A recent FBI report smishing attempts, which send text messages purporting to be from employees or company leadership to induce individuals to reveal personal information. Actors conducting this scheme typically try to elicit financial information, personal identifiable information (PII), credentials, or details about a company and/or its employees. The criminal threat actors in these instances are attempting to solicit and/or steal various types of information which could be used for financia
All Articles (1953)
Sort by
If you keep feeding the local stray cat, it will never go away. Like malware, if you don’t stomp it out, it keeps harassing you. The threat actors behind BlackCat ransomware have developed an improved variant that prioritizes speed and stealth to bypass security guardrails and achieve their ransom objectives. The new version, Sphynx, and announced in February 2023 and includes updated capabilities that strengthen the group's efforts to evade detection. The "product" update was first highligh
A tractor beam is a device with the ability to attract one object to another from a distance. The concept originates in fiction: The term was coined by E. E. Smith (an update of his earlier "attractor beam") in his novel Spacehounds of IPC (1931). Since the 1990s, technology and research has labored to make it a reality, and have had some success on a microscopic level. Less commonly, a similar beam that repels is called a pressor beam or repulsor beam. Gravity impulse and gravity propulsion bea
The human element is near and dear to my heart in the world of Cyber Security. As cyberattacks intensify, more and more organizations recognize the need to have a strong security culture for all employees. This cyber-aware workforce is a necessary addition to a skilled and knowledgeable security team and the use of advanced cybersecurity solutions. Employees who know how to practice good cyber hygiene are increasingly seen as a crucial line of defense.
Bolstering cyber defenses will be import
According to industry experts, predictions about the BRICS countries as the fastest-growing economies have not happened. Instead, the alliance now offers a diplomatic forum and development financing outside the Western mainstream. The acronym began as an optimistic term to describe countries with fast-growing economies at the time. But now the BRICS nations, Brazil, Russia, India, China, and South Africa, are setting themselves up as an alternative to existing international financial and polit
ChatGPT is a large language model (LLM) falling under the broad definition of generative AI. The sophisticated chatbot was developed by OpenAI using the Generative Pre-trained Transformer (GPT) model to understand and replicate natural language patterns with human-like accuracy. The latest version, GPT-4, exhibits human-level performance on professional and academic benchmarks. Without question, generative AI will create opportunities across all industries, particularly those that depend on l
British Airways; Boots, a British health/beauty retailer and pharmacy chain; and the BBC are investigating the potential theft of personal details of staff after the companies were hit by a cyber-attack attributed to a Russia-linked criminal gang. British Airways (BA) confirmed it was one of the companies affected by the hack, which targeted software called MOVEit used by Zellis, a payroll provider. “We have been informed that we are one of the companies impacted by Zellis’s cybersecurity inc
A vulnerability has been discovered in Progress Moveit Transfer, which could allow for potential unauthorized access to the environment, escalated privileges, and remote code execution. MOVEit Transfer is a managed file transfer software that allows the enterprise to securely transfer files between business partners and customers using SFTP, SCP, and HTTP-based uploads. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; o
US and South Korean intelligence agencies have issued a new alert warning of North Korean cyber actors' use of social engineering tactics to strike think tanks, academia, and news media sectors. The "sustained information gathering efforts" have been attributed to a state-sponsored cluster called Kimsuky, which is also known by the names APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet (previously Thallium), Nickel Kimball, and Velvet Chollima. Active guys….. "North Korea relies heavily on in
The Shadow Force group is a threat group that has been active since 2013, targeting corporations and organizations in South Korea. Trend Micro revealed the first analysis report in September 2015, where it stated that a Korean media-related company had been attacked. In March 2020, AhnLab published an analysis report on Operation Shadow Force. It was introduced as a single campaign a there was the possibility of it being activies of an existing threat group. However, no relevant threat group
The United States and international cybersecurity authorities are issuing this joint Cybersecurity Advisory (CSA) to highlight a recently discovered cluster of activity of interest associated with a People’s Republic of China (PRC) state-sponsored cyber actor, also known as Volt Typhoon. Private sector partners have identified that this activity affects networks across US critical infrastructure sectors, and the authoring agencies believe the actor could apply the same techniques against these
As the digital realm expands and thrives, so does the perverse world of cybercrime. If current trends continue, the annual cost of cyber-attacks is projected to escalate to $10.5 trillion by 2025, a staggering 300% increase from 2015.
Faced with this ongoing cyber assault, organizations worldwide are expected to shell out $1.75 trillion on cybersecurity measures from 2021 to 2025, which represents 15% year-over-year growth. Yet even this may not be enough to combat the problem. A recent surve
Cyber security researchers identified a new information-stealing malware that targets browsers and cryptocurrency wallets. Although the malware, called Bandit Stealer, has only targeted Windows systems so far, it has the potential to expand to other platforms such as Linux. What makes Bandit Stealer particularly dangerous is that it’s difficult for victims to detect, researchers at Trend Micro wrote in a report published last week.
For example, Bandit Stealer can bypass Windows Defender, a sec
Researchers have uncovered malware designed to disrupt electric power transmission that may have been used by the Russian government in training exercises for creating or responding to cyberattacks on electric grids.
Known as CosmicEnergy, the malware has capabilities that are comparable to those found in malware known as Industroyer and Industroyer2, both of which have been widely attributed by researchers to Sandworm, the name of one of Russia’s most skilled and cutthroat hacking groups. Sand
While many associate Veterans Day and Memorial Day with service, the two are not the same. Veterans Day is a celebration of those who serve and have served. Memorial Day is a solemn day to reflect on veterans and military personnel who are deceased.[1]
The US Memorial Day was originally called Decoration Day and began during the US Civil War when citizens placed flowers on the graves of those who had been killed in battle. The Civil War produced more than 620,000 military deaths, roughly 2 pe
A maritime VSAT (Very Small Aperture Terminal) is a two-way satellite internet terminal which receives and transmits real-time data via satellites. It is vital for many vessels to maintain a high-speed, reliable connection while offshore. In addition to the importance of connectivity for operations, it also serves a key crew welfare role. However, VSAT also presents cyber threats to vessels, due to the value of the data they transmit and their role as attack vectors for other technology on bo
Around the time that the US Federal Bureau of Investigation (FBI) was examining the equipment recovered from the wreckage of the Chinese spy balloon shot down off the South Carolina coast in February, American intelligence agencies and Microsoft detected what they feared was a more worrisome intruder: mysterious computer code that has been popping up in telecommunications systems in Guam and elsewhere in the US.
The code, which Microsoft said was installed by a Chinese government hacking group,
FortiGuard Labs discovered an ongoing threat campaign targeting YouTube viewers searching for pirated software earlier this month. Videos advertising downloads of “cracked” (aka pirated) software are uploaded by verified YouTube channels with a large number of subscribers. Victims are led to execute malicious binaries that install multiple malware into their systems focused on harvesting credentials, cryptojacking, and stealing cryptocurrency funds from wallets.
While investigating this campai
On 23 May 2023, US authorities in CISA, the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) published an updated version of the #StopRansomware Guide. Ransomware actors have accelerated their tactics and techniques since its initial release in 2020 and this guide will assist in helping cyber prevention. The update incorporates lessons learned from the past two years and includes additional recommend
Multiple vulnerabilities have been recently discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those with administrative user rights.[1]
THREAT
