South Korea claims pro-Russia actors intensified cyberattacks on national sites after it decided to monitor North Korean troops in Ukraine. South Korea’s government blames pro-Russia threat actors for an intensification of cyberattacks on national sites after it chose to monitor North Korean soldiers in Ukraine. South Korea reports that over 10,000 North Korean troops are now deployed in Russia, including in the frontline Kursk region, to support the war in Ukraine. This development, confirmed b
All Articles (2238)
Sort by
“Multi-Factor Authentication stops 99% of all attacks.” It’s a phrase used quite a bit. However, while MFA has become the go-to cybersecurity solution deployed by businesses globally, we must recognize that not all MFA solutions are created equal. Many are as easy to hack with social engineering and phishing as traditional passwords. So, the claim that almost all attacks can be repelled by MFA is an oversimplification at best and insincere at worst.
This raises an important question: if so,
Have I Been Pwned (HIBP) warns that an alleged data breach exposed the personal information of 56,904,909 accounts for Hot Topic, Box Lunch, and Torrid customers. Hot Topic is an American retail chain specializing in counterculture-related clothing, accessories, and licensed music merchandise. The company operates over 640 stores across the United States and Canada, primarily located in shopping malls, and has a vast customer base. According to HIBP, the exposed details include full names, em
For those of you old enough to remember party lines when using your telephones, you could not just pick up the phone and start talking, as there were likely two others on the same ‘line,’ until those talking would hang up their phones. So, you didn’t want to begin sharing any personal information with these two strangers. A party line (multiparty line, shared service line, party wire) is a local loop telephone circuit shared by multiple telephone service subscribers. Fast forward to 2024. The US
New research shows that criminal cyber actors are seemingly targeting Australians with a penchant for Bengal cats, a breed of hybrid feline created from crossing an Asian leopard with domestic breeds. Using Gootloader, a popular malware strain often used as an infostealer or as malware dropped before ransomware attacks, Sophos found that the threat actors target users who search "Are Bengal cats legal in Australia?" and other similar questions.
In one example, the researchers found that one webs
Six unpatched vulnerabilities in a Mazda in-vehicle infotainment (IVI) system could be exploited with a simple USB in a moment’s time, and one of them has legitimate consequences to vehicle safety. Cars are just computers on wheels, and IVIs are their user interface. The IVI in most Mazda vehicles of recent years like the Mazda3 and CX-3, 5, and 9 are built with the Mazda Connect Connectivity Master Unit (CMU), developed by the Michigan-based Visteon Corporation.[1] The CMU is a core hardware
Researchers recently discovered that suspected Iranian hackers impersonated recruiters on LinkedIn to target the aerospace industry in a new espionage campaign. So-called “fake worker” schemes are typically associated with North Korean threat actors. However, the Israel-based cybersecurity company ClearSky has attributed this latest campaign to the Iranian operation tracked as TA455, likely a subgroup of the Iranian government cyberwarfare group Charming Kitten.[1]
Researchers suggest that TA4
Thousands of people, including many who use applications such as AutoCAD, JetBrains, and the Foxit PDF editor, have become victims of a sophisticated data-stealing and crypto-mining malware campaign active since February 2023. The as-yet-unidentified threat behind it is distributing the malware via forum posts and illegal torrents. What makes the malware challenging to mitigate is its use of SSL pinning and TLSv1.3 encryption to protect its command-and-control (C2) communications and data exfilt
Amazon confirmed a data breach involving employee information after data allegedly stolen during the May 2023 MOVEit attacks was leaked on a hacking forum. The threat actor behind this data leak, known as Nam3L3ss, published over 2.8 million lines of Amazon employee data, including names, contact information, building locations, email addresses, and more. Amazon spokesperson Adam Montgomery confirmed Nam3L3ss' claims, adding that this data was stolen from systems belonging to a third-party ser
Cryptocurrency-related businesses have been targets of North Korean-affiliated threat actors for some time now, with multiple campaigns aiming to steal funds and/or insert backdoor malware into targets. In April 2023, researchers detailed an APT campaign targeting macOS users with multi-stage malware that culminated in a Rust backdoor capable of downloading and executing further malware on infected devices. ‘RustBucket,’ as they labeled it, was attributed with strong confidence to the BlueNoroff
Threat analysts have observed a new ransomware group called Interlock conducting targeted attacks across sectors, including US healthcare, IT and government, and European manufacturing. According to a recent report by Cisco Talos, Interlock employs “big-game hunting” and double extortion tactics, where compromised data is stolen and threatened to be released publicly unless a ransom is paid.
This group operates a data leak site called “Worldwide Secrets Blog” to publish stolen data. It offers vi
The cost of zero-day exploits has always been high, especially if they allow an attacker to remotely execute code on a host machine. But why pay hundreds of thousands of dollars for a 0-day when a relatively simple drive-by attack doesn’t need one and can achieve much the same result? That’s what interested an Imperva security researcher who has published a report on new drive-by attack using something called the Evil Code Editor. Here’s what you need to know.
“A remote code execution chain i
In a recent opinion piece, Linus Torvalds shares his views on C and C++. “I must be a glutton for punishment. Not only was my first programming language IBM 360 Assembler, but my second language was C. Programming anything in them wasn't easy. Programming safely in either is much harder.” So, when the US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigations (FBI announced they were doubling down on their efforts to persuade software manufacturers t
ByteDance is being exiled from Canada, though the TikTok app is not. Following the US's example, Canada has spent recent years questioning the world's most popular Chinese app. In February 2023, TikTok was banned from all government devices, citing security concerns. Later that year, the government called for a broader national security review under the 1985 Investment Canada Act, which empowers the government to scrutinize foreign investments.
In concluding that review, the Minister of Innovati
In a recent Forbes article, technical author Davey Winder shared insights into a Check Point blog post. Hackers have been seen using AI which very nearly compromised the account of a Gmail user, as explained in a recent report by Winder. Now both Gmail and AI are back in the forefront, but now as part of a large-scale hacking campaign targeting both consumers and corporates with a financially-motivated payload. Check Point analyzes the new campaign the CopyRh(ight)adamantys cyber-attack.
Unli
The holiday shopping season is almost upon us, and with all the great sales and promotions come the usual cyber scams. While generally quick and convenient, shopping online can leave you vulnerable to scammers if you are not cautious. Based on a consumer survey, a new report from Norton looks at how scams are a common concern among shoppers and how to protect yourself while holiday shopping online.
Check out the 2024 Cyber Safety Insights Report.
Norton incorporated the results of a survey condu
Ukraine is accusing Google of exposing the locations of its military sites in recent updates to its online mapping service. Andrii Kovalenko, the head of the counter-disinformation department at Ukraine's National Security and Defense Council, said the images were spotted last week and have already been “actively distributed” by Russians. He did not provide further details about what was specifically revealed or how Moscow could use the obtained data.
Kovalenko said Google hasn’t yet fixed the
The hacker suspected of launching a series of major breaches involving data stored on Snowflake accounts was arrested in Canada last week after a request was issued by US officials. The individual in question, Alexander "Connor" Moucka (aka Judische and Waifu), was apprehended on 30 October 2024, on the basis of a provisional arrest warrant, following a request by the US.[1] The arrest of Moucka was first reported by Bloomberg and 404Media on earlier this week. “He appeared in court later tha
Securonix Threat Research has discovered a sophisticated phishing campaign, “CRON#TRAP,” that leverages a unique approach to infiltrate systems and establish persistent backdoors. This creative attack method involves deploying emulated Linux environments within compromised endpoints, specifically Tiny Core Linux.
Multi-Stage Attack Process of CRON#TRAP - The CRON#TRAP campaign employs a multi-stage attack method to compromise target systems and establish persistent backdoors. The initial infecti
The Five Eyes are the intelligence agencies of the UK, US, Canada, New Zealand, and Australian governments. This group has launched a new program designed to help their tech startups improve baseline cybersecurity measures in the face of escalating state-backed threats. Secure Innovation was originally a UK initiative run by GCHQ’s National Cyber Security Centre (NCSC) and MI5’s National Protective Security Authority (NPSA). However, it has now been adopted and promoted by all Five Eyes intellig
