Latest Cybersecurity News and Articles


New ShellBot DDoS Malware Targeting Poorly Managed Linux Servers

21 March 2023
Poorly managed Linux SSH servers are being targeted as part of a new campaign that deploys different variants of malware called ShellBot. "ShellBot, also known as PerlBot, is a DDoS Bot malware developed in Perl and characteristically uses IRC protocol to communicate with the C&C server," AhnLab Security Emergency response Center (ASEC) said in a report. ShellBot is installed on servers that

Ferrari Says Ransomware Attack Exposed Customer Data

21 March 2023
“Upon receipt of the ransom demand, we immediately started an investigation in collaboration with a leading global third-party cybersecurity firm,” the Italian car maker said.

The Best Defense Against Cyber Threats for Lean Security Teams

21 March 2023
H0lyGh0st, Magecart, and a slew of state-sponsored hacker groups are diversifying their tactics and shifting their focus to… You. That is, if you're in charge of cybersecurity for a small-to-midsize enterprise (SME). Why? Bad actors know that SMEs typically have a smaller security budget, less infosec manpower, and possibly weak or missing security controls to protect their data and

Zero-Day Exploitation in 2022 Continued at an Elevated Pace

21 March 2023
Mandiant researchers tracked 55 zero-day vulnerabilities that they judge were exploited in 2022. Although this count is lower than the record-breaking 81 zero-days exploited in 2021, it still represents almost triple the number from 2020.

AWS Introduces Global Condition Context Keys to Improve EC2 Security

21 March 2023
The new keys allow the creation of policies that can limit the use of role credentials to only the location from where they originated, reducing the risk of credential exfiltration.

Black Basta, Killnet, LockBit groups targeting healthcare in force

21 March 2023
Threat groups behind Killnet and Black Basta ransomware are targeting the healthcare sector and other critical infrastructure industries in force, according to Microsoft and the HHS Cybersecurity Coordination Center (HC3).

From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022

21 March 2023
As many as 55 zero-day vulnerabilities were exploited in the wild in 2022, with most of the flaws discovered in software from Microsoft, Google, and Apple. While this figure represents a decrease from the year before, when a staggering 81 zero-days were weaponized, it still represents a significant uptick in recent years of threat actors leveraging unknown security flaws to their advantage. The 

Google Cloud joins FS-ISAC’s critical providers program to share threat intel

21 March 2023
The Financial Services Information Sharing and Analysis Center (FS-ISAC) said Google Cloud joined its critical providers program, as part of a larger industry effort to bolster supply chain security in the financial services sector.

Google flags apps made by popular Chinese e-commerce giant as malware

21 March 2023
On Monday, Google announced that it had flagged several apps made by a Chinese e-commerce giant as malware, alerting users who had them installed, and suspended the company’s official app.

Shouldering the Increasingly Heavy Cloud Shared-Responsibility Model

21 March 2023
As business and the world in general grow more complex, the shared responsibility between cloud customers and cloud providers becomes, well, cloudier. This is especially true when it comes to security and compliance.

CISA kicks off ransomware vulnerability pilot to help spot ransomware-exploitable flaws

21 March 2023
CISA initiated the RVWP by notifying 93 organizations identified as running instances of Microsoft Exchange Service with a vulnerability called "ProxyNotShell," widely exploited by ransomware actors.

Update: Dish Network updates on ransomware attack

21 March 2023
Dish Network stated it reinstated the ability of customers of its Boost Mobile brand to access account information as it provided an update on its bid to recover from a cyberattack in February.

Scammers can slip fake texts into legitimate SMS threads. Will a government crackdown stop them?

21 March 2023
Last month, the Australian government announced plans to fight SMS-based scams by implementing an SMS sender ID registry. Under this system, organizations that want to SMS customers will first have to register their sender ID with a government body.

Hackers Steal Over $1.6 Million in Crypto from General Bytes Bitcoin ATMs Using Zero-Day Flaw

21 March 2023
Bitcoin ATM maker General Bytes disclosed that unidentified threat actors stole cryptocurrency from hot wallets by exploiting a zero-day security flaw in its software. "The attacker was able to upload his own java application remotely via the master service interface used by terminals to upload videos and run it using 'batm' user privileges," the company said in an advisory published over the

QBot Paves the Way for BlackBasta Ransomware

21 March 2023
ReliaQuest studied a security breach incident by Black Basta ransomware wherein criminals gained entry into the network, and rapidly escalated their privileges, with the use of QBot. The attackers executed the malware via HTML Smuggling, an attack strategy QBot has been observed implementing previously in December 2022. 

NCSC launches flagship new services to help millions of small organisations stay safe online

20 March 2023
New online tools for small organisations to help find and fix any cyber security issues.

Microsoft Teams goes 3D: Meet your animated avatar

20 March 2023
EXECUTIVE SUMMARY: Sometimes, there are valid reasons to turn your camera off during a Zoom or Teams meeting. For example, you might be in an environment that could prove distracting for other participants, you might have a small child who’s trying to climb on your chair or along your leg, or perhaps someone else who […] The post Microsoft Teams goes 3D: Meet your animated avatar appeared first on CyberTalk.

TeamTNT Allegedly Connected to SCARLETEEL Decoy Attack

20 March 2023
The SCARLETEEL sophisticated hacking operation, which targets Kubernetes hosted on Amazon to steal confidential proprietary data, also suspect to have a TeamTNT touch. Despite all the similarities, researchers could not connect the two malware with full confidence. According to them, it is possible that another group is simply copying the tactics.

Killnet Aggressively Targets Healthcare Organizations

20 March 2023
KillNet, a cybercriminal collective with ties to Russia, was spotted targeting Microsoft Azure-hosted healthcare apps for more than three months. The highest number of these attacks were launched in February, targeting hospitals, pharma, life science, healthcare insurance, and health services in more than 25 states.

TikTok banned from U.K. government devices

20 March 2023
The U.K. bans TikTok on government devices in line with similar restrictions made in the U.S. and Canadian governments and the European Commission.