LightSpy is a modular surveillance framework that can be used to steal a variety of data, including files, screenshots, mobile location data, or even messenger data from apps like Telegram. It was first documented by TrendMicro and Kapersky in 2020 as an iOS implant. At the time, LightSpy would spread through a watering hole method, which is to say that targets would be directed to pages mimicking local news sites. An example page can be seen in the image below. The APT group said to be resp
All Articles (2240)
Sort by
In April of this year, a cyberattack on a large telecommunications company has been claimed by a ransomware gang that is gaining momentum as a cybercriminal operation. On 1 June, the RansomHub operation posted Frontier Communications to its leak site claiming to have sensitive information of more than 2 million people. The group claimed it spent more than two months attempting to extort the company but never got a response. Frontier did not respond to requests for comment but reported a cyber
It is being reported that Apple has declined to issue a bug bounty to the Russian cybersecurity company Kaspersky Lab. This after it disclosed four zero-day vulnerabilities in iPhone software that were allegedly used to spy on Kaspersky employees as well as Russian diplomats.
A spokesperson for Kaspersky Lab said that the company’s research team considered their work “eligible for Bug Bounty rewards from Apple. However, when asked about it, we received a decline from the Apple Security team ref
In an increasingly interconnected world, supply chain attacks have emerged as a formidable threat, compromising not just individual organizations but the broader digital ecosystem. The web of interdependencies among businesses, especially for software and IT vendors, provides fertile ground for cybercriminals to exploit vulnerabilities. By targeting one weak link in the supply chain, threat actors can gain unauthorized access to sensitive information and can conduct malicious activities with s
Law enforcement agencies in the United States and Europe announced on 30 May Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware. Titled: “the largest ever operation against botnets,” the international effort is being billed as the opening salvo in an ongoing campaign targeting advanced malware “droppers” or “loaders” like IcedID, Smokeloader and Trickbot.
Link to full report: IR-24-151-001_OPendgame.p
FortiGuard Labs has recently identified a sophisticated cyberattack involving an Excel file embedded with a VBA macro designed to deploy a DLL file. The attacker uses a multi-stage malware strategy to deliver the notorious "Cobalt Strike" payload and establish communication with a command and control (C2) server. This attack employs various evasion techniques to ensure successful payload delivery.
Over the past few years, Ukraine has been a significant target due to its geopolitical situation
What would it take for someone to hack a tank? Modern Western militaries may well be about to find out. The militaries of the United States, Germany, France, the United Kingdom, Australia, and other powers are contemplating the gradual introduction of electric vehicles into their motorized fleets. These initiatives are linked to national decarbonization strategies and are also meant to modernize these fleets for the future of warfare. However, electrification also entails an important and un
Live Nation, the parent company of Ticketmaster, revealed Friday evening that it was the victim of a cyber-attack that compromised user data. The company said in a filing with the U.S. Securities and Exchange Commission that it discovered an "unauthorized activity within a third-party cloud database," on May 20 and promptly launched an investigation.
A week later, "a criminal threat actor offered Live Nation what it alleged was user data for sale via the dark web, according to the filing. "As
On 1 May 2024 the CEO of United Health Group was invited to Washington, DC to spend the day getting raked over the coals by US Senator Ron Wyden (D-Oregon) Chairman of the Senate Finance Committee and others at a meeting titled “Hacking America’s Health Care: Assessing the Change Healthcare Cyber Attack and What’s Next.” Wyden set the tone early when he described the UNH cyber incident this way, “The Change Healthcare hack is considered by many to be the biggest cybersecurity disruption to heal
Amid an onslaught of high-profile cyberattacks showing how companies often neglect basic security measures, the Department of Justice is trying to use a law passed during the Civil War to put businesses on notice that these failures are unacceptable. Under the umbrella of DOJ’s Civil Cyber-Fraud Initiative, US government attorneys have since early 2022 deployed the pointedly named False Claims Act to punish contractors that mislead the government about their cybersecurity defenses, hoping to se
Microsoft will soon allow businesses and developers to build AI-powered Copilots that can work like virtual employees and perform tasks automatically. Instead of Copilot sitting idle waiting for queries, it will be able to monitor email inboxes and automate tasks or data entry that employees normally have to do manually. It is a big change in the behavior of Copilot, which the industry commonly calls AI agents or the ability for chatbots to intelligently perform complex tasks autonomously. “W
HP Wolf Security has published a report that finds that the tactics and techniques being used by cybercriminals are evolving. In contrast, different cybercriminals continue to exploit weaknesses that are simple to exploit. For example, cybercriminals use an advanced WikiLoader campaign to exploit open redirect vulnerabilities within websites to circumvent detection. Users are directed to trustworthy sites, often via fake advertisements, before being redirected to malicious sites. Elsewhere, c
The Advanced Research Projects Agency for Health (ARPA-H) announced on 20 May 2024 the launch of the Universal PatchinG and Remediation for Autonomous DEfense (UPGRADE) program. This cybersecurity effort will invest more than $50 million to create tools for information technology (IT) teams to defend better the hospital environments they are tasked with securing.
Cyberattacks that hamper hospital operations can impact patient care while critical systems are down and can even lead to facility clo
More than $22 million worth of cryptocurrency was stolen from the Gala Games this week after someone compromised the blockchain platform. The company confirmed that it dealt with a security incident on 20 May, writing on social media that it was an “isolated incident, the cause of which has been addressed.”
“We are working closely with law enforcement to investigate the individuals behind the breach,” the company said, noting that it will provide updates as the investigation continues. Gala Ga
The National Security Agency (NSA) recently launched its Cybersecurity Collaboration Center (CCC) to proactively help private companies and federal partners fight off advanced cyber adversaries at no cost. Judging by the enthusiastic response so far, CCC’s services are poised to be in high demand.
Through the CCC, the NSA shares its extensive knowledge, threat intelligence, and advanced cybersecurity capabilities directly with organizations across technology, energy, finance, and more sectors.
Author William Lambers[1], presents his opinion on this Memorial Day 2024: “On Memorial Day we can honor the sacrifices of our soldiers and continue the quest for world peace. As President Dwight Eisenhower said of Memorial Day, ‘Let us reverently honor those who have fallen in war, and rededicate ourselves through prayer to the cause of peace, to the end that the day may come when we shall never have another war, never another Unknown Soldier.’ America’s aspiration, as President Eisenhower sa
A "multi-faceted campaign" has been observed abusing legitimate services like GitHub and FileZilla to deliver an array of stealer malware and banking trojans such as Atomic (aka AMOS), Vidar, Lumma (aka LummaC2), and Octo by impersonating credible software like 1Password, Bartender 5, and Pixelmator Pro. Multiple malware variants suggest a broad cross-platform targeting strategy, while the overlapping C2 infrastructure points to a centralized command setup, possibly increasing the efficiency of
Activity Summary - Week Ending on 24 May 2024:
- Red Sky identified 6,686 connections from ‘new’ unique IP addresses
- contabo[.]com in Germany hit 29x
- 92 ‘new’ Botnets hits
- Cat-Phishing
- BITS
- AsyncRAT
- Protecting OT Networks
- UK Army Personnel
- Red Hat Downsizing
Link to full report: IR-24-145-001_weekly145.pdf
Gregg Lowe is feeling thoroughly happy about his technology buying decisions. A couple of years back, the CIO of Boyd Gaming, operator of 28 hotel and casino properties across the US states, was hip-deep in negotiations for a fresh enterprise agreement with VMware prior to its acquisition by Broadcom. Nutanix, which offers its own AHV hypervisor for free with its stack, was also present within the company, meaning Boyd could be paying for hypervisors it didn't need. So the company decided to
The European Union has warned Microsoft that it could be fined up to 1% of its global annual turnover under the bloc’s online governance regime, the Digital Services Act (DSA), after the company failed to respond to a request for information (RFI) that focused on its generative AI tools. In March 2024, the EU asked Microsoft and several other tech giants for information about systemic risks posed by generative AI tools. On 16 May 2024, the Commission said Microsoft failed to provide some reque
