The North Korea-linked threat actor known as the Lazarus Group has been attributed to a new global campaign that involves the opportunistic exploitation of security flaws in Log4j to deploy previously undocumented remote access trojans (RATs) on compromised hosts. Investigators are tracking the activity under the name Operation Blacksmith, noting the use of three DLang-based malware families, including a RAT called NineRAT that leverages Telegram for command-and-control (C2), DLRAT, and a downl
All Articles (1933)
Sort by
This past October, Apache issued a critical advisory addressing CVE-2023-46604, a vulnerability involving the deserialization of untrusted data in Apache. On 2 November, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2023-46604 to its known exploited list, KEV Catalog, indicating this vulnerability's high risk and impact. Fortiguard Labs also released an outbreak alert and a threat signal report about the active exploitation of CVE-2023-46604, providing more details and
Hacktivist group Killnet rose to prominence in 2022. After the launch of SVO, it openly sided with Russia. It carried out high-profile DDoS attacks against significant targets such as the US Federal Tax Service, the European Union’s banking systems SWIFT, and the American arms company Lockheed IBAN. Martin et al. At the same time, little was known for a long time about the identity of its leader, hacker Killmilk. In the public sphere, he formed the image of a great patriot of the Russian Feder
The reliability and security of the power grid have become increasingly important topics in recent years. With the dependence on electricity growing and new threats emerging, it is crucial to ensure that our lights stay on, especially for critical infrastructure like the military. This article explores the risks the power grid faces and the potential consequences if it were compromised.
Research and Reporting: According to industry experts, the power grid is vulnerable to both physical and cy
The year 2023 has been marked by significant cyber turbulence in the space sector. The aftermath of the 2023 KA-SAT attack has fundamentally altered the world’s collective perception of cyber risk and the corresponding implications for space. In addition, 2023 has heralded a surge in the scope and scale of cyber targeting, a bevy of emerging trends and the introduction of new threat actors operating within the space industry. Without question, from 2022 to 2023, the frequency of cyber campaign
Just three months after the National Credit Union Administration (NCUA) put into place a final rule requiring federally chartered and federally insured credit unions to notify NCUA of a "reportable cyber incident," about 60 credit unions in the United States experienced outages because of a ransomware attack on an IT provider the institutions use, according to a US federal agency. The final NCUA rule went into effect on 01 September 2023, requiring that affected credit unions should notify the
Terrorism, both foreign and domestic, remains a top threat to the Homeland, but other threats are increasingly crowding the threat space. During the next year, we assess that the threat of violence from individuals radicalized in the United States will remain high, but largely unchanged, marked by lone offenders or small group attacks that occur with little warning. Foreign terrorist groups like al-Qa’ida and ISIS are seeking to rebuild overseas, and they maintain worldwide networks of support
Staying Connected - Cruise company Carnival Corporation has agreed a partnership with Neuron, formerly ESpace Networks, to implement Neuron’s vendor-neutral connectivity management platform to optimize internet access on its ships. The move is part of Carnival Corporation’s wider connectivity optimization strategy, which is focused on providing the best available connection at sea. The Neuron 360 platform provides an end-to-end view of connectivity operations and real-time data to proactively
Cybersecurity threats to the global supply chain have been well-documented in recent years, and sea-faring trade is no exception. Shipping ports are being targeted by modern day digital pirates seeking to disrupt supply chains with targeted, sophisticated cyberattacks.
Long gone are the days when a commercial ship crew considered a rudimentary GPS system to be the sole state-of-the-art technology onboard. Today, the maritime industry depends on smart AI systems and IoT devices that go beyond s
Researchers have tracked more activity by an influence campaign linked to Russia that spreads disinformation and propaganda in the US, Germany and Ukraine through a vast network of social media accounts and fake websites.
The campaign, attributed to the Russia-linked influence operation network called Doppelgänger, has been active since at least May 2022. The US tech company Meta previously referred to Doppelgänger as the “largest” and “most aggressively persistent” malign network sponsored by
A gang of hackers who targeted the private King Edward VII’s Hospital are threatening to reveal the health data from the Royal Family unless they are paid £300,000 in Bitcoin. The hospital notably treated Kate, the Princess of Wales and the hackers have claimed they have ‘X-rays, letters from consultants, registration forms, handwritten clinical notes, and pathology forms.’[1]
The gang is referred to as ‘Rhysida,’ which is a venomous tropical centipede, and previously targeted the British Libra
The UK’s Sellafield nuclear facility has denied reports that its IT networks have been attacked by cyber groups linked to Russia and China. The Guardian said an investigation into the nuclear site in Cumbria found security breaches, dating back to 2015, which it says were not reported to regulators for “several years.”
The year-long investigation, named ‘Nuclear Leaks,’ said sleeper malware which can be used to spy on or attack systems had been embedded in the networks and could still be there.
One of the cybercrime underground’s more active sellers of Social Security numbers, background, and credit reports has been pulling data from hacked accounts at the US consumer data broker USinfoSearch.
Since at least February 2023, a service advertised on Telegram called USiSLookups has operated an automated bot that allows anyone to look up the SSN or background report on virtually any American. For prices ranging from $8 to $40 and payable via virtual currency, the bot will automatically re
A ransomware group behind some of the biggest cyberattacks in 2023 has taken credit for an incident involving a multibillion-dollar player in the real estate industry.
Fidelity National Financial, a Fortune 500 provider of title insurance for property sales, acknowledged an attack in regulatory documents submitted 21 November to the US Securities and Exchange Commission.[1]
On 22 November, the AlphV/Black Cat ransomware gang took credit for the intrusion, publishing a lengthy screed against the
Improving social media governance is crucial for organizations to effectively manage their online presence, protect their reputation, and ensure compliance with relevant regulations. Yet, many organizations struggle to do this because an ever-evolving social media and technology landscape makes it challenging to adapt their strategies and policies. New platforms, features, and trends emerge regularly, making it challenging for organizations to keep up and evolve accordingly.
Social Media Threa
Our friends at SentinelLabs report that Hack-for-Hire threat actors go by many names, such as surveillance-for-hire, mercenaries, private-sector-offensive-actors (PSOAs), and nonstate offensive threat actors. Such groups represent an exciting challenge for security researchers and network defenders. They should be considered a severe threat to all organizations, worthy of proactive tracking in ongoing intrusions and analysis of historical cases to understand their significant impacts. Many pub
Amid the steady onslaught of costly ransomware and other attacks, cyber insurance is more important than ever for businesses. A company can implement proper security controls and meet regulatory mandates, but breaches still happen and when they do, cyber insurance can be a vital tool to help a business recover quickly. However, it's also becoming more expensive, complicated and challenging to get.
According to Fitch Ratings, cyber insurance is the fastest-growing segment of the US property/ca
With an estimated damage of US$10.5 trillion annually from cyberattacks projected by 2025, a significant surge from 2015 levels, the demand for stronger cybersecurity methods has never been more pressing. According to Geoff Schomburgk, the Regional Vice President, Asia Pacific & Japan (APJ) at Yubico, a leading provider of phishing-resistant authentication hardware solutions, this escalating threat is prompting the need to steer away from traditional, insecure password mechanisms. "Passwords,
The ransomware strain known as Play is now being offered to other threat actors "as a service." The unusual lack of even small variations between attacks suggests that they are being carried out by affiliates who have purchased the Ransomware-as-a-Service (RaaS) and are following step-by-step instructions from playbooks delivered with it.
Cybercriminals are increasingly finding it just as lucrative to hire their toolkits out to other crooks so they can launch attacks of their own. Investigator
A water authority in Pennsylvania reportedly suffered a cyberattack, prompting officials to reassure people in the area that drinking water has not been affected by the incident.
The Municipal Water Authority of Aliquippa, which serves thousands of customers in communities northwest of Pittsburgh, did not respond to requests for comment but told local news outlet that computer screens at a facility were plastered with a message from hacking group Cyber Av3ngers. The facility, which contains a co
