All Articles (1892)

Sort by

12365719674?profile=RESIZE_400xSeveral US federal agencies published a guide of cybersecurity best practices for the water and sanitation sector following criticism from a US government watchdog about the government’s work with the industry.  This past week, the US Environmental Protection Agency (EPA) partnered with the FBI and Cybersecurity and Infrastructure Security Agency (CISA) to release a manual providing the water industry with more information on cyber incident response as well as the roles, resources and responsibi

12365706852?profile=RESIZE_400x

Below is a research and analysis of the PixieFAIL by the researchers at QuarksLab.  Nine vulnerabilities that affect EDK II, the de-facto open source reference implementation of the UEFI specification and possibly all implementations derived from it.  The vulnerabilities are present in the network stack of EDK II and can be exploited during the network boot process.[1]

Network boot is a standard feature on enterprise computers and servers. Using network boot to load an OS image from the network

12364136897?profile=RESIZE_400xHigh-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the UK, and the US have been targeted by an Iranian cyber espionage group called Mint Sandstorm since November 2023.  The threat actor "used bespoke phishing lures in an attempt to socially engineer targets into downloading malicious files," the Microsoft Threat Intelligence team reported in a recent analysis, describing it as a "technically and operationally ma

12364604453?profile=RESIZE_400xThe operators behind the now-defunct Inferno Drainer created more than 16,000 unique malicious domains over a span of one year between 2022 and 2023.  The scheme leveraged high-quality phishing pages to lure unsuspecting users into connecting their cryptocurrency wallets with the attackers' infrastructure that spoofed Web3 protocols to trick victims into authorizing transactions.  A crypto drainer is a malicious tool or script specially designed to transfer or redirect cryptocurrency from a vict

12057871866?profile=RESIZE_400x

Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate

12364361673?profile=RESIZE_400xThe proper eyewear can be a game-changer for IT professionals who spend their working life in front of screens.  In a recent interview Anthony Czajkowski, a licensed optician and an eyewear industry veteran for more than 30 years with his optometry practice at the Omega Eye Center in Coral Springs, Florida, offers his opinions.

Progressive lenses, the basis for technology lenses, have a long history. In 1959, multifocal technology was revolutionized when French engineer Bernard Martinez invented

12360858262?profile=RESIZE_400xIf you used the investing app Robinhood, you could qualify for part of a $20 million class action settlement resolving allegations that the investment app's negligence led to personal information being leaked.  Robinhood's cybersecurity system "lacks simple and almost universal security measures used by other broker-dealer online systems, such as verifying changes in bank account links," according to a February 2021 complaint.

If your Robinhood account was accessed by unauthorized users between

12364134874?profile=RESIZE_400xTraditional password-only authentication systems have proven to be vulnerable to a wide range of cyberattacks.  To safeguard critical business resources, organizations are increasingly turning to multi-factor authentication (MFA) as a more robust security measure. MFA requires users to provide multiple authentication factors to verify their identity, providing an additional layer of protection against unauthorized access.  Cybercriminals are constantly investigating ways to bypass MFA systems. O

12361108271?profile=RESIZE_400xCybersecurity researchers have identified an updated version of a macOS information stealer called Atomic (or AMOS), indicating that the threat actors behind the malware are actively enhancing its capabilities. It looks like Atomic Stealer was updated around mid to late December 2023, where its developers introduced payload encryption to bypass detection rules.

Atomic Stealer first emerged in April 2023 for a monthly subscription of $1,000. It's capable of harvesting sensitive information from a

12361106501?profile=RESIZE_400xThe least surprising headline from 2023 is that ransomware again set new records for a number of incidents and the damage inflicted.  There were new headlines every week, which included  big name organizations:  MGM, Johnson Controls, Chlorox, Hanes Brands, Caesars Palace, and so many others.

Phishing-driven ransomware is the cyber threat that looms larger and more dangerous than all others.  CISA and Cisco report that 90% of data breaches are the result of phishing attacks and monetary losses t

12361104093?profile=RESIZE_400xAI integration was a key focus of the Consumer Electronics Show or CES 2024 and one company is taking that experience mobile with an always connected e-bike that serves as the hub for interactions, coaching, and fitness data collection.

A reviewer tested a carbon fiber e-bike from Urtopia https://newurtopia.com that had smart-riding features embedded in its dot-matrix display controller.  At the time, the functionality was basic and focused on enhancing the riding experience. Since then, Urtopia

12360793883?profile=RESIZE_400xJPMorgan Chase reported this past week that bank deals have a massive onslaught of hackers trying to commit system breaches on a daily basis.  "There are people trying to hack into JPMorgan Chase 45 billion times a day," she said, calling those occurrences "2x what it was last year."  Chase said the bank, which puts $15 billion toward cyber security and technology each year, has thwarted the daily efforts of such hackers.

These comments, at Davos 2024, coincidentally came in conjunction of an Al

12360836267?profile=RESIZE_400xThe cloud hack tool scene is highly intertwined, with many tools relying on one another’s code.  This is particularly true for malware families like AlienFox, Greenbot, Legion, and Predator, which share code from a credential scraping module called Androxgh0st.  Analysts identified a tool that is related but distinct from these families.  FBot is a Python-based attack tool with features to target web servers and cloud services as well as Software-as-a-Service (SaaS) technologies, including:

  • Ama

12360567483?profile=RESIZE_400xArtificial intelligence and machine learning technologies are helping the National Security Agency (NSA) and other US government agencies detect malicious Chinese cyber activity; a top US intelligence official stated recently that indicates how US security agencies are using AI to improve computer defenses.

Speaking on 09 January 2024 at the International Conference on Cyber Security at Fordham University, Rob Joyce, the director of the NSA Cybersecurity Directorate, said that AI is helping his

12360131300?profile=RESIZE_400xThe recently discovered Ivanti Connect Secure zero-day vulnerabilities could impact thousands of systems and the threat actors caught exploiting them appear to have been preparing for the release of patches. https://www.ivanti.com Cyber threat investigators warned on 10 January 2024 that it had seen threat actors likely connected to China tracked as UTA0178 exploiting two previously unknown vulnerabilities in Ivanti Connect Secure (ICS) VPN devices to gain access to internal networks, with the g

12357997063?profile=RESIZE_400xFortiGuard Labs recently discovered a threat group using YouTube channels to distribute a Lumma Stealer variant.  Analysts found and reported on a similar attack method via YouTube in March 2023.  These YouTube videos typically feature content related to cracked applications, presenting users with similar installation guides and incorporating malicious URLs often shortened using services like TinyURL and Cuttly.  To circumvent straightforward web filter blacklists, the attackers exploit open-sou

12360309462?profile=RESIZE_400xFor over a decade, the Security and Exchange Commission (SEC) has been working with corporations and their many stakeholders to seek ways to appropriately influence corporate governance around cybersecurity. On 26 July 2023, the SEC voted to implement new rules for all publicly traded corporations.[1] [2]  

In 2011, the SEC issued guidance to help companies understand they should take responsibility for reducing cyber risk.  This was guidance vice formal regulation, but it helped raise awareness

12359866077?profile=RESIZE_400xEven as the New Year approached and the world celebrated the festive Christmas season, the cybercriminal community did not pause their activities.  Instead, they marked the holiday season in their unique way.  On Christmas Eve, Resecurity observed multiple actors on the Dark Web releasing substantial data dumps.  These resulted from data breaches and network intrusions to various companies and government agencies.  Numerous leaks disseminated in the underground cyber world were tagged with 'Free

12356665288?profile=RESIZE_400xAn official at the Bangladesh Election Commission has claimed that a cyber-attack “from Ukraine and Germany” caused an election information app to crash as voters went to the polls on 8 January.  There has not been an allegation that the incident affected votes in the country, where incumbent Prime Minister Sheikh Hasina secured her fourth straight term in office after a record low turnout, as reported by BBC News.

Hasina, who has held power since 2009, is currently the longest-serving female he

12355949265?profile=RESIZE_400xCoop, one of Sweden's largest supermarket chains, said it is dealing with a cyberattack affecting stores in the county of Värmland.  A ransomware gang named Cactus claimed it attacked the company on 29 December and in a statement to Recorded Future News, a spokesperson explained that Coop Värmland was the target of the attack.

Coop runs consumer cooperative-owned grocery stores throughout Sweden, and Coop Värmland is collectively owned by that county’s nearly 300,000 residents.  The Värmland bra