Once detonated, the malware
Cybersecurity researchers at Proofpoint have identified the resurgence of TA866 in email threat campaigns after a hiatus of nine months. Writing in an advisory published today, the firm said it thwarted a large-scale campaign on January 11 involving several thousand emails primarily targeting North America. The malicious emails, adopting an invoice-themed guise, were equipped with
Scams, Digital Security Here are some scams you may encounter on the shopping juggernaut, plus a few simple steps you can take to help safeguard your data while bagging that irresistible deal Phil Muncaster 17 Jan 2024 • , 5 min. read If you’re on social media or use Google Shopping, the chances are you’ve
Jan 18, 2024NewsroomServer Security / Cryptocurrency Vulnerable Docker services are being targeted by a novel campaign in which the threat actors are deploying XMRig cryptocurrency miner as well as the 9Hits Viewer software as part of a multi-pronged monetization strategy. “This is the first documented case of malware deploying the 9Hits application as a payload,”
The heightened utilization of AI tools and potential vulnerabilities in gaming have been identified as crucial cybersecurity concerns for children in 2024, according to a new report by Kaspersky. The document, published today, also highlights the growth of FinTech for young people, the rising popularity of smart home devices and the challenge of balancing children’s
Business Security By eliminating these mistakes and blind spots, your organization can take massive strides towards optimizing its use of cloud without exposing itself to cyber-risk Phil Muncaster 16 Jan 2024 • , 5 min. read Cloud computing is an essential component of today’s digital landscape. IT infrastructure, platforms and software are more likely to
Jan 17, 2024NewsroomFinancial Data / Vulnerability The point-of-sale (PoS) terminals from PAX Technology are impacted by a collection of high-severity vulnerabilities that can be weaponized by threat actors to execute arbitrary code. The STM Cyber R&D team, which reverse engineered the Android-based devices manufactured by the Chinese firm owing to their rapid deployment in Poland,
Cybersecurity experts have uncovered the active exploitation of CVE-2023-36025, which also led to the dissemination of a new strain of malware called Phemedrone Stealer. This malware explicitly targets web browsers and collects data from cryptocurrency wallets and messaging applications like Telegram, Steam and Discord. Additionally, Phemedrone gathers system information, including hardware details and location, sending
Jan 16, 2024NewsroomVulnerability / Network Security Over 178,000 SonicWall firewalls exposed over the internet are exploitable to at least one of the two security flaws that could be potentially exploited to cause a denial-of-service (DoS) condition and remote code execution (RCE). “The two issues are fundamentally the same but exploitable at different HTTP URI paths
Security researchers have discovered a significant increase in global botnet activity between December 2023 and the first week of January 2024, with spikes observed exceeding one million devices. Writing in an advisory published on Friday, Netscout ASERT explained that, on a typical day, approximately 10,000 such devices engaged in malicious reconnaissance scanning last year, with
Jan 15, 2024NewsroomVulnerability / Browser Security Cybersecurity researchers have disclosed a security flaw in the Opera web browser for Microsoft Windows and Apple macOS that could be exploited to execute any file on the underlying operating system. The remote code execution vulnerability has been codenamed MyFlaw by the Guardio Labs research team owing to the
A vulnerability has been discovered in a popular Bosch smart thermostat, allowing potential attackers to send commands to the device and replace its firmware, according to Bitdefender. The vulnerability impacts the Wi-Fi microcontroller that acts as a network gateway for the thermostat’s logic microcontroller. The Bosch smart thermostat products BCC101, BCC102 and BCC50, from version
- « Previous Page
- 1
- …
- 19
- 20
- 21
- 22
- 23
- …
- 130
- Next Page »