Latest Cybersecurity News and Articles
22 March 2023
SentinelOne spotted the Winter Vivern APT group targeting Polish government agencies, Indian government entities, the Ukraine Ministry of Foreign Affairs, and the Italy Ministry of Foreign Affairs in cyberespionage campaigns since 2021.
22 March 2023
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released eight Industrial Control Systems (ICS) advisories on Tuesday, warning of critical flaws affecting equipment from Delta Electronics and Rockwell Automation.
This includes 13 security vulnerabilities in Delta Electronics' InfraSuite Device Master, a real-time device monitoring software. All versions prior to 1.0.5 are
22 March 2023
“Should they click on the ‘apply’ button contained on these scam web pages, victims are redirected to phishing websites that the scammers create to harvest the credentials of victims’ social network accounts,” reads the advisory by Group-IB.
22 March 2023
How should security leaders implement zero trust?
Find out more in this Security podcast episode featuring Mark Ruchie, CISO at Entrust.
22 March 2023
According to researchers at SentinelOne, the gang has lately shifted to DLL hijacking via Microsoft Distributed Transaction Coordinator (MSDTC) to extract and launch ransomware payloads.
22 March 2023
The North Korean advanced persistent threat (APT) actor dubbed ScarCruft is using weaponized Microsoft Compiled HTML Help (CHM) files to download additional malware.
According to multiple reports from AhnLab Security Emergency response Center (ASEC), SEKOIA.IO, and Zscaler, the findings are illustrative of the group's continuous efforts to refine and retool its tactics to sidestep detection.
"
22 March 2023
When opening a file in the Windows 11 Snipping Tool and overwriting an existing file, instead of truncating any unused data, it leaves the unused data behind, allowing it to be partially recovered.
22 March 2023
Italian car manufacturer Ferrari confirmed this week it was the target of a cyberattack with a ransom demand related to certain client contact details.
22 March 2023
REF2924 is the moniker assigned to an activity cluster linked to attacks against an entity in Afghanistan as well as the Foreign Affairs Office of an ASEAN member in 2022.
22 March 2023
Active Directory (AD) is a powerful authentication and directory service used by organizations worldwide. With this ubiquity and power comes the potential for abuse. Insider threats offer some of the most potentials for destruction. Many internal users have over-provisioned access and visibility into the internal network.
Insiders' level of access and trust in a network leads to unique
22 March 2023
The campaigns have affected individuals in Chile, Mexico, Peru, and Portugal. The attackers send a fake overdue invoice as an HTML page or a password-protected PDF file to lure victims. Mispadu gathers the list of antivirus solutions installed on the compromised host, steals Google Chrome and Microsoft Outlook credentials, and submits the collected data to its C2 servers.
22 March 2023
The Twitter account of one of the leading news channels in India – News24 – became a victim of a recent cryptocurrency scheme. Hackers breached the account to post phishing links of a fake XRP drop, urging people to click and potentially get conned.
22 March 2023
In Tuesday's "final update" the site's admins wrote they "confirmed that the glowies [slang for government agents – ed.] likely have access to Pom's machine" and shutting down the site is the only option.
22 March 2023
Avast researchers observed that attackers are abusing this service to distribute Redline. They register for the service via a fake email and upload a document containing a link to their website.
22 March 2023
Also known as LockBit Black, LockBit 3.0 features a highly modular architecture compared to its previous versions and offers a range of customizable arguments that can alter its behavior post-deployment.
22 March 2023
An early morning cyberattack on one of the island’s few telecommunications providers, Docomo Pacific, left customers in Guam and the CNMI without services on last Friday.
22 March 2023
The ENISA published its first cyber threat landscape report dedicated to the transport sector which maps and analyses cyber incidents in relation to aviation, maritime, railway, and road transport covering between January 2021 to October 2022.
22 March 2023
Dominic Chell, director at MDSec, and Will Dormann, senior principal vulnerability analyst at Analygence, said the patch issued to fix CVE-2023-23397 can still be bypassed if an attacker has gained access to a system.
22 March 2023
The NuGet repository is the target of a new "sophisticated and highly-malicious attack" aiming to infect .NET developer systems with cryptocurrency stealer malware.
The 13 rogue packages, which were downloaded more than 160,000 times over the past month, have since been taken down.
"The packages contained a PowerShell script that would execute upon installation and trigger a download of a '
22 March 2023
The vulnerability was disclosed to Coinbase, who has since addressed the reported security problems and awarded ZenGo Wallet multiple bug bounties for their responsible disclosure.