Latest Cybersecurity News and Articles

---

Hacked London NHS hospitals data allegedly published online

Cyber-attack earlier this month led to cancellation of almost 1,600 operations and outpatient appointmentsData from a ransomware attack has allegedly been published online weeks after the attack halted operations and tests in major London hospitals, NHS England has said.A Russian group is believed to have carried out the cyber-attack on Synnovis, a private pathology firm that analyses blood tests for Guy’s and St Thomas’ NHS foundation trust (GSTT) and King’s College trust, on 3 June, forcing hospitals in the capital to cancel almost 1,600 operations and outpatient appointments. Continue reading...

---

U.S. Bans Kaspersky Software, Citing National Security Risks

The U.S. Department of Commerce's Bureau of Industry and Security (BIS) on Thursday announced a "first of its kind" ban that prohibits Kaspersky Lab's U.S. subsidiary from directly or indirectly offering its security software in the country. The blockade also extends to the cybersecurity company's affiliates, subsidiaries and parent companies, the department said, adding the action is based on

---

US bans sales of Kaspersky antivirus software over Russia ties

Washington says Moscow’s influence over company poses significant risk, as Kaspersky argues its activities do not threaten US securityJoe Biden’s administration has banned Russia-based cybersecurity firm Kaspersky from providing its popular antivirus products in the US over national security concerns.“Kaspersky will generally no longer be able to, among other activities, sell its software within the United States or provide updates to software already in use,” said a commerce department statement. The announcement came after a lengthy investigation found Kaspersky’s “continued operations in the United States presented a national security risk due to the Russian government’s offensive cyber capabilities and capacity to influence or direct Kaspersky’s operations”. Continue reading...

---

CISO security & business continuity insights: lessons from an undersea cable blackout

Issam El Haddioui: Head of Security Engineering, EMEA – Africa | Security Evangelist with the Office of the CTO. Issam El Haddioui has held multiple technical leadership and management roles with major cyber security vendors in different countries. He has 20+ years’ experience in worldwide consulting, designing, and implementing security architectures across verticals. He holds […] The post CISO security & business continuity insights: lessons from an undersea cable blackout appeared first on CyberTalk.

---

KrebsOnSecurity Threatened with Defamation Lawsuit Over Fake Radaris CEO

On March 8, 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in Massachusetts who operated multiple Russian language dating services and affiliate programs, in addition to a dizzying array of people-search websites. The subjects of that piece are threatening to sue KrebsOnSecurity for defamation unless the story is retracted. Meanwhile, their attorney has admitted that the person Radaris named as the CEO from its inception is a fabricated identity.

---

10 web application firewall benefits to keep top of mind

EXECUTIVE SUMMARY: These days, web-based applications handle everything from customer data to financial transactions. As a result, for cyber criminals, they represent attractive targets. This is where Web Application Firewalls (or WAFs) come into play. A WAF functions as a private security guard for a web-based application or site; always on-guard, in search of suspicious […] The post 10 web application firewall benefits to keep top of mind appeared first on CyberTalk.

---

Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs

Cybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors. Tracked as CVE-2024-0762 (CVSS score: 7.5), the "UEFIcanhazbufferoverflow" vulnerability has been described as a case of a buffer overflow stemming from the use of an unsafe variable in the Trusted Platform

---

French Diplomatic Entities Targeted in Russian-Linked Cyber Attacks

State-sponsored actors with ties to Russia have been linked to targeted cyber attacks aimed at French diplomatic entities, the country's information security agency ANSSI said in an advisory. The attacks have been attributed to a cluster tracked by Microsoft under the name Midnight Blizzard (formerly Nobelium), which overlaps with activity tracked as APT29, BlueBravo, Cloaked Ursa, Cozy Bear,

---

Tool Overload: Why MSPs Are Still Drowning with Countless Cybersecurity Tools in 2024

Highlights Complex Tool Landscape: Explore the wide array of cybersecurity tools used by MSPs, highlighting the common challenge of managing multiple systems that may overlap in functionality but lack integration.Top Cybersecurity Challenges: Discuss the main challenges MSPs face, including integration issues, limited visibility across systems, and the high cost and complexity of maintaining

---

Chinese Cyber Espionage Targets Telecom Operators in Asia Since 2021

Cyber espionage groups associated with China have been linked to a long-running campaign that has infiltrated several telecom operators located in a single Asian country at least since 2021. "The attackers placed backdoors on the networks of targeted companies and also attempted to steal credentials," the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News

---

New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration

A new Rust-based information stealer malware called Fickle Stealer has been observed being delivered via multiple attack chains with the goal of harvesting sensitive information from compromised hosts. Fortinet FortiGuard Labs said it's aware of four different distribution methods -- namely VBA dropper, VBA downloader, link downloader, and executable downloader -- with some of them using a

---

Experts Uncover New Evasive SquidLoader Malware Targeting Chinese Organizations

Cybersecurity researchers have uncovered a new evasive malware loader named SquidLoader that spreads via phishing campaigns targeting Chinese organizations. AT&T LevelBlue Labs, which first observed the malware in late April 2024, said it incorporates features that are designed to thwart static and dynamic analysis and ultimately evade detection. Attack chains leverage phishing emails that

---

Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flaw

Crypto exchange Kraken revealed that an unnamed security researcher exploited an "extremely critical" zero-day flaw in its platform to steal $3 million in digital assets and refused to return them. Details of the incident were shared by Kraken's Chief Security Officer, Nick Percoco, on X (formerly Twitter), stating it received a Bug Bounty program alert about a bug that "allowed them to

---

Chinese Cyber Espionage Group Exploits Fortinet, Ivanti and VMware Zero-Days

The China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has been observed utilizing multiple persistence mechanisms in order to maintain unfettered access to compromised environments. "Persistence mechanisms encompassed network devices, hypervisors, and virtual machines, ensuring alternative channels remain available

---

Geopolitical, cyber and security implications of upcoming British election - Episode 23

In episode 23 of the Cybersecurity & Geopolitical Discussion, our trio of hosts debate pull apart the scenario of the upcoming UK election to uncover what the impact could be on national and global security.

---

New Case Study: Unmanaged GTM Tags Become a Security Nightmare

Are your tags really safe with Google Tag Manager? If you've been thinking that using GTM means that your tracking tags and pixels are safely managed, then it might be time to think again. In this article we look at how a big-ticket seller that does business on every continent came unstuck when it forgot that you can’t afford to allow tags to go unmanaged or become misconfigured.  Read the

---

Void Arachne Uses Deepfakes and AI to Deliver Malicious VPNs to Chinese Users

Chinese-speaking users are the target of a never-before-seen threat activity cluster codenamed Void Arachne that employs malicious Windows Installer (MSI) files for virtual private networks (VPNs) to deliver a command-and-control (C&C) framework called Winos 4.0. "The campaign also promotes compromised MSI files embedded with nudifiers and deepfake pornography-generating software, as well as

---

Warning: Markopolo's Scam Targeting Crypto Users via Fake Meeting Software

A threat actor who goes by alias markopolo has been identified as behind a large-scale cross-platform scam that targets digital currency users on social media with information stealer malware and carries out cryptocurrency theft. The attack chains involve the use of a purported virtual meeting software named Vortax (and 23 other apps) that are used as a conduit to deliver Rhadamanthys, StealC,

---

Mailcow Mail Server Flaws Expose Servers to Remote Code Execution

Two security vulnerabilities have been disclosed in the Mailcow open-source mail server suite that could be exploited by malicious actors to achieve arbitrary code execution on susceptible instances. Both shortcomings impact all versions of the software prior to version 2024-04, which was released on April 4, 2024. The issues were responsibly disclosed by SonarSource on March 22, 2024. The flaws

---

The societal implications of digital WMDs

Bryan Neilson is an experienced Cyberspace & Intelligence Operations professional who built his career supporting Cyberspace Operations, Intelligence Collection, and Counterintelligence for the U.S. Intelligence Community. Bryan’s work, which has spanned the globe, can be directly tied to saving the lives of countless officers and assets, enabling of kinetic military objectives, and helping to build […] The post The societal implications of digital WMDs appeared first on CyberTalk.