A cyber threat actor group with links to Iran targeted transportation, logistics, and technology sectors in the Middle East, including Israel, in October 2023 amid a surge in Iranian cyber activity since the onset of the Israel-Hamas war. The attacks have been attributed to a threat actor it tracks under Imperial Kitten, also known as Crimson Sandstorm (previously Curium), TA456, Tortoiseshell, and Yellow Liderc. The latest findings also detailed instances of strategic web compromises (aka wate
All Articles (1934)
Sort by
A new malvertising campaign has been found to employ fake sites that masquerade as legitimate Windows news portal to propagate a malicious installer for a popular system profiling tool called CPU-Z. This incident is a part of a larger malvertising campaign that targets other utilities like Notepad++, Citrix, and VNC Viewer as seen in its infrastructure (domain names) and cloaking templates used to avoid detection.
While malvertising campaigns are known to set up replica sites advertising widely
A new variant of the GootLoader malware called GootBot has been found to facilitate lateral movement on compromised systems and evade detection. GootLoader is a stealthy malware classified as a first-stage downloader designed to attack Windows-based systems. It is considered an Initial-Access-as-a-Service (IAaaS) tool used within a ransomware-as-a-service (RaaS) criminal business model. The GootLoader group's introduction of their custom bot into the late stages of their attack chain is an at
In addition to our personal and private information being stolen by foreign cyber threat actors, these same criminals can now quickly obtain sensitive information on US military members from data brokers, according to a new Duke University study whose results were recently published.
Data brokers collect and aggregate information and then
RanswomwareWhen researchers responded to an ad to join up with a Ransomware-as-a-Service (RaaS) operation, they wound up in a cybercriminal job interview with one of the most active threat actors in the affiliate business, who turns out to be behind at least five different strains of ransomware. Meet "farnetwork," who was unmasked after giving over too many specifics to a Group-IB threat researcher pretending to be a potential affiliate for the Nokoyawa ransomware group. The cybercriminal is a
ChatGPT subscribers who want to learn about OpenAI's custom GPT chatbots can now test some of them. At its Dev Day event on 06 November 2023, the company revealed that subscribers could create their own ChatGPT chatbots for specific tasks. Though that option is not yet available, 16 GPTs made by OpenAI are available for users to see how they work. Interested parties will find a Tech Support Advisor to assist you with tech issues, a Negotiator to help you advocate for yourself, and a Sous Chef
The term “Looney Tunables” refers to a vulnerability that exists in the GNU C library, which is a core library in Linux-based systems. This library has a hand in many foundational operations like file opening and reading, threading, memory allocation, console printing, etc. The bug was introduced in April of 2021, but the CVE was not posted to NIST until October 3rd, 2023. The vulnerability was discovered by the Qualys Threat Research Unit in early September of this year.
A buffer overflow vu
Europe’s commercial ports are top entry points for cocaine flooding in at record rates. The work of a Dutch hacker, who was hired by drug traffickers to penetrate port IT networks, reveals how this type of smuggling has become easier than ever. Court records and other documents obtained by reporters reveal how a man in the Netherlands hacked IT systems at the ports of Rotterdam and Antwerp and sold valuable data to aid cocaine traffickers.
With access to the ports’ container management systems
A South Korean worker was crushed to death by an industrial robot that mistook him for a box of vegetables, local authorities said on 09 November 2023. The unidentified worker in Goseong succumbed to head and chest injuries last week after he was snatched up by the robot and shoved onto a conveyor belt, police said. He reportedly worked for the company that installs the robot and was sent to the vegetable plant to make sure the model was operating correctly.[1]
The device involved in the accid
Social engineering is the attempt to trick someone into revealing information (e.g., a password) or taking an action that can be used to compromise systems or networks. Phishing is a form of social engineering where malicious actors lure victims (typically via email) to visit a malicious site or deceive them into providing login credentials.
Malicious actors primarily leverage phishing for:
- Obtaining login credentials.
- Malicious actors conduct phishing campaigns to steal login credentials fo
Shares in the troubled office-sharing firm WeWork https://www.wework.com plunged on 01 November 2023, following reports it could file for bankruptcy as early as next week. Its shares fell by more than 50% in early trade in New York. The firm was once seen as the future of the office. But it has been plagued by problems, including a disastrous attempt in 2019 to sell shares to the public and the exit of its co-founder.[1]
WeWork Inc. is/was a provider of co-working spaces, including physical an
According to a warning from cyber threat researchers, an Iranian espionage group has been caught using a new malware framework in a recent sequence of cyberattacks. The Iranian hacking group Scarred Manticore,[1] linked to the country’s Ministry of Intelligence and Security, has been secretly running a digital spy ring across the Mideast. It has targeted government and large infrastructure companies such as telecom and financial services to steal data. The group has been linked to the OilRig
Research from Cofense has found that user credentials are being targeted by hackers and scammers on a scale never seen before. Indicators of compromise (IoC), digital evidence of a cyber attack, for credential phishing have increased in Q3 by close to 45% over Q2, the company's report found.
IT Management Solutions - Compared to the Q3 period of 2022, IoCs of credential phishing are up 85% with PDFs being the most common malicious file extension attached to a phishing email.
Do not take the bai
According to cyber threat professionals, every 11 seconds an organization falls victim to a ransomware attack. In today's interconnected world, cybersecurity looms as an ever-present concern that organizations can no longer afford to sideline. A 48% increase in cyber risk last year should serve as a wake-up call to all business managers. Whether a business pays hackers a ransom or not, there are significant costs involved which will include items such as digital forensics and data restoration,
When I review the cybersecurity e-newsletters, the unsolicited vendors, and PR pitches offering solutions and commentary related to breaches, it is clear that the bad actors do not care which industries they affect. Their goals are to disrupt, and if they can get some ransom money in the process or make it difficult for organizations to function normally, especially if they are friendly to their political foes, they are more than happy to do it for fun and profit.[1]
Here are some companies fro
It is not just the frequency of the cyber-attacks, but also the severity can be critical, for example the Port of Nagoya in Japan that had to shut down operations for more than three days after a ransomware attack. In addition, new critical vulnerabilities were published in major hardware and software commonly used by shipping companies: just in the last month we saw new critical vulnerabilities in major brands of firewalls, routers, internet browsers (practically all of them), operating system
A new tool allows artists to add invisible changes to the pixels in their art before they upload it online so that if it is scraped into an AI training set, it can cause the resulting model to break in chaotic and unpredictable ways. The tool, called Nightshade, is intended to fight against AI companies that use artists’ work to train their models without the creator’s permission. Using it to “poison” this training data could damage future iterations of image-generating AI models, such as DALL
The attack surface widens by the day, with new threats being posed by artificial intelligence (AI) and increasingly cunning social engineering exploits. And, while the global cybersecurity workforce has grown to help defend against mounting threats, the gap of required workers remains at an all-time high, according to ISC2’s annual Cybersecurity Workforce Study out today. To adapt to that reality, the nonprofit member association emphasizes, organizations must move beyond legacy practices.
Yes
In the secretive world of venture capital and startups, information means access and it means money. And so, it is rare that we see closely-guarded information the financials, the emails, the cap table all picked apart and challenged for anyone who chooses to pay attention. It is rare we hear a startup’s executives give unadulterated answers to questions on the record, under oath laying out how things really went under the hood. We only get that kind of a look at a private company when things
A highly sophisticated piece of malware posing as a cryptocurrency miner has stayed hidden for five years, infecting more than one million devices, cybersecurity investigators warn. Named StripedFly, the threat contains code sequences previously observed in the malware used by the threat actor known as the Equation Group, known for APT malware and attacks, which has been linked to the US National Security Agency.
Designed as a modular framework, StripedFly can target both Windows and Linux and
