I am not writing about Nim, the mathematical game of strategy, but I am concerned about another “Nim” and you do not want to lose this game. Cybersecurity researchers have unwrapped an "interesting email campaign" undertaken by a threat actor that has taken to distributing a new malware written in Nim programming language. Recently named "NimzaLoader" by Proofpoint researchers, the development marks one of the rare instances of Nim malware discovered in the threat landscape. "Malware developer
All Articles (2531)
It is difficult to stop supply chain attacks if partner accounts are compromised. What can you do when these attacks are indistinguishable from insider threats? The current rash of financial fraud and supply chain attacks exploit a seemingly unsolvable vulnerability in your security strategy. Attackers exploit the fact that you must communicate with outside partners and vendors to thrive as a company or an institution.
As you interact with partners, the door to exploitation opens, specifically
Singapore is testing unmanned surface vessels with a locally developed, AI-driven navigation algorithm that could be used for maritime security operations in the congested but strategically important waters around the southeast Asian island nation. Upon completion, the Republic of Singapore Navy is expected to then field four USVs in the role. The country’s defense ministry said this will add another layer of surveillance and operational response for its maritime borders.
The ministry added tha
Digitalization in the maritime sector remains a double-edged sword, because while technology and digital tools support the supply chain significantly, these same tools have opened new vulnerabilities. Competition in the digital arena is the reflex response from the shipping sector designed to compete at every level. The industry, however, must relearn its reactions to develop a collaborative mind-set when developing cyber systems, particularly where cybersecurity is concerned.[1]
Increased con
Physical security concepts and practices has been around for centuries. Cyber security, not so long. We all are painfully more aware than ever of the need for strong cybersecurity. Network security should be in most business systems, yet the Internet of Things (IoT) has opened the realm of malicious cyber-attacks to a height unseen in recent times. IoT in any open space creates the potential for various cyber-attacks that can disrupt system operation and negatively impact a customer’s busine
The US Department of Justice (DOJ) continues to warn that cyber-criminals are impersonating state workforce agencies (SWAs) to steal Americans' personal data. In a press release issued 5 March 2021, DOJ reported it had received reports that bad cyber actors are creating fake websites that mimic sites genuinely belonging to SWAs. "The fake websites are designed to trick consumers into thinking they are applying for unemployment benefits and disclosing personally identifiable information and oth
Activity Summary - Week Ending 19 March 2021:
- Pharmacie Midombo in Benin has some Problems
- Cuck, a Movie title, or a Dangerous Lure
- Analysts identified 26,343 connections from new unique IP addresses checking into our Sinkholes
- Red Sky Alliance observed 17 new unique email accounts compromised with Keyloggers
- Analysts identified 2,157 new IP addresses participating in various Botnets
- DearCry Ransomware
- GoldMax, GoldFinder, and Sibot
- PYSA Ransomware attacking Education
- Düsseldorf University Hosp
In addition to the aggravation of having to find the “car” in a series of pictures, a phishing attack targeting Microsoft users leverages a bogus Google reCAPTCHA system. Microsoft users are being targeted with thousands of phishing emails, in an ongoing attack aiming to steal their Office 365 credentials. The attackers add an air of legitimacy to the campaign by leveraging a fake Google reCAPTCHA system and top-level domain landing pages that include the logos of victims’ companies.
According
Birds of a Feather, Flock together. An old, yet very true saying. Cybercriminals are stealing a staggering volume of data and money from companies around the world. The damage from cyber-attacks costs businesses US$400 billion a year. This has become a huge criminal enterprise and operators include state sponsored groups, such as Russia, China and North Korea.
Cybercrime groups have become more organized and specialized in the past few years. Gone are the days of single actors placing malwar
Cybercriminals had a busy year in 2020, with rapidly increasing numbers of distributed denial of service (DDoS) weapons, widespread botnet activity, and some of the largest DDoS attacks ever recorded. As COVID-19 drove an urgent shift online for everything from education and healthcare, to consumer shopping, to office work, hackers had more targets available than ever -- many of them under protected due to the difficulty of maintaining security best practices in an emergency scenario.
At the sam
A malware loader or bootloader, also known as a boot program or bootstrap loader, is a special operating system software that loads into the working memory of a computer after start-up. For this purpose, immediately after a device starts, a bootloader is generally launched by a bootable medium like a hard drive, a CD/DVD or a USB stick. The boot medium receives information from the computer’s firmware (e.g. BIOS) about where the bootloader is. The whole process is also described as “booting”.
Wh
Activity Summary - Week Ending 12 March 2021:
- Super Keylogger being used as a Lure – ‘Super.Keylogee’
- Red Sky Alliance identified 29,347 connections from new unique IP Addresses
- Analysts identified 1,199 new IP addresses participating in various Botnets
- Sality still reigns as our #1 Malware Variant
- IcedID
- Baby Elephants are Cute, but…….
- Qualys and Accellion FTA
- SonicWall hacking
- FireEye Attack
- Myanmar, China and Russia curtailing social media, No Surprise
Link to full report: IR-21-071-001_wee
A critical vulnerability identified in The Plus Addons for Elementor WordPress plugin could be exploited to gain administrative privileges to a website. This is bad news for Wordpress websites and this vulnerability was disclosed 8 March 2021. The zero-day has been exploited in the wild, the Wordfence team at WordPress security company Defiant warns. With more than 30,000 installations to date, The Plus Addons for Elementor is a premium plugin that has been designed to add several widgets to be
As if Kia Motors doesn’t have enough to worry about, now this. Last Friday, Red Sky Alliance reported on Kia Motors of America was hit by the DopplePaymer malware, causing havoc at dealerships in the US and Canada.[1] Now Kia has been forced to recall nearly 380,000 if its vehicles due to a potential fire risk hazard. The Korean automaker said in an advisory posted Tuesday by the US National Highway Traffic Safety Administration (NHTSA) that it is recalling certain 2017 through 2021 Sportage
“No entiendo como se comprometió España.” Responder en Inglés, “well my friends, no one is immune to cyber-attacks - no one.” Spain’s State Public Employment Service (SEPE), which coordinates unemployment benefits and ERTE throughout Spain, has been the victim of a cyberattack that has crippled its electronic and face-to-face appointment-setting services and other procedures.[1] A government Spanish spokesman said, “At the moment it is not possible to access the website”, with the Central Tra
Like we don’t have enough ransomware floating around destroying international businesses. Enter two new ransomware forms. Two newly discovered forms of ransomware with quite different characteristics show just how diverse the world of ransomware has become as more cybercriminals attempt to join in with the ‘cyber extortion’ game. Both forms of ransomware emerged last month and described by cybersecurity researchers as AlumniLocker and Humble, with the two versions attempting to extort a Bitco
In 1980, the British comedy group Monty Python created a video, “I Like Chinese.” We all like Chinese; except the Chinese Communist Party (CCP) – who train, encourage and promote active hacking of many, many counties. A Chinese hacking group allegedly "cloned" and deployed a zero-day exploit developed by the US National Security Agency's Equation Group (NSA) before Microsoft patched the Windows vulnerability that was being exploited in 2017. For several years, researchers have suspected the C
A new version of the Ryuk ransomware is capable of worm-like self-propagation within a local network, researchers have recently found. The variant first emerged in Windows-focused campaigns earlier in 2021, according to the French National Agency for the Security of Information Systems (ANSSI). The agency said that it achieves self-replication by scanning for network shares, and then copying a unique version of the ransomware executable (with the file name rep.exe or lan.exe) to each of them as
Ransomware continues to create havoc for organizations of all types and the problem only seems to be getting worse every year. Cyber threat defenders across every type of targeted organization, including government agencies and private businesses - would do well to have more effective defenses in place. Such defenses would ideally include organizations proactively looking for known ransomware attackers' tactics, techniques and procedures. That kind of threat hunting can help defenders spot atta
As the 2020 tax preparation season begins in the US, the Internal Revenue Service (IRS) is warning that it is seeing more signs of cyber criminals spoofing the agency's domains and incorporating its logos and language into phishing campaigns. Authorities additionally are cautioning other fraud campaigns that spoof US government departments, with some using themes capitalizing on COVID-19 economic relief programs. A tempting lure to many.
During February 2020, the IRS published a notification t