The Internet continues to expand and connect more devices every minute. The number of connected devices is now over 10 billion, so the need for effective cyber threat intelligence sharing has never been greater. Cyber-attacks have increased in frequency and sophistication, presenting significant challenges for organizations that must defend their data and systems from capable threat actors. Cyber threat information is any information that can help an organization identify, assess, monitor, a
All Articles (1933)
Sort by
FortiGuard Labs has encountered new samples of the RapperBot campaign active since January 2023. RapperBot is a malware family primarily targeting IoT devices. It has been observed in the wild since June 2022. FortiGuard Labs reported on its previous campaigns in August 2022 and December 2022. Those campaigns focused on brute-forcing devices with weak or default SSH or Telnet credentials to expand the botnet’s footprint for launching Distributed Denial of Service (DDoS) attacks.
In this camp
The US government and several other countries have been grappling with a key question over the last year: Should ransomware payments be banned, with select waivers available for special situations?
Speaking at a Ransomware Task Force event on Friday, White House Deputy National Security Adviser Anne Neuberger said ransomware payment bans have been a topic of discussion among members of the Counter Ransomware Initiative, which she said has evolved rapidly since it was created in 2021.
According t
FortiGuard Labs researchers have come across a file name or e-mail subject that makes us sit up and take notice. Of course, it may turn out to be nothing. But every once in a while, one of these turns out to be incredibly interesting.
We recently came across one such file that referenced an Indian state military research organization and an in-development nuclear missile. The file was meant to deploy malware with characteristics matching the APT group “SideCopy.” With activities dating back t
The cost of cybercrime is expected to hit $8 trillion in 2023 and grow to $10.5 trillion by 2025. In a world where sophisticated hackers find creative new ways to pounce, companies constantly try to stay ahead and not become the latest cyberattack headline. Skilled cybersecurity professionals are in demand, investments in cybersecurity technologies are at all-time highs, and state and national regulations abound. The US government issued a new cybersecurity strategy memo in early March, calli
When you transfer data from an Android to an iOS device, the Move to an iOS app is the go-to solution for any mobile user. However, many users have complained that this app doesn’t work at the final step when importing backup. Or some data is not completely transferred. So, is there an alternative to the Move to iOS app that is safe, secure, and capable of doing the job?
IToolab WatsGo fits the description of a worthy solution pretty well. We have discussed its features and working, too. Thi
Almost everyone in 2023 has some level of computing power. From smart phones to laptops and now the rising computer technology in ICE and EV cars, all are touched by computers. All these variations of computing technology need one critical component – electricity. The current question is being batted around by experts – can our current electric generation and grid handle the quickly rising demand for electric power? Belden Inc. presented a recent White Paper on the New Class 4 Electric Syste
A recent analysis by cyber threat investigators of over 70 billion DNS records has led to the discovery of a new sophisticated malware toolkit named Decoy Dog targeting enterprise networks. Decoy Dog, as the name implies, is evasive and employs techniques like strategic domain aging and DNS query dribbling, wherein a series of queries are transmitted to the command-and-control (C2) domains not to arouse any suspicion.
Decoy Dog is a cohesive toolkit with several highly unusual characteristics t
The ongoing Magecart campaign has attracted the attention of cybersecurity researchers for leveraging realistic-looking fake payment screens to capture sensitive data entered by unsuspecting users. The cyber threat actor used original logos from the compromised store and customized a web element known as a modal to hijack the checkout page perfectly. Interestingly, the “skimmer” page looks more authentic than the original payment page. It must be the improved graphics.[1]
The term Magecart is
Sword2033
The Chinese nation-state group named Alloy Taurus is using a Linux variant of a backdoor called PingPull as well as a new undocumented tool codenamed Sword2033. That is according to findings from Palo Alto Networks Unit 42, which discovered recent malicious cyber activity carried out by the group targeting South Africa and Nepal.
Alloy Taurus is the constellation-themed moniker assigned to a threat actor that is known for its attacks targeting telecom companies since at least 2012. I
Europol reveals German law enforcement was behind the ‘Monopoly Market’ takedown. Europol announced on 2 May 2023 that 288 suspects involved in drug trafficking on the Darknet marketplace “Monopoly Market” have been arrested globally following an unannounced takedown in December 2021. The announcement is the first confirmation that Monopoly Market’s disappearance was the result of law enforcement action.
Users across multiple forums had previously expressed concerns about being victims of an e
During the dark days of COVID-19, the transfer from office to remote working cybersecurity was often neglected so that businesses could just “stay in business.” Even after a couple years, common sense tells us that companies would have caught up with cybersecurity. There are three business scenarios: those that have been attacked, those that do not know they have been attacked, and those that are going to be attacked.
The risks are high with research showing the average cost of an IT security
The German IT service provider BITMARCK announced on 30 April it had taken all its systems offline due to a cyberattack. The incident impacted statutory health insurance companies that have their IT operated by BITMARCK. The company immediately reported the incident to the responsible authorities.[1]
The company did not disclose details about the attack, it launched an investigation into the incident with the help of external cybersecurity experts.
“BITMARCK has identified a cyber-attack. Our
UNIZA Ransomware - Researchers recently came across a new ransomware variant called UNIZA. Like other ransomware variants, it encrypts files on victims’ machines to extort money.
It uses the Command Prompt (cmd.exe) window to display its ransom message, and interestingly, it does not append the filename of the files it encrypts, making it more difficult to determine which files have been impacted.[1]
Infection Vector - Information on the infection vector used by the UNIZA ransomware threat ac
South Korean education, construction, diplomatic, and political institutions are at the receiving end of new attacks perpetrated by a China-aligned threat actor known as the Tonto Team. "Recent cases have revealed that the group is using a file related to anti-malware products to ultimately execute their malicious attacks," the AhnLab Security Emergency Response Center (ASEC) said in a report published this week.
Tonto Team, active since at least 2009, has a track record of targeting various se
The recent attention paid to the chatbot AI program known as ChatGPT, from OpenAI, and its successor technology, GPT-4, the programs are, at the end of the day, just software applications. And like all applications, they have technical limitations that can make their performance sub-optimal.
See: https://redskyalliance.org/xindustry/chatgpt-review
In a paper published in March 2023, artificial intelligence (AI) scientists at Stanford University and Canada's MILA Institute for AI proposed a tec
The Five Eyes agencies recently issued cybersecurity guidance and best practices for smart cities. The document describes potential risks and provides recommendations for addressing them. Those readers who do not follow the novels Tom Clancy and John le Carre may not be familiar with The Five Eyes. The Five Eyes are the intelligence agencies of the US, Canada, Britain, Australia, and New Zealand that share intelligence.[1]
Smart cities integrate Information and Communication Technologies (IC
Our friends from SentinelOne shared some great AI insights from last week’s RSAC 2023. RSAC yet again provided plenty of cutting-edge information as vendors across the cybersecurity space made announcements and revealed new features, services, and products designed to help defenders keep their enterprises safe.[1]
Among these, SentinelOne’s Purple AI is set to be a game-changer as it brings LLM-powered conversational AI to the Singularity platform, allowing threat hunters to replace complex, st
Ransomware, which was a novelty just a few years ago, is now endemic. We will have to learn to live with the malicious file-encrypting code, even as we all struggle to limit it. Why this matters: Ransomware attacks, which take an organization's data hostage and shut down its systems until the hackers receive payment, have exacted an escalating price on law enforcement, policymaking and financial resources around the world.
Ransomware remains the top cyber threat on the minds of cyber defenders
“There is nothing wrong with your television set. Do not attempt to adjust the picture. We are controlling transmission. If we wish to make it louder, we will bring up the volume. If we wish to make it softer, we will tune it to a whisper. We will control the horizontal. We will control the vertical. We can roll the image, make it flutter. We can change the focus to a soft blur, or sharpen it to crystal clarity. For the next hour, sit quietly and we will control all that you see and hear.
