In 2023, FortiGuard Labs uncovered the 8220 Gang’s utilization of ScrubCrypt to launch attacks targeting exploitable Oracle WebLogic Servers. ScrubCrypt has been described as an “antivirus evasion tool” that converts executables into undetectable batch files. It offers several options to manipulate malware, making it more challenging for antivirus products to detect. Analysts recently discovered a threat actor distributing a phishing email containing malicious Scalable Vector Graphics (SVG) f
All Articles (1929)
Sort by
With supply chain attacks on the rise, and nation-state attackers constantly looking for new ways to disrupt national security and economic stability, one of the most vulnerable areas is the security around our maritime operations. The current US administration's recent Executive Order to fortify the cybersecurity of US ports underscores this concern, spotlighting the urgency of addressing vulnerabilities in a sector that drives over $5.4 trillion in economic activity annually. This initiative
AI might not be coming for all jobs, but it might be coming for some. UPS’s https://www.ups.com largest layoff in its 116-year history was the result of, in part, new technologies, including AI, CEO Carol Tomé said during an earnings call in February 2024. Meanwhile, IBM plans to pause hiring for roles it thinks could soon be automated by AI, CEO Arvind Krishna told Bloomberg in 2023.
Workers are not optimistic about the future. In a recent survey from McKinsey, 25% of business professional
Eclipse attacks are a special type of cyberattack where an attacker creates an artificial environment around one node, or user, which allows the attacker to manipulate the affected node into wrongful action. By isolating a target node from its legitimate neighboring nodes, eclipse attacks can produce illegitimate transaction confirmations, among other effects on the network. While these types of attacks isolate individual nodes, the effectiveness of eclipse attacks at disrupting network nodes a
The use of computers has significantly improved the transportation industry over the past few decades. Digitizing documents, automating payments, and storing information in a central location has streamlined processes and made the job easier at all levels. Unfortunately, it has also opened up the industry to cyberattacks from hackers and other forms of cybercrime. These attacks are designed to take money or information from a company or otherwise disrupt its operations. A 2021 study showed th
Red teaming is everywhere. The offensive security testing method is mentioned a dozen times in the recent artificial intelligence (AI) executive order released by President Joe Biden and accompanying draft guidance for United States’ federal agencies—and it’s a hot topic for global industry leaders and governments alike.
In the European Union, there’s a call to conduct adversarial testing in the interests of greater transparency and reporting. The Canadian government and Australian Signals Dir
Data security continues to cause angst and thus the US House of Representatives has reportedly banned congressional staffers from using Microsoft’s AI coding assistant, Copilot. This comes just weeks after Microsoft announced the official public release of AI Copilot on 14 March 2024.
The ban, implemented by the House’s Chief Administrative Officer Catherine Szpindor, reportedly stems from concerns about potential data leakage. According to Axios, Szpindor’s office believes AI Copilot “poses a
How was your Easter bank holiday? Did you use it well by, for instance, preventing a globally destructive cyber-attack? No? Try harder, then. Last weekend, a cautious, longstanding and very nearly successful attempt to insert a backdoor into a widely used piece of open-source software was thwarted, effectively by accident. Below is from Ars Technica.[1] Researchers have found a malicious backdoor in a compression tool that made its way into widely used Linux distributions, including those f
Let’s face it, we are all aware of the ever-increasing cyber risk in both our personal lives, workplace and wider society. As consumers we hand over ever-increasing volumes of valuable personal data in the expectation that organizations will invest in robust cyber security to protect it and keep it secure. Legislation also exists to drive standards through UK General Data Protection Regulation (GDPR) with the potential for up to a 4 per cent fine on global turnover for companies failing to adh
Phishing-as-a-service, or PhaaS, is a cyber threat subscription service, much like any number of other “as a service” types you may be familiar with, such as ransomware-as-a-service. One of the noted early pioneers of this model is BulletProofLink. This operation was taken down by Malaysian law enforcement in November of last year in collaboration with the Australian Federal Police and the FBI.
The general ideal of phishing-as-a-service is that service providers are offering ready-to-use phis
Apple's latest acquisition of yet another AI startup provides insight into the tech giant's plans for artificial intelligence in 2024. The startup, DarwinAI, is a Canadian visual quality inspection business that has developed ways to make AI systems smaller and more efficient. Apple’s CEO Tim Cook has vowed to share more details about the company's AI advancements in 2024, and this latest acquisition of a company that makes AI systems run efficiently on smaller devices could reinforce the idea
ANY.RUN[1] the interactive malware sandbox provider, has issued a warning about BunnyLoader, a rapidly evolving malware written in C/C++. The new version, BunnyLoader 3.0, boasts enhanced capabilities and requires users and organizations to be more vigilant than ever.
Released just in September 2023, BunnyLoader's malicious functions range from exfiltrating credentials to stealing cryptocurrency wallets and dropping additional malware.
Here are some of the key changes introduced in BunnyLoader
The Checkmarx Research team recently discovered an attack campaign targeting the software supply chain, with evidence of successful exploitation of multiple victims. These include the Top.gg GitHub organization (a community of over 170k users) and several individual developers. The threat actors used multiple TTPs in this attack, including account takeover via stolen browser cookies, contributing malicious code with verified commits, setting up a custom Python mirror, and publishing malicious
Most attempts at building a humanoid robot, such as Tesla's Optimus, focus on assisting humans with physical, manual tasks. A company called Figure, https://www.figure.ai, is among the AI robotics startups unsatisfied with just movement. The figure is trying to take its humanoid robots to the next level by integrating language, and the results are quite impressive. The figure has designed their robots for the human world, using the human form. Their robot, Figure 1, combines the human form's
Beginning 7 March 2024, EclecticIQ analysts identified an uncategorized threat actor that utilized a modified version of the open-source information stealer HackBrowserData[1] to target Indian government entities and energy sector. The information stealer was delivered via a phishing email, masquerading as an invitation letter from the Indian Air Force. The attacker utilized Slack channels as exfiltration points to upload confidential internal documents, private email messages, and cached web b
Meta’s decision to close its CrowdTangle division, a tool that tracks content across social media, has raised the ire of more than 100 research and advocacy groups who say it will make it harder to fight disinformation.
Groups including the Mozilla Foundation, the Center for Democracy and Technology and Access Now sent the social media behemoth an open letter Thursday decrying the decision to shutter the unit in August, asking Meta to, at a minimum, invest in CrowdTangle through January. Meta a
On 16 March 2024, Sentinel Labs identified a suspicious Linux binary uploaded from Ukraine. Initial analysis showed surface similarities with the infamous AcidRain wiper used to disable KA-SAT modems across Europe at the start of the Russian invasion of Ukraine (commonly identified by the ‘Viasat hack’ misnomer). Since our initial finding, no similar samples or variants have been detected or publicly reported until now. This new sample is a confirmed variant called ‘AcidPour’, a wiper with si
A sophisticated Brazilian banking Trojan uses a novel method to hide its presence on Android devices. A multi-tooled Trojan cuts apart Brazil's premier wire transfer app. Could similar malware do the same to Venmo, Zelle, or PayPal?
"PixPirate" is multipronged malware specially crafted to exploit Pix, an app for making bank transfers developed by the Central Bank of Brazil. Pix makes a good target for Brazil-nexus cybercriminals since, despite being hardly three years old, it is already integr
Britain’s democracy is under threat from Chinese cyber-attacks, this reported as Parliament was informed on 25 March of this warning after the hacking of voter details and the targeting of several China hawks in Parliament has occurred. The UK’s Deputy Prime Minister, briefed MPs on the cyberthreat from China and is expected to announce reprisals against those believed to be involved, according to government insiders. He pointed the finger at China over an alleged hacking that hit British vote
Leaders of South Florida’s Port Everglades and Port Miami have met with US Coast Guard officials to review cybersecurity programs aimed at reducing the possibility that giant Chinese-made cranes operating at the region’s ports and others in the US pose a national security threat.
In late February, the Biden administration announced it planned to invest billions in the US manufacture of ship-to-shore cranes that transfer millions of tons of cargo annually at major American seaports. The action
