Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries
The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its attacks targeting Southeast Asian telecommunications companies. Trend Micro, which described the hacking group as an aggressive advanced persistent threat (APT), said the intrusions also involved the use of another cross-platform backdoor dubbed
Published on: November 26, 2024 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
RomCom exploits Firefox and Windows zero days in the wild
ESET Research details the analysis of a previously unknown vulnerability in Mozilla products exploited in the wild and another previously unknown Microsoft Windows vulnerability, combined in a zero-click exploit
Published on: November 26, 2024 | Source:CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched critical security flaw impacting Array Networks AG and vxAG secure access gateways to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation in the wild. The vulnerability, tracked as CVE-2023-28461 (CVSS score: 9.8), concerns a case of missing authentication that
Published on: November 26, 2024 | Source:Malware linked to Salt Typhoon used to hack telcos around the world
A report from Trend Micro details the highly sophisticated ways Salt Typhoon carries out its operations. The post Malware linked to Salt Typhoon used to hack telcos around the world appeared first on CyberScoop.
Published on: November 26, 2024 | Source:Ransomware Attack on Blue Yonder Hits Starbucks, Supermarkets
The incident is typical of the heightened threats organizations face during the holidays, when most companies reduce their security operations staff by around 50%.
Published on: November 25, 2024 | Source:Phishing Prevention Framework Reduces Incidents by Half
The anti-fraud plan calls for companies to create a pipeline for compiling attack information, along with formal processes to disseminate that intelligence across business groups.
Published on: November 25, 2024 | Source:BlackBasta Ransomware Brand Picks Up Where Conti Left Off
New analysis says law enforcement efforts against Russian-language ransomware-as-a-service (RaaS) infrastructure helped consolidate influence behind BlackBasta, but some experts aren't so sure the brand means that much.
Published on: November 25, 2024 | Source:Fancy Bear 'Nearest Neighbor' Attack Uses Nearby Wi-Fi Network
In a "new class of attack," the Russian APT breached a target in Washington, DC, by credential-stuffing wireless networks in close proximity to it and daisy-chaining a vector together in a resourceful and creative way, according to researchers.
Published on: November 25, 2024 | Source:Closing the Cybersecurity Career Diversity Gap
Diversity isn't just an issue of fairness β it's about operational excellence and ensuring we have the best possible teams defending our national security.
Published on: November 25, 2024 | Source:Google's New Restore Credentials Tool Simplifies App Login After Android Migration
Google has introduced a new feature called Restore Credentials to help users restore their account access to third-party apps securely after migrating to a new Android device. Part of Android's Credential Manager API, the feature aims to reduce the hassle of re-entering the login credentials for every app during the handset replacement. "With Restore Credentials, apps can seamlessly onboard
Published on: November 25, 2024 | Source:An opportunity for Trumpβs deregulation journey: Cybersecurity harmonization
The incoming administration should lean into its efficiency push by taking on the patchwork system of cyber regulations. The post An opportunity for Trumpβs deregulation journey: Cybersecurity harmonization appeared first on CyberScoop.
Published on: November 25, 2024 | Source:PyPI Python Library "aiocpa" Found Exfiltrating Crypto Keys via Telegram Bot
The administrators of the Python Package Index (PyPI) repository have quarantined the package "aiocpa" following a new update that included malicious code to exfiltrate private keys via Telegram. The package in question is described as a synchronous and asynchronous Crypto Pay API client. The package, originally released in September 2024, has been downloaded 12,100 times to date. By putting the
Published on: November 25, 2024 | Source:Security Analysis of the MERGE Voting Protocol
Interesting analysis: An Internet Voting System Fatally Flawed in Creative New Ways. Abstract: The recently published βMERGEβ protocol is designed to be used in the prototype CAC-vote system. The voting kiosk and protocol transmit votes over the internet and then transmit voter-verifiable paper ballots through the mail. In the MERGE protocol, the votes transmitted over the internet are used to tabulate the results and...
Published on: November 25, 2024 | Source:Flying Under the Radar - Security Evasion Techniques
Dive into the evolution of phishing and malware evasion techniques and understand how attackers are using increasingly sophisticated methods to bypass security measures. The Evolution of Phishing Attacks βI really like the saying that βThis is out of scopeβ said no hacker ever. Whether itβs tricks, techniques or technologies, hackers will do anything to evade detection and make sure their
Published on: November 25, 2024 | Source:THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 18 - Nov 24)
We hear terms like βstate-sponsored attacksβ and βcritical vulnerabilitiesβ all the time, but whatβs really going on behind those words? This weekβs cybersecurity news isnβt just about hackers and headlinesβitβs about how digital risks shape our lives in ways we might not even realize. For instance, telecom networks being breached isnβt just about stolen dataβitβs about power. Hackers are
Published on: November 25, 2024 | Source:Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks
Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code (IaC) and policy-as-code (PaC) tools like HashiCorp's Terraform and Styra's Open Policy Agent (OPA) that leverage dedicated, domain-specific languages (DSLs) to breach cloud platforms and exfiltrate data. "Since these are hardened languages with limited capabilities, they're supposed to be more
Published on: November 25, 2024 | Source:Researchers Uncover Malware Using BYOVD to Bypass Antivirus Protections
Cybersecurity researchers have uncovered a new malicious campaign that leverages a technique called Bring Your Own Vulnerable Driver (BYOVD) to disarm security protections and ultimately gain access to the infected system. "This malware takes a more sinister route: it drops a legitimate Avast Anti-Rootkit driver (aswArPot.sys) and manipulates it to carry out its destructive agenda," Trellix
Published on: November 25, 2024 | Source:Google Exposes GLASSBRIDGE: A Pro-China Influence Network of Fake News Sites
Government agencies and non-governmental organizations in the United States have become the target of a nascent China state threat actor known as Storm-2077. The adversary, believed to be active since at least January 2024, has also conducted cyber attacks against the Defense Industrial Base (DIB), aviation, telecommunications, and financial and legal services across the world, Microsoft said.
Published on: November 23, 2024 | Source:North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn
The North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of social engineering campaigns orchestrated over a six-month period. These findings come from Microsoft, which said that multiple threat activity clusters with ties to the country have been observed creating fake profiles on LinkedIn, posing as both
Published on: November 23, 2024 | Source:Friday Squid Blogging: Transcriptome Analysis of the Indian Squid
Lots of details that are beyond me. Blog moderation policy.
Published on: November 22, 2024 | Source:Faux ChatGPT, Claude API Packages Deliver JarkaStealer
Attackers are betting that the hype around generative AI (GenAI) is attracting less technical, less cautious developers who might be more inclined to download an open source Python code package for free access, without vetting it or thinking twice.
Published on: November 22, 2024 | Source:Stronger cyber protections in health care targeted in new Senate bill
The bipartisan legislation from four senators is aimed at strengthening providersβ cyber defenses and protecting Americansβ health data. The post Stronger cyber protections in health care targeted in new Senate bill appeared first on CyberScoop.
Published on: November 22, 2024 | Source:Yakuza Victim Data Leaked in Japanese Agency Attack
A local government resource for helping Japanese citizens cut ties with organized crime was successfully phished in a tech support scam, and could have dangerous consequences.
Published on: November 22, 2024 | Source:What Talent Gap? Hiring Practices Are the Real Problem
While the need for cybersecurity talent still exists, the budget may not. Here's how to maximize security staff despite hiring freezes.
Published on: November 22, 2024 | Source:APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell Malware
The threat actor known as Mysterious Elephant has been observed using an advanced version of malware called Asyncshell. The attack campaign is said to have used Hajj-themed lures to trick victims into executing a malicious payload under the guise of a Microsoft Compiled HTML Help (CHM) file, the Knownsec 404 team said in an analysis published today. Mysterious Elephant, which is also known as
Published on: November 22, 2024 | Source:Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia
Threat actors with ties to Russia have been linked to a cyber espionage campaign aimed at organizations in Central Asia, East Asia, and Europe. Recorded Future's Insikt Group, which has assigned the activity cluster the name TAG-110, said it overlaps with a threat group tracked by the Computer Emergency Response Team of Ukraine (CERT-UA) as UAC-0063, which, in turn, overlaps with APT28. The
Published on: November 22, 2024 | Source:Leaky Cybersecurity Holes Put Water Systems at Risk
At least 97 major water systems in the US have serious cybersecurity vulnerabilities and compliance issues, raising concerns that cyberattacks could disrupt businesses, industry, and the lives of millions of citizens.
Published on: November 22, 2024 | Source:China-Linked TAG-112 Targets Tibetan Media with Cobalt Strike Espionage Campaign
A China-linked nation-state group called TAG-112 compromised Tibetan media and university websites in a new cyber espionage campaign designed to facilitate the delivery of the Cobalt Strike post-exploitation toolkit for follow-on information collection. "The attackers embedded malicious JavaScript in these sites, which spoofed a TLS certificate error to trick visitors into downloading a
Published on: November 22, 2024 | Source:Going Beyond Secure by Demand
Secure by Demand offers a starting point for third-party risk management teams, but they need to take the essential step of using a mature software supply chain security solution to ensure they're not blindly trusting a provider's software.
Published on: November 22, 2024 | Source:China's Cyber Offensives Built in Lockstep With Private Firms, Academia
The scale of Beijing's systematic tapping of private industry and universities to build up its formidable hacking and cyber-warfare capabilities is larger than previously understood.
Published on: November 22, 2024 | Source:Microsoft Highlights Security Exposure Management at Ignite
Building on its broad security portfolio, Microsoft's new exposure management is now available in the Microsoft Defender portal, with third-party connectors on the way.
Published on: November 22, 2024 | Source:The Scale of Geoblocking by Nation
Interesting analysis: We introduce and explore a little-known threat to digital equality and freedomwebsites geoblocking users in response to political risks from sanctions. U.S. policy prioritizes internet freedom and access to information in repressive regimes. Clarifying distinctions between free and paid websites, allowing trunk cables to repressive states, enforcing transparency in geoblocking, and removing...
Published on: November 22, 2024 | Source:Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?
Google Workspace has quickly become the productivity backbone for businesses worldwide, offering an all-in-one suite with email, cloud storage and collaboration tools. This single-platform approach makes it easy for teams to connect and work efficiently, no matter where they are, enabling seamless digital transformation thatβs both scalable and adaptable. As companies shift from traditional,
Published on: November 22, 2024 | Source:Microsoft, Meta, and DOJ Disrupt Global Cybercrime and Fraudulent Networks
Meta Platforms, Microsoft, and the U.S. Department of Justice (DoJ) have announced independent actions to tackle cybercrime and disrupt services that enable scams, fraud, and phishing attacks. To that end, Microsoft's Digital Crimes Unit (DCU) said it seized 240 fraudulent websites associated with an Egypt-based cybercrime facilitator named Abanoub Nady (aka MRxC0DER and mrxc0derii), who
Published on: November 22, 2024 | Source:PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries
Cybersecurity researchers have discovered two malicious packages uploaded to the Python Package Index (PyPI) repository that impersonated popular artificial intelligence (AI) models like OpenAI ChatGPT and Anthropic Claude to deliver an information stealer called JarkaStealer. The packages, named gptplus and claudeai-eng, were uploaded by a user named "Xeroline" in November 2023, attracting
Published on: November 22, 2024 | Source: