X-Industry

Cybersecurity researchers have found a new piece of evasive malware named “Beep” (just one Beep) designed to operate undetected and deliver additional payloads onto a compromised host.  The authors of this malware were trying to implement as many anti-debugging and anti-VM (anti-sandbox) techniques as they could find, reported investigators.  One such technique involved delaying execution through the Beep API function, hence the malware's name.[1]

All PCs previously shared an 8254 programmable i

Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution.  Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user.  Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.  Users whose accounts are configured to have few

The cyber threat landscape is very fluid, with cybercriminals constantly adjusting tactics to stay ahead of organizations. Commoditization is also making cybercrime easier through the use of toolkits.  

Cybercrime has never been more accessible for opportunistic criminals.  The proliferation of cybercrime marketplaces has seen collaboration increase, but also means hacking tools are more available than ever.  In fact, 76 percent of malware kits are on sale for less than £10. These marketplaces h

Four out of five (79%) businesses make most cyber security decisions without insights into the threat actor targeting their infrastructures.  The claims come from Google-owned threat analytics company Mandiant, which has also said that while 67% of cybersecurity decision makers believe senior leadership teams still underestimate cyber-threats, 68% agree their organization needs to improve its understanding of the threat landscape.[1]

The data in Mandiant's Global Perspectives on Threat Intellige

Qakbot was first observed in 2008.  While it was originally a banking trojan, it has evolved   over   time   to   include   gaining   access, dropping  additional malware,   and performing other data-stealing, ransomware, and malicious activities   across a network.

QakNote is the name of the new QakBot campaign.  It was first reported by Cynet researcher, Max Malyutin, on Twitter, who explained that threat actors were experimenting with a new Distribution method to replace the former use of ma

Back in the 1960’s there was a popular American TV derived band called the Monkees.  Then in Australia, there was first ‘The Three Drunk Monkey’s’ – now it’s just called The Monkey’s.  The Monkey’s is a creative solutions company that create advertising, entertainment and technology products.  Monkey clients include The University of Sydney, Telstra, IKEA, UBank and Parmalat.   The Monkey’s are now working close with Telstra in a new device cyber security campaign.[1] 

When it comes to the cyber

With the average cost of cars being close to buying a small house, auto financing is almost always required for most buyers.  Digital retailing is here to stay in the automotive industry, and it is growing exponentially.  While many think the auto industry is most worrying about getting inventory levels back to normal, their primary concern is fraud in digital retailing and the subsequent threat of profit erosion.   According to industry estimates, approximately one out of every five car buyers

With many countries assisting Turkey and Syria in earthquake response, hackers are in the process of trying to disrupt the communication processes.  The Russian hacktivist collective Killnet has carried out a series of distributed denial of service (DDoS) attacks against NATO, causing temporary disruption to some of the military alliance’s public-facing websites.  The Killnet operation had previously said through its closed channel on the encrypted Telegram service that it was initiating attacks

With Valentine’s Day quickly approaching, threat actors will be attempting to prey on individuals seeking companionship or romance.  Our friends at the NJCCIC continues to receive reports of sextortion incidents in which victims are threatened with the release of compromising or sexually explicit photos or videos if an extortion payment is not made.  Some sextortion threats are not credible, as threat actors are unable to provide proof of such photos or videos.  However, there is an increase in

An information and hacking campaign, called Ghostwriter, with links to a foreign state has potentially had a "significant cumulative impact" over many years, according to a report from Cardiff University.  The findings, from the Security, Crime and Intelligence Innovation Institute, provide the most comprehensive picture to date of the activities of the so-called Ghostwriter campaign.

Tracking its evolving activities via open-source data, the report demonstrates how it has impersonated multiple

CISA Summary - Note: #StopRansomware is an CISA effort to publish advisories for network defenders that detail various ransomware variants and various ransomware threat actors.  These #StopRansomware advisories detail historically and recently observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware.  Visit stopransomware.gov to see all #StopRansomware advisories and to learn about other ransomware threats and no-cos

The Russian hacking group known as 'Nodaria' (UAC-0056) is using a new information-stealing malware called 'Graphiron' to steal data from Ukrainian organizations.  The Go-based malware can harvest a wide range of information, including account credentials, system, and app data.  The malware will also capture screenshots and exfiltrate files from compromised machines.  Symantec's threat research team discovered that Nodaria has been using Graphiron in attacks since at least October 2022 through m

If you have ever sat and read an entire insurance policy, you are fully aware of the use of specific words and definitions and how the words apply to the coverage.  The definition of “war” and “cyber-war” are at issue.  Property policies' war exclusions were designed to apply to any type of nation-state attack, including cyber events, insurers told a New Jersey appellate panel on 8 February in a battle over whether Merck has coverage for $1.4 billion in losses stemming from the 2017 NotPetya cyb

The first Linux variant of the Clop ransomware was rife with issues that allowed researchers to create a decryptor tool for victims.  SentinelOne said it observed the first Clop (also stylized as Cl0p) ransomware variant targeting Linux systems on 26 December 2022.  Clop has existed since about 2019, targeting large companies, financial institutions, primary schools and critical infrastructure across the world. After the group targeted several major South Korean companies like e-commerce giant E

Our friends at the State of NJ, NJCCIC has provided a valuable alert - Vulnerable VMware ESXi Servers Targeted in Ransomware Attacks.  

Ransomware groups are actively exploiting a 2-year-old heap-overflow vulnerability, CVE-2021-21974 (CVSS v3.1 8.8), affecting OpenSLP used in VMware ESXi servers for versions 6.x and prior to 6.7, though threat actors may be leveraging other vulnerabilities or attack vectors, as earlier builds of ESXi appear to have also been compromised.  European cybersecurity

Future Shock was a book from the 1970’s that referenced what happens when people are no longer able to cope with the pace of change.  Whether you have noticed it or not, artificial intelligence (AI) is currently impacting every industry and almost every aspect of life.  AI-powered tools can now create legal documents, write reports and even teach you about a specific topic from a simple text prompt.   AI is even being used to assist with fraud detection, diagnose diseases and help with ensuring

With historic inflation, rising prices, the escalating Ukraine conflict, and massive job losses in banking and tech, policymakers and executives are stretched to deliver a recovery agenda to get the world back to normal.

Most have little bandwidth for yet more problems to solve, like the impending perils faced by cyber threats.  Sadie Creese, a Professor of Cyber Security at the University of Oxford, said, “There's a gathering cyber storm and it's really hard to anticipate just how bad that will

A ransomware attack that hit ION Trading UK could take days to fix, leaving scores of brokers unable to process derivatives trades.  ION Group, the financial data firm's parent company, said in a statement on its website that the attack began last week.  "The incident is contained to a specific environment, all the affected servers are disconnected, and remediation of services is ongoing," ION Group said.  Ransomware is a form of malicious software deployed by criminal gangs which works by encry

A few weeks ago, Hackread.com reported about a malware-infected Android TV box available on Amazon: the T95 TV box.[1]  The box contained pre-installed malware, which was discovered by a Canadian developer and security systems consultant.   Now the same TV box is in the news again, and the person who has identified security threats is a Malwarebytes mobile malware researcher.  He purchased this device from Amazon to further probe and instantly realized something was off about this TV box.  He di