X-Industry

The cloud hack tool scene is highly intertwined, with many tools relying on one another’s code.  This is particularly true for malware families like AlienFox, Greenbot, Legion, and Predator, which share code from a credential scraping module called Androxgh0st.  Analysts identified a tool that is related but distinct from these families.  FBot is a Python-based attack tool with features to target web servers and cloud services as well as Software-as-a-Service (SaaS) technologies, including:

• Ama

Artificial intelligence and machine learning technologies are helping the National Security Agency (NSA) and other US government agencies detect malicious Chinese cyber activity; a top US intelligence official stated recently that indicates how US security agencies are using AI to improve computer defenses.

Speaking on 09 January 2024 at the International Conference on Cyber Security at Fordham University, Rob Joyce, the director of the NSA Cybersecurity Directorate, said that AI is helping his

The recently discovered Ivanti Connect Secure zero-day vulnerabilities could impact thousands of systems and the threat actors caught exploiting them appear to have been preparing for the release of patches. https://www.ivanti.com Cyber threat investigators warned on 10 January 2024 that it had seen threat actors likely connected to China tracked as UTA0178 exploiting two previously unknown vulnerabilities in Ivanti Connect Secure (ICS) VPN devices to gain access to internal networks, with the g

FortiGuard Labs recently discovered a threat group using YouTube channels to distribute a Lumma Stealer variant.  Analysts found and reported on a similar attack method via YouTube in March 2023.  These YouTube videos typically feature content related to cracked applications, presenting users with similar installation guides and incorporating malicious URLs often shortened using services like TinyURL and Cuttly.  To circumvent straightforward web filter blacklists, the attackers exploit open-sou

For over a decade, the Security and Exchange Commission (SEC) has been working with corporations and their many stakeholders to seek ways to appropriately influence corporate governance around cybersecurity. On 26 July 2023, the SEC voted to implement new rules for all publicly traded corporations.[1] [2]  

In 2011, the SEC issued guidance to help companies understand they should take responsibility for reducing cyber risk.  This was guidance vice formal regulation, but it helped raise awareness

Even as the New Year approached and the world celebrated the festive Christmas season, the cybercriminal community did not pause their activities.  Instead, they marked the holiday season in their unique way.  On Christmas Eve, Resecurity observed multiple actors on the Dark Web releasing substantial data dumps.  These resulted from data breaches and network intrusions to various companies and government agencies.  Numerous leaks disseminated in the underground cyber world were tagged with 'Free

An official at the Bangladesh Election Commission has claimed that a cyber-attack “from Ukraine and Germany” caused an election information app to crash as voters went to the polls on 8 January.  There has not been an allegation that the incident affected votes in the country, where incumbent Prime Minister Sheikh Hasina secured her fourth straight term in office after a record low turnout, as reported by BBC News.

Hasina, who has held power since 2009, is currently the longest-serving female he

Coop, one of Sweden's largest supermarket chains, said it is dealing with a cyberattack affecting stores in the county of Värmland.  A ransomware gang named Cactus claimed it attacked the company on 29 December and in a statement to Recorded Future News, a spokesperson explained that Coop Värmland was the target of the attack.

Coop runs consumer cooperative-owned grocery stores throughout Sweden, and Coop Värmland is collectively owned by that county’s nearly 300,000 residents.  The Värmland bra

Cyber-attacks targeting Web3 cost organizations $1.84bn in 2023 across 751 incidents, according to Certik’s Hack3d: The Web3 Security Report 2023.  The average cost per incident was $2.45m in 2023.  However, there was a wide disparity between the losses suffered, with the 10 most costly attacks alone accounting for $1.11bn. The highest costs occurred in Q3, where $686.5m was lost from 183 hacks.

The report, which examined hacks, scams, and exploits in the entire Web3 industry, found there was a

Recently, executives from SentinelOne, Protect AI and IBM Consulting provided lawmakers on the cybersecurity and infrastructure protection subcommittee with a laundry list of recommendations to better combat AI threats.  Attacks by malicious hackers using artificial intelligence could swamp smaller companies that are already overwhelmed by cybercrime, experts warned lawmakers during a congressional hearing on 26 December 2023.[1]

Testifying before the House Homeland Security and Governmental Aff

The Russia-based actor Star Blizzard (formerly known as SEABORGIUM, also known as Callisto Group/TA446/COLDRIVER/TAG-53/BlueCharlie) continues to successfully use spear-phishing attacks against targeted organizations and individuals in numerous global geographical areas of interest for information-gathering activity.

The UK National Cyber Security Centre (NCSC), the US Cybersecurity and Infrastructure Security Agency (CISA), the US Federal Bureau of Investigation (FBI), the US National Security

China-linked hackers continue to target Barracuda Email Security Gateway (ESG) https://www.barracuda.com appliances, with recent attacks involving exploitation of a new zero-day vulnerability.  It was reported in May 2023 that a Barracuda ESG zero-day tracked as CVE-2023-2868 had been exploited since at least October 2022 to deliver malware and steal data from a limited number of organizations that had been using the email security product.  In June 2023, researchers attributed the attacks with

Standing at 6 feet 2 inches (188 centimeters) tall and weighing 300 pounds (136 kilograms), NASA's humanoid robot Valkyrie is an imposing figure.  Valkyrie, named after a female figure in Norse mythology and being tested at the Johnson Space Center in Houston, Texas, is designed to operate in "degraded or damaged human-engineered environments," like areas hit by natural disasters, according to NASA.  Robots like her could also one day operate in space.[1]

A humanoid robot resembles a person, typ

The mass outage of Ukrainian mobile and internet provider Kyivstar on December 12 last year has now been attributed to the Russian state-sponsored Sandworm group by Ukraine’s Security Service (SBU).  The attack resulted in a total outage of the networks provided by Kyivstar, which included several early-warning attack systems and caused a surge in traffic on other network providers in Ukraine as people sought alternative means of connectivity.  It has now been determined that the group were ling

The US military’s secretive X-37B robot spaceplane has blasted off from Florida on its seventh mission, the first launched atop a SpaceX Falcon Heavy rocket capable of delivering it to a higher orbit than ever before.  As on previous missions, there are no humans on board the reusable plane, which resembles a mini space shuttle and carries classified experiments.  The Falcon Heavy, composed of three rocket cores strapped together, took off from NASA’s Kennedy Space Center at Cape Canaveral more

The banking malware known as Carbanak has been observed to be used in ransomware attacks with updated tactics.  The malware has adapted to incorporate attack vendors and techniques to diversify its effectiveness.  Carbanak returned in November 2023 through new distribution chains and has been distributed through compromised websites to impersonate various business-related software.

See:  https://redskyalliance.org/Finance/never-take-malware-from-strangers

Some impersonated tools include popular

Nation-state cyber threat actors affiliated to North Korea have been observed using spear-phishing attacks to deliver an assortment of backdoors and tools such as AppleSeed, Meterpreter, and TinyNuke to seize control of compromised machines.  The South Korea-based cybersecurity company AhnLab attributed the activity to an advanced persistent threat group known as Kimsuky.  "A notable point about attacks that use AppleSeed is that similar methods of attack have been used for many years with no si

A Tesla software engineer suffered severe injuries when he was attacked by a malfunctioning robot on the floor of the electric car maker’s factory in Austin, Texas.  Witnesses said that the robot, which was designed to move aluminum car parts, pinned the engineer and sank its metal claws into his back and arm, leaving a trail of blood along the floor.  The engineer was programming software that controls robots to cut car parts from freshly cast aluminum pieces.

While two of the robots were disab

Cybersecurity researchers at Deep Instinct Lab have revealed a new series of cyberattacks by ‘UAC-0099,’ specifically targeting Ukrainians.  These attacks employ common tactics, such as using fabricated court summons to entice targets into executing malicious files.

The group’s activities were initially revealed in May 2023 through the Ukrainian CERT advisory ‘#6710,’ and Deep Instinct has now provided exclusive insights into their latest attack.

According to a blog post from the company, on Dec

A Microsoft representative announced on 28 December 2023 that it is again disabling the ms-appinstaller protocol handler by default following its abuse by multiple threat actors to distribute malware.  "The observed threat actor activity abuses the current implementation of the ms-app installer protocol handler as an access vector for malware that may lead to ransomware distribution," the Microsoft Threat Intelligence team said.  It further noted that several cybercriminals are offering a malwar