The US Cybersecurity and Infrastructure Security Agency (CISA), on 07 April 2023 added five security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. This includes three high-severity flaws in the Veritas Backup Exec Agent software (CVE-2021-27876, CVE-2021-27877, and CVE-2021-27878) that could lead to the execution of privileged commands on the underlying system. The flaws were fixed in a patch released by Veritas in March 2021.
All Articles (1931)
Sort by
Cloudflare has recently released their Q1 DDoS threat report [5]. Thus, this is a good point for a discussion on DDoS attacks and some of the newer techniques involved with them. First, we’ll get a little bit of a refresher on what DDoS attacks are, how they manifest and how things look when a service is being attacked, and how they can be detected. From there, we’ll go into the typical mechanics of how a DDoS attack takes place and what sort of techniques and methods tend to be involved. Th
Researchers at SentinelLabs have been monitoring a cluster of malicious Office documents that stage Crimson RAT, distributed by APT36 (Transparent Tribe) that target the education sector. Analysts have assessed that this activity is part of the group’s previously reported targeting of the education sector in the Indian subcontinent. Seen was APT36 (also known as Transparent Tribe) introducing OLE embedding to its typically used techniques for staging malware from lure documents and versioned c
As with other sports worldwide, the current National Basketball Association (NBA) scheduling involves technology and IT services, highlighting their critical role in the sports industry. With so much data at their disposal, sports organizations have the power to make informed decisions and improve performance. However, this also makes them a lucrative target for cybercriminals, increasingly targeting the sector.
So, Why Do Sports Organizations Get Hacked? With cyber-attacks occurring daily an
Kaspersky has identified a new trend in phishing techniques, with threat actors increasingly utilizing Telegram to automate their activities and provide various services. In a recent advisory, Kaspersky, one of their web content analysts, revealed that phishers create Telegram channels to educate their audience about phishing and share links to these channels via YouTube, GitHub, and phishing kits. Many channels offer tools to automate malicious workflows, such as generating phishing pages or
This year millions of people have tried and been wowed by artificial-intelligence systems. That is in no small part thanks to OpenAI’s chatbot ChatGPT. When it launched last year, the chatbot became an instant hit among students, many of whom embraced it as a tool to write essays and finish homework. Some media outlets went as far as to declare that the college essay is dead. Alarmed by an influx of AI-generated essays, schools around the world moved swiftly to ban the use of the technology.
It is tax time again in the US. And that means scammers are out there trying to steal your information. Targeting calendar-based events enables threat actors to prepare ahead of time and have a new selection of targets on rotation. This report covers a few examples of malware that take advantage of tax season. Although such attacks may seem repetitive to the casual observer, threat actors would not continue to target taxpayers if previous attacks had not been successful. And they were.[1]
X
In the cryptocurrency ecosystem, coins have a story, tracked in the unchangeable blockchains underpinning their economy. The only exception, in some sense, is a cryptocurrency freshly generated by its owner's computational power. Unsurprisingly, Kim Jong-Un’s North Korean hackers have begun adopting a new trick to launder the coins they steal from victims worldwide and use their dirty, stolen coins in services that allow them to mine innocent new ones.
Recently, cybersecurity investigators pub
The purpose of this report is to detail the artifacts left by a third-party remote access tool during its setup and use. A third-party remote access tool allows people not physically in contact with a device to control, interact with it, and see its screen. Tools that do not allow visual interaction such as PsExec are not included in this study.
The motivation to do this study came from a tweet made by @IcsNick, listing "Remote Admin Tools that are abused by threat actors"1. Indeed, threat ac
Tasmania's Tafe system, the state's Teachers Registration Board and the office of the Commissioner for Children and Young People have been caught up in a recent Tasmanian government data breach, but a security expert says reporting about hack needs to be measured.
On 7 April, the Tasmanian government said 16,000 documents had been released online after hackers accessed data from the Department of Education, Children and Young People through the third-party file transfer service GoAnywhere MFT.
TikTok and its parent company ByteDance will continue to safeguard US user data from China, Erich Andersen, general counsel for TikTok, has confirmed. ByteDance is developing technologies “to make it physically impossible for any government, including the Chinese government, to access US user data,” Andersen made the claims in an interview with The Associated Press (AP) on 31 March 2023.
Our friends at Sentinel Labs have provided a great report on Operation Soft Cell.
Summary
- In Q1 of 2023, Sentinel Labs observed the initial phases of attacks against telecommunication providers in the Middle East.
- We assess that this activity represents an evolution of tooling associated with Operation Soft Cell.
- While it is highly likely that the threat actor is a Chinese cyberespionage group in the nexus of Gallium and APT41, the exact grouping remains unclear.
- Sentinel Labs observed a well-m
Attackers have been abusing legitimate YouTube attribution links and a Cloudflare CAPTCHA to evade detection. Cybersecurity company Vade said the use of YouTube attribution links was a new tactic for bypassing email filters scanning for suspicious redirects.
In a newly discovered phishing campaign, victims receive a spoofed email saying their Microsoft 365 password has expired. The email is personalized and contextualized to create an illusion of legitimacy. Vade researchers noted that the ema
Healthcare companies are using electronic records and tapping digital services more than ever. That is also creating more opportunities for cybercriminals, who already have exposed the private medical information of millions of patients and bolsters the case for the industry to make security priority No. 1, experts say. Healthcare breaches have exposed 385 million patient records from 2010 to 2022, federal records show, though individual patient records could be counted multiple times.
Hacking
A recently identified dark web portal is offering illegal services related to financial fraud, identity theft, and money laundering. Named the Styx Marketplace, the portal offers data dumps, cash-out services, fake and stolen IDs, SIM cards, multi-factor authentication bypass solutions, banking malware, and other types of illegal services. Initially mentioned on the dark web in early 2022, the marketplace opened in January 2023, following an escrow module for brokering transactions between cyb
In the era of cyber wars, AI, and drones, wars are still being fought with 20th-century weapons that require massive amounts of ammunition. Russia is sending a delegation to North Korea to offer food in exchange for weapons, US national security spokesman. He said any arms deal between North Korea and Russia would violate UN Security Council resolutions. The US has previously accused North Korea of supplying arms to the Russian military in Ukraine and the Wagner group of Russian mercenaries.
Specifically, water controllers for irrigating fields in Israel’s Jordan Valley were damaged, as were control systems for the Galil Sewage Corporation. Hackers are shutting down the water for both irrigation and sewage control systems. The management for both major systems was scurrying all day on 9 April morning to work through the issue and bring these vital systems back into full operation. The specific source of the cyber-attack is currently unknown.
Cyber-attack warnings - Farmers in thi
An inconspicuous office is in Moscow’s north-eastern suburbs. A sign reads: “Business Centre.” Nearby are modern residential blocks and a rambling old cemetery, home to ivy-covered war memorials. The area is where Peter the Great once trained his mighty army. Inside the six-story building, a new generation is helping Russian military operations. Its weapons are more advanced than those of Peter the Great’s era, not pikes and halberds, but hacking and disinformation tools.[1]
The software en
When investigating any crime, finding the motive or the reason for an individual committing the crime, is essential to finding the suspect. There are many reasons, or motives for criminal activity: greed, envy, need, mental illness or revenge are common motivations. So, who killed Bob Lee in San Francisco?
Tech entrepreneur Bob Lee left San Francisco in October amid concerns over public safety and then returned on business and found himself pleading for help in a 911 call after sustaini
It is one of China’s most popular shopping apps, selling clothing, groceries and just about everything else under the sun to more than 750 million users a month. But according to cybersecurity researchers, it can also bypass users’ cell phone security to monitor activities on other apps, check notifications, read private messages and change settings. And once installed, it’s tough to remove.
While many apps collect vast troves of user data, sometimes without explicit consent, experts say e-com
