Infosecurity News
Deepfake Digital Identity Fraud Surges Tenfold, Sumsub Report Finds
AI-powered tools are among the top fraud techniques used by threat actors in 2023, according to Sumsub’s third annual Identity Fraud Report
Infosecurity News
CISA Warns Congress on Chemical Industry Terror Attacks
Security agency wants to resume critical CFATS inspections
Bleeping Computer
Microsoft deprecates Defender Application Guard for Office
Microsoft is deprecating Defender Application Guard for Office and the Windows Security Isolation APIs, and it recommends Defender for Endpoint attack surface reduction rules, Protected View, and Windows Defender Application Control as an alternative.
Infosecurity News
SysJoker Malware: Hamas-Related Threat Expands With Rust Variant
CPR said the malware now uses OneDrive instead of Google Drive for storing dynamic C2 server URLs
Latest Hacking News
Konni RAT Malware Campaign Spreads Via Malicious Word Files
Researchers caught a new campaign from the notorious Konni RAT malware exploiting malicious Word files. The threat actors distribute the malware via malicious macros embedded in Word files that infect the target systems. Konni RAT Malware
SecurityWeek
Hacktivism: What’s in a Name… It May be More Than You Expect
Hacktivists should be treated as malicious hackers because the distance between hacking/activism, malevolence, and damage is too small and too vague.
SecurityWeek
Hackers Hijack Industrial Control System at US Water Utility
Municipal Water Authority of Aliquippa confirms that hackers took control of a booster station, but says no risk to water supply.
-1.webp)
Cyber Security News
SysJoker Malware Attacking Windows, Linux and Mac Users Abusing OneDrive
SysJoker malware, a multi-platform backdoor with several variants for Windows, Linux, and Mac, has been observed being used by a Hamas-affiliated APT to target Israel. This malware was first identified by Intezer in 2021 and was recently used in targeted attacks. Checkpoint researchers disclosed the malware’s growth, variations in the intricacy of its execution flow, and […]
-1.webp)
Cyber Security News
Loader Malware Steal Sensitive System Data & Installs Other Malware
Loader malware emerges as a silent force, discreetly breaching unsuspecting systems and setting the stage for more sophisticated onslaughts.
SecurityWeek
Pentagon’s AI Initiatives Accelerate Hard Decisions on Lethal Autonomous Weapons
The U.S. military is increasing use of artificial intelligence (AI) technology that will fundamentally alter the nature of war.
The Record
Second top Ukrainian cyber official arrested amid corruption probe
Viktor Zhora, the ex-deputy head of Ukraine’s State Service for Special Communications and Information Protection (SSSCIP), is accused of facilitating a corruption scheme involving the procurement of software.
CyberNews
Pro-Russian disinfo campaign using Israel-Hamas war to stir chaos
A disinformation campaign, run or backed by Russia, has been using the Israel-Hamas war to try to create tensions elsewhere in the world.
Infosecurity News
Black Friday: Phishing Emails Soar 237%
Global brands impersonated to capitalize on busy shopping period
The Record
Sacked Ukrainian cyber chief released on bail amid corruption probe
Ukraine's former cybersecurity chief was released from detention on Friday on $700,000 bail, according to Ukraine’s anti-corruption non-profit.
Infosecurity News
North Korean Supply Chain Threat is Booming, UK and South Korea Warn
The UK’s NCSC and South Korea’s NIS issued a joint advisory describing some of North Korean hackers’ tactics in deploying supply chain attacks
Cyber Security News
Firefox 120 Released With Security Updates: What’s New!
10 vulnerabilities are patched, including six 'High Severity' issues and two moderate and low severity issues are fixed.
Cyber Security News
WailingCrab Malware Abuse Messaging Protocol for C2 Communications
WailingCrab's backdoor component has been in contact with the C2 since the middle of 2023 via the lightweight IoT message protocol MQTT.
Trend Micro
ParaSiteSnatcher How Malicious Chrome Extensions Target Brazil
We detail the modular framework of malicious Chrome extensions that consist of various highly obfuscated components that leverage Google Chrome API to monitor, intercept, and exfiltrate victim data.
Bleeping Computer
The Black Friday 2023 Security, IT, VPN, & Antivirus Deals
Black Friday 2023 is here, and great deals are live in computer security, software, online courses, system admin services, antivirus, and VPN software.
Cyber Security News
Microsoft Defender Bounty Program: Rewards up to $20,000 USD
Microsoft introduced the Defender Bounty Program to enhance the security of customers' experience with rewards to researchers up to USD 20,000.
The Hacker News
ClearFake Campaign Expands to Deliver Atomic Stealer on Mac Systems
macOS users beware! Atomic Stealer, a $1,000/month malware, is now spreading through deceptive web browser updates via ClearFake.
The Record
Report claims to reveal identity of Russian hacktivist leader
Killmilk is a 30-year-old Russian citizen, according to the news site Gazeta.ru. The report has drawn extra scrutiny to Killnet, known for DDoS attacks on Western targets.
Bleeping Computer
DarkGate and Pikabot malware emerge as Qakbot’s successors
A sophisticated phishing campaign pushing the DarkGate malware infections has recently added the PikaBot malware into the mix, making it the most advanced phishing campaign since the Qakbot operation was dismantled.
Infosecurity News
DarkGate and PikaBot Activity Surge in the Wake of QakBot Takedown
DarkGate and PikaBot have been observed as part of phishing campaigns using the same tactics as the ones used by QakBot perpetrators
DarkReading
AI Helps Uncover Russian State-Sponsored Disinformation in Hungary
Researchers used machine learning to analyze Hungarian media reports and found Russian narratives soured the nation's perspective on EU sanctions and arms deliveries months before the Ukraine invasion.
Cyber Security News
LummaC2 Employs Trigonometry to Track Mouse Movements
MaaS (Malware-as-a-Service) thrives as a top choice for new cyber threats, offering easy access to powerful tools. Threat actors primarily focus on information theft under Maas, specializing in stealing and leaking sensitive data from hacked devices.
Bleeping Computer
Black Friday deal: Get 50% off Malwarebytes Premium + Privacy VPN
Malwarebytes' is running a Black Friday 2023 deal now through Cyber Monday, offering a 50% discount to the Malwarebytes Premium + Privacy VPN bundle until November 30th.
The Hacker News
How Multi-Stage Phishing Attacks Exploit QRs, CAPTCHAs, and Steganography
Phishing attacks are getting smarter! Cybercriminals are now using QR codes, CAPTCHAs, and steganography to trick victims. Learn how to stay safe.
Infosecurity News
Ukraine Sacks Two Senior Cyber Officials
Duo linked to corruption investigation
The Hacker News
Mustang Panda Hackers Targets Philippines Government Amid South China Sea Tensions
China-linked Mustang Panda cyber actor targets Philippines government entity amid South China Sea tensions.
The Record
Binance agrees to pay $4.3 billion for money laundering violations, CEO steps down
Binance, the largest cryptocurrency exchange in the world, agreed to pay more than $4 billion in settlements with several U.S. law enforcement agencies after years of investigations uncovered widespread criminal use of the platform.
CyberNews
Ukraine’s top two cybersecurity officials axed amid embezzlement probe
Two heads of Ukraine’s national cybersecurity agency were fired Monday amid accusations of participating in an embezzlement scheme involving millions in state funds.
CyberScoop
Senior Ukrainian cybersecurity officials sacked amid corruption probe
Yurii Shchyhol and Victor Zhora were accused of participating in a scheme to contract software at inflated prices.
Bleeping Computer
Canadian government discloses data breach after contractor hacks
The Canadian government says two of its contractors have been hacked, exposing sensitive information belonging to an undisclosed number of government employees.
Infosecurity News
Infostealer Lumma Evolves With New Anti-Sandbox Method
Outpost24 explained the technique relies on trigonometry to discern genuine human behavior
CyberNews
Best botnet ad? An attack on OpenAI
Anonymous Sudan attacks on OpenAI and Cloudlfare are meant to show the groups' capabilities.
SecurityWeek
CISA Releases Cybersecurity Guidance for Healthcare, Public Health Organizations
New CISA guidance details cyber threats and risks to healthcare and public health organizations and recommends mitigations.
Bleeping Computer
Lumma Stealer malware now uses trigonometry to evade detection
The Lumma information-stealing malware is now using an interesting tactic to evade detection by security software - the measuring of mouse movements using trigonometry to determine if the malware is running on a real machine or an antivirus sandbox.
CyberNews
Largest companies pausing ads on X over antisemitic storm, Musk vows revenge
After Elon Musk, the owner of X, amplified an antisemitic trope on the platform, major firms have suspended advertising on the site.
The Hacker News
LummaC2 Malware Deploys New Trigonometry-Based Anti-Sandbox Technique
New LummaC2 malware uses trigonometry-based tactic to differentiate between users and security systems, evading sandboxes and security analyses.
The Record
In recent interview, ousted Ukrainian cyber official spoke about new Russian attacks, long-term plans
Ukraine's anti-corruption agency sent shockwaves through the country's cybersecurity agencies on Monday morning, when it announced that it had launched an investigation into the procurement practices of a handful of its top cyber officials.
The Record
Two top Ukrainian cyber officials dismissed amid embezzlement probe
Two high-ranking cybersecurity officials in Ukraine were dismissed on Monday, according to a senior government official, amid an investigation into suspected embezzlement of state funds.
Cyber Security News
Weekly Cyber Security News Roundup for the Week of November 13th to 18th
Welcome to the Cyber Security News Recap, a weekly publication by Cyber Writes. Our aim is to bring you up-to-date information on the latest developments in the field of cybersecurity.
Bleeping Computer
Google shares plans for blocking third-party cookies in Chrome
Google has officially announced plans to gradually eliminate third-party cookies, a key aspect of its Privacy Sandbox initiative.
The Hacker News
8Base Group Deploying New Phobos Ransomware Variant via SmokeLoader
The threat actors behind the 8Base ransomware are utilizing a variant of the Phobos ransomware for their attacks.
Infosecurity News
FBI Lifts the Lid on Notorious Scattered Spider Group
Security advisory details TTPs of prolific threat actors
Cyber Security News
ChatGPT for Malware Analysis: Enhancing GPT’s Ability to Guide Malware Analyst
GPT excels in verbal thinking, skillfully choosing precise words for optimal responses. Understanding this key property is crucial, as much of its subsequent behavior stems from this ability.
Infosecurity News
Black Friday: Malwarebytes Warns of Credit Card Skimming Surge
The Kritec campaign shows similarities with previous Magecart skimming techniques
Cyber Security News
Best Network Security Vendors for SaaS - 2024
Best Network Security Vendors for SaaS : 1. Perimeter 81 2. Palo Alto Networks 3. Fortinet 4. Symantec 5. Check Point 6. McAfee 7. Okta.
CyberNews
X kept 98% of posts reported for hate against Israelis and Palestinians
The Center for Countering Digital Hate (CCDH) published a study claiming that X continued to host 98% of 200 hate posts that were reported by researchers.
Cyber Security News
Hackers Deliver Weaponized LNK Files Through Legitimate Websites
Hackers may exploit LNK files to deliver malicious payloads by disguising them as legitimate shortcuts, and execution of malicious code.
Cyber Security News
10 Best Network Security Companies For CISO - 2024
Best Network Security Companies for CISO: 1. Perimeter81 2. Palo Alto Networks 3. Cisco 4. Check Point 5. IBM 6. Crowdstrike 7. Trend Micro.
CyberNews
Pro-Hamas cybergang develops complex infection tactics with new downloader
A threat actor targeting West Asian governments now uses a labyrinthine infection chain based on delivering a new initial access downloader dubbed IronWind
The Hacker News
New Campaign Targets Middle East Governments with IronWind Malware
Government entities in the Middle East are under attack by a new phishing campaign employing the IronWind downloader.
Bleeping Computer
Ethereum feature abused to steal $60 million from 99K victims
Malicious actors have been abusing Ethereum's 'Create2' function to bypass wallet security alerts and poison cryptocurrency addresses, which led to stealing $60,000,000 worth of cryptocurrency from 99,000 people in six months.
CyberNews
South Korea exposes 38 Chinese-run fake news websites
The South Korean spy agency has identified a network of 38 fake news websites Chinese firms operated within the country to influence public opinion.
The Record
Crooks leverage Google quiz messages as part of bitcoin scam
Scammers have discovered a way to create a new quiz in Google Forms, use a victim’s email address to respond to it, and then exploit the feature that releases the score of the quiz to send malicious emails, Cisco Talos said.
Cyber Security News
How Network Detection & Response (NDR) Technology is Used Against Cyber Threats
NDR solutions are becoming indispensable for many organizations in their security architecture due to how they handle threats.
Cyber Security News
Script Tracer Tool - Threat Researchers to Trace & Deobfuscate the Malware Execution
Cyber forensic tools play a crucial role in cyber investigations by helping investigators to collect, analyze, and preserve digital evidence.
CyberNews
Apple pays $25M to settle employment discrimination case
The US Department of Justice has secured a $25 million landmark agreement with Apple Inc for discriminating against potential employees based on their citizenship status.
Bleeping Computer
Google ads push malicious CPU-Z app from fake Windows news site
A threat actor has been abusing Google Ads to distribute a trojanized version of the CPU-Z tool to deliver the Redline info-stealing malware.
Infosecurity News
OpenAI Reveals ChatGPT Is Being DDoS-ed
OpenAI has admitted DDoS attacks are the cause of intermittent ChatGPT outages since November 8
CSO
Generative AI to fuel stronger phishing campaigns, information operations at scale in 2024
Google Cloud forecasts continued use of gen AI to create smarter campaigns while cybersecurity pros will use the same tools to defend and close the skills gap.
CyberNews
The global KYC crusade against Bitcoin and crypto user privacy
Bitcoin, KYC and the battle for financial privacy
Cyber Security News
What is Crowdsourced Threat Intelligence?
Crowdsourced threat intelligence is a type of threat intelligence that is gathered and analyzed from a variety of sources.
Computerworld
Windows Hello for Business: Passwordless authentication for Windows shops
Microsoft has brought biometric sign-in to Windows 10 business and enterprise users with Windows Hello for Business. Here’s how it works and how to deploy it to your users.
The Record
Russian ‘influence-for-hire’ firms spread propaganda in Latin America: US State Department
The U.S. government has uncovered an ongoing Russia-funded disinformation campaign across Latin America aimed at undermining support for Ukraine and discrediting the U.S. and NATO.
Cyber Security News
RedLine Malware Steals Sensitive Data and Installs More Malware
Researchers from Any Run saw again its active activity intended to develop to steal, cause financial loss, and data, targeting both enterprise and personal devices.
Cyber Security News
New Millenium RAT Sold on GitHub Attacking Windows Systems
Millenium-RAT, a sophisticated Remote Access Tool (RAT) for Windows systems, is now available for purchase on GitHub.
The Hacker News
Confidence in File Upload Security is Alarmingly Low. Why?
Let’s explore why confidence in security lags infrastructure upgrades and how OPSWAT closes that gap.
DarkReading
US Sanctions Ryuk Ransomware’s Russian Money Launderer
Woman is accused of assisting Russian oligarchs and ransomware affiliates with schemes to evade sanctions.
Bleeping Computer
US sanctions Russian who laundered money for Ryuk ransomware affiliate
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has sanctioned Russian national Ekaterina Zhdanova for laundering millions in cryptocurrency for various individuals, including ransomware actors.
Infosecurity News
Russian National Sanctioned For Virtual Currency Money Laundering
Zhdanova reportedly utilized cash, international money laundering associates and businesses fronts
Latest Hacking News
Canada Bans Kaspersky, WeChat On Govt Devices Suspecting Spying
The Government of Canada officially bans using WeChat and Kaspersky apps on government devices, citing privacy risks. Users can no longer download the apps on government-issued mobile devices. Canada Bans Kaspersky And WeChat According to a recent
Cyber Security News
The Ultimate SaaS Security Admin Guide - 2024
SaaS Security Admin Guide: 1. Encryption 2. Backup and Recovery 3. Data Residency 4. Regular Audits 5. Data Privacy 6. Least Privileges.
The Hacker News
U.S. Treasury Targets Russian Money Launderer in Cybercrime Crackdown
U.S. Treasury imposes sanctions on Russian woman for laundering virtual currency for elites and cybercriminal groups, including Ryuk ransomware.
The Record
Iran-linked hackers attack Israeli education and tech organizations
Hackers suspected of being tied to Iran’s government have been deploying new destructive malware against Israeli organizations, according to recent research.
Bleeping Computer
Apple 'Find My' network can be abused to steal keylogged passwords
Apple's "Find My" location network can be abused by malicious actors to stealthily transmit sensitive information captured by keyloggers installed in keyboards.
CSO
Iran-linked spy APT MuddyWater ratchets up anti-Israel attacks: Report
Fake folders and remote access tools are part of the MuddyWater advanced persistent threat (APT) espionage group’s latest campaign against Israeli targets, according to cybersecurity firm Deep Instinct.
The Record
Corrupt police intel analyst jailed for tipping off criminal about EncroChat hack
Natalie Mottram, 25, was arrested in June and now begins a prison sentence of more than three years for misconduct in public office, perverting the course of justice and unauthorized access to computer material.
Infosecurity News
Russian Security Services Arrest Suspected Ukrainian Hackers
Duo were detained separately in two Siberian cities
The Record
Connecticut AG demands answers from 23andMe after data breach
Connecticut's Attorney General William Tong sent a letter to 23andMe demanding answers about its recent data breach and whether it violated data privacy laws.
Infosecurity News
Palo Alto Reveals New Features in Russian APT Turla's Kazuar Backdoor
The sophisticated new variant of Turla's Kazuar backdoor was used to target the Ukrainian defense sector
The Hacker News
Turla Updates Kazuar Backdoor with Advanced Anti-Analysis to Evade Detection
Turla hackers are back with a revised Kazuar backdoor, featuring stealthy anti-analysis techniques & C2 communication disruption.
DarkReading
'Prolific Puma' Hacker Gives Cybercriminals Access to .us Domains
Cybercriminals are upping their phishing with shortened links and showing that coveted, regulated top-level domains aren't as exclusive as you'd think.
Bleeping Computer
Dozens of countries will pledge to stop paying ransomware gangs
An alliance of 40 countries will sign a pledge during the third annual International Counter-Ransomware Initiative summit in Washington, D.C., to stop paying ransoms demanded by cybercriminal groups.
Bleeping Computer
Samsung Galaxy gets new Auto Blocker anti-malware feature
Samsung has unveiled a new security feature called 'Auto Blocker' as part of the One UI 6 update, offering enhanced malware protection on Galaxy devices.
SecurityWeek
Attackers Can Use Modified Wikipedia Pages to Mount Redirection Attacks on Slack
Researchers document the Wiki-Slack attack, a new technique that uses modified Wikipedia pages to target end users on Slack.
Computerworld
‘Data poisoning’ anti-AI theft tools emerge — but are they ethical?
New tools that can corrupt digitized artwork and other copyrighted materials are emerging to thwart generative AI models that scrape the internet to learn and provide content.
The DFIR Report
Netsupport Intrusion Results in Domain Compromise - The DFIR Report
NetSupport Manager is one of the oldest third-party remote access tools still currently on the market with over 33 years of history. This is the first time we will report … Read More
The Record
Russia to launch its own version of VirusTotal due to US snooping fears
The repository, to be called “Multiscanner,” would mimic the Google-owned platform, which allows organizations to share suspected malware.
The Record
Russian hacking tool floods social networks with bots, researchers say
Low-skill cybercriminals are using a new tool to create hundreds of fake social media accounts in just a few seconds.
DarkReading
Octo Tempest Group Threatens Physical Violence as Social Engineering Tactic
The financially motivated English-speaking threat actors use advanced social engineering techniques, SIM swapping, and even threats of violence to breach targets.
SecurityWeek
AI Security Firm Cranium Raises $25 Million
AI cybersecurity firm Cranium has raised $25 million in Series A funding, which brings the total investment in the company to $32 million.
Cyber Security News
Why Small Businesses Need a Malware Sandbox ? - Top 3 Reasons in 2023
Running a small business can often lead to the misconception that cyber security is not a priority due to the company's size.
The Hacker News
YoroTrooper: Researchers Warn of Kazakhstan's Stealthy Cyber Espionage Group
YoroTrooper is a unique threat actor - likely originating from Kazakhstan. Get the latest info on tactics, techniques, tools, and targeting of this ac
SecurityWeek
'YoroTrooper' Espionage Group Linked to Kazakhstan
The YoroTrooper espionage group likely consists of individuals from Kazakhstan, Cisco’s Talos security researchers report.
SecurityWeek
Apple Ships Major iOS, macOS Security Updates
Apple patches dozens of serious security flaws in its macOS and iOS platforms, warning that hackers could launch code execution exploits.
SecurityWeek
Firefox, Chrome Updates Patch High-Severity Vulnerabilities
Firefox and Chrome updates released this week resolve multiple high-severity memory safety vulnerabilities.
The Record
Kazakhstan-based hackers targeting gov’t websites in Central Asia, Cisco says
Hackers believed to be based in Kazakhstan are targeting other members of the Commonwealth of Independent States in a wide-ranging espionage campaign, according to new research.
Bleeping Computer
Hackers backdoor Russian state, industrial orgs for data theft
Several state and key industrial organizations in Russia were attacked with a custom Go-based backdoor that performs data theft, likely aiding espionage operations.
CSO
Hamas’ online infrastructure reveals ties to Iran, researchers say
An analysis from Recorded Future’s Insikt Group research unit offers insight into the online infrastructure used by Hamas, as well as its apparent links to the Iranian government.
The Record
Alleged covert wiretap on Russian messaging service blown by expired TLS certificate
Researchers said the suspected man-in-the-middle attack was identified when the administrator of jabber.ru, the largest Russian XMPP service, received a notification that one of the servers’ certificates had expired.
CyberNews
Social media is drowning in misinformation on the Israel-Hamas conflict
No slickly edited five-minute video can explain the Israeli-Palestinian conflict with adequate context, professor Mazza says.
SecurityWeek
Authorities Seize Control of RagnarLocker Ransomware Dark Web Site
The RagnarLocker ransomware group’s dark web leak site has been seized in a coordinated law enforcement operation.
Ars Technica
There’s a new way to flip bits in DRAM, and it works against the latest defenses
New technique produces lots of bitflips and could one day help form an attack.
SecurityWeek
US Government Releases Anti-Phishing Guidance
CISA, NSA, FBI, and MS-ISAC have released guidance and prevention recommendations on common phishing techniques.
The Hacker News
Google Play Protect Introduces Real-Time Code-Level Scanning for Android Malware
Google Play Protect now scans apps in real time to detect and block novel malware before you install them.
DarkReading
North Korea's Kimsuky Doubles Down on Remote Desktop Control
The sophisticated APT employs various tactics to abuse Windows and other built-in protocols with both custom and public malware to take over victim systems.
Cyber Security News
Best Unified Network Security Solutions for Small Businesses
Best Unified Network Security Solutions for Small Businesses. 1. Perimeter 81, 2. Snort, 3. OSSEC, 4. Wireshark, 5. Burp Suite, 6. Splunk.
SecurityWeek
Lost and Stolen Devices: A Gateway to Data Breaches and Leaks
Strategies to prevent lost and stolen computers from contributing to data breaches and leaks.
Bleeping Computer
Microsoft disables bad spam rule flagging all sent emails as junk
Microsoft has disabled a bad anti-spam rule flooding Microsoft 365 admins' inboxes with blind carbon copies (BCC) of outbound emails mistakenly flagged as spam.
Bleeping Computer
Malicious Notepad++ Google ads evade detection for months
A new Google Search malvertizing campaign targets users looking to download the popular Notepad++ text editor, employing advanced techniques to evade detection and analysis.
Bleeping Computer
Fake 'RedAlert' rocket alert app for Israel installs Android spyware
Israeli Android users are targeted by a malicious version of the 'RedAlert - Rocket Alerts' app that, while it offers the promised functionality, acts as spyware in the background.
The Hacker News
Pro-Russian Hackers Exploiting Recent WinRAR Vulnerability in New Campaign
WinRAR users, be alert! Pro-Russian hackers exploited a recent vulnerability in the software. Ensure your version is updated!
Bleeping Computer
Ubuntu discovers 'hate speech' in release 23.10 — how to upgrade?
Ubuntu, the most popular Linux distribution, has pulled its Desktop release 23.10 after its Ukrainian translations were discovered to contain hate speech. According to the Ubuntu project, a malicious contributor is behind anti-Semitic, homophobic, and xenophobic slurs that were injected into the distro via a "third party tool."
DarkReading
Gaza Conflict Paves Way for Pro-Hamas Information Operations
Mandiant's John Hultquist says to expect anti-Israel influence and espionage campaigns to ramp up as the war grinds on.
The Hacker News
Ransomware attacks doubled year on year. Are organizations equipped to handle the evolution of Ransomware in 2023?
Ransomware attacks have evolved in Q3-2023, employing new techniques to bypass defenses. Discover the strategies ransomware groups have been adopting.
The Record
Serving startup nation: How Israel's cyber specialists work amid war
Tech and cybersecurity executives who build their businesses in Israel are always aware of the possibility of war.
Bleeping Computer
Exchange Online mail delivery issues caused by anti-spam rules
Microsoft is investigating Exchange Online mail delivery issues causing "Server busy" errors and delays when receiving emails from outside organizations.
CSO
Microsoft, American Express most spoofed brands in financial services phishing emails
Research discovers “interesting developments” in the delivery methods, techniques, themes, and targeted brands of email phishing against financial services.
Infosecurity News
Exploitation Accounts For 29% of Education Sector Attacks
The figures from the latest Critical Start report also suggest 30% come from phishing campaigns
SecurityWeek
Chrome 118 Patches 20 Vulnerabilities
Google has released Chrome 118 to the stable channel with patches for 20 vulnerabilities, including one rated ‘critical severity’.
CyberNews
Killnet’s attacks on Israel: an invitation to open fire
Killnet's attack on Israel after the country was infiltrated by Hamas is reckless at best.
SecurityWeek
Researcher Conversations: Natalie Silvanovich From Google's Project Zero
SecurityWeek interview with Natalie Silvanovich, a member of Project Zero – an elite group of researchers employed by Google.
The Hacker News
libcue Library Flaw Opens GNOME Linux Systems Vulnerable to RCE Attacks
Heads up, Linux users! A new critical vulnerability in the libcue library exposes GNOME Linux systems to remote code execution (RCE) attacks.
The Record
Social media platforms foment disinformation about war in Israel
Disinformation about the fighting between Israel and Hamas has spread like wildfire on social media platforms like X and Facebook.
The Record
Hacktivists take sides in Israel-Palestinian war
Since Hamas fighters launched their assault on Saturday, nearly 60 groups have targeted Palestinian and Israeli entities.
CyberNews
Microsoft names Hamas-linked group targeting Israel
The Gaza-based cyber group, tracked by Microsoft as Storm-1133, targeted Israel’s infrastructure ahead of Hamas’ attack on the country.
Bleeping Computer
Microsoft 365 admins warned of new Google anti-spam rules
Microsoft urged Microsoft 365 email senders this week to authenticate outbound messages following new anti-spam rules for bulk senders announced earlier this week by Google.
SecurityWeek
Microsoft Releases New Report on Cybercrime, State-Sponsored Cyber Operations
US, Ukraine, and Israel remain the most heavily attacked by cyberespionage and cybercrime threat actors, Microsoft says.
The Hacker News
Analysis and Config Extraction of Lu0Bot, a Node.js Malware with Considerable Capabilities
Breaking down Lu0Bot's layers: From BAT files to unique domain assembly. Analysts share insights into the unconventional methods used by this Node.js
Trend Micro
Exposing Infection Techniques Across Supply Chains and Codebases
This entry delves into threat actors' intricate methods to implant malicious payloads within seemingly legitimate applications and codebases.
Infosecurity News
Police Issue “Quishing” Email Warning
Organizations urged to update staff awareness programs
SecurityWeek
Cybersecurity M&A Roundup: 28 Deals Announced in September 2023
Twenty-eight cybersecurity-related merger and acquisition (M&A) deals were announced in September 2023, fewer than last month
Bleeping Computer
New BunnyLoader threat emerges as a feature-rich malware-as-a-service
Security researchers discovered a new malware-as-a-service (MaaS) named 'BunnyLoader' advertised on multiple hacker forums as a fileless loader that can steal and replace the contents of the system clipboard.
SecurityWeek
Live Exploitation Underscores Urgency to Patch Critical WS-FTP Server Flaw
Rapid7 says attackers are targeting a critical pre-authentication flaw in Progress Software’s WS_FTP server just days after disclosure.
Infosecurity News
BunnyLoader Malware Targets Browsers and Cryptocurrency
Coded in C/C++, the tool is a fileless loader that conducts malicious activities in memory
-1.webp)
Cyber Security News
BunnyLoader: New Malware-as-a-Service (MaaS) Under Rapid Development
A new malware-as-a-service (MaaS) loader under the name “BunnyLoader” has been discovered to be sold in multiple hacking forums.
Infosecurity News
AI-Generated Phishing Emails Almost Impossible to Detect, Report Finds
Email security provider Egress found that AI detectors were unable to identify if a phishing email came from an AI chatbot
Latest Hacking News
Hackers Meddle With Bing Chat Ads To Promote Malicious Links
Researchers have discovered a new phishing campaign that exploits Microsoft’s Bing Chat to promote malicious URLs. The campaign involves creating malicious ads via legit ads businesses to rank higher and appear in Bing Chat responses
The Hacker News
BunnyLoader: New Malware-as-a-Service Threat Emerges in the Cybercrime Underground
BunnyLoader, the latest malware-as-a-service, is up for sale in the dark web. It can steal your data, replace your crypto address
Infosecurity News
Russian Company Offers $20M For Non-NATO Mobile Exploits
Operation Zero will pay $20m for exploits like RCE, LPE and SBX, integral to a full-chain attack
The Hacker News
Post-Quantum Cryptography: Finally Real in Consumer Apps?
How Safe Are Your Encrypted Messages? Explore the emerging world of post-quantum cryptography and what it means for your digital privacy.
SecurityWeek
FBI Warns Organizations of Dual Ransomware, Wiper Attacks
The FBI warns organizations of cyberattacks that employ multiple ransomware families or deploy dormant data wipers.
The Hacker News
Microsoft's AI-Powered Bing Chat Ads May Lead Users to Malware-Distributing Sites
Using Bing Chat? Stay alert! Researchers reveal malicious ads lurking in Bing's AI chatbot, leading users to install malware unknowingly.
Trend Micro
APT34 Deploys Phishing Attack With New Malware
We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to target a victim in Saudi Arabia.
Bleeping Computer
Bing Chat responses infiltrated by ads pushing malware
Malicious advertisements are now being injected into Microsoft's AI-powered Bing Chat responses, promoting fake download sites that distribute malware.
Infosecurity News
Android Banking Trojan Zanubis Evolves to Target Peruvian Users
The Trojan utilizes the Obfuscapk obfuscator for Android APK files, Kaspersky explained
SecurityWeek
Verisoul Raises $3.25 Million in Seed Funding to Detect Fake Users
Verisoul, a company that has developed a SaaS platform for detecting and blocking fake users, has raised $3.25 million in seed funding.
Cyber Security News
Firefox 118 Released With the Fix for 6 High-Severity Vulnerabilities
Mozilla has recently launched Firefox 118, which addresses a total of nine security vulnerabilities. Notably, this release effectively resolves six high-severity vulnerabilities.
DarkReading
Researchers Release Details of New RCE Exploit Chain for SharePoint
One of the already-patched flaws enables elevation of privilege, while the other enables remote code execution.
Bleeping Computer
Fake Bitwarden sites push new ZenRAT password-stealing malware
Fake Bitwarden sites are pushing installers purportedly for the open-source password manager that carry a new password-stealing malware that security researchers call ZenRAT.
SecurityWeek
Firefox 118 Patches High-Severity Vulnerabilities
Firefox 118 patches six high-severity vulnerabilities, including a memory leak potentially leading to sandbox escape.
SecurityWeek
macOS 14 Sonoma Patches 60 Vulnerabilities
macOS 14 Sonoma has been officially released by Apple and the latest version of the operating system patches over 60 vulnerabilities.
Cyber Security News
Exela Stealer Attacking Discord Users to Steal Login Credentials
Cybersecurity researchers at Cyble Research and Intelligence (CRIL) discovered the 'Exela-V2.0-main.rar' zip file on September 14th, revealing a new 'Exela' stealer.
Infosecurity News
Xenomorph Malware Resurfaces: 30+ US Banks Targeted
ThreatFabric explained the malware relies on deceptive phishing webpages posing as a Chrome update
Infosecurity News
ZenRAT Malware Uncovered in Bitwarden Impersonation
Discovered by Proofpoint, ZenRAT is a modular remote access trojan targeting Windows users
The Hacker News
Essential Guide to Cybersecurity Compliance
Wondering which cybersecurity compliance standard is right for your business? Explore GDPR, SOC 2, and ISO 27001 to see which aligns best with your ne
CSO
CISOs are struggling to get cybersecurity budgets: Report
In the latter part of Q4 2022, many CISOs reported that their approved 2023 budgets were being slashed as part of an overall budget tightening.
DarkReading
UAE-Linked 'Stealth Falcon' APT Mimics Microsoft in Homoglyph Attack
The cyberattackers are using the "Deadglyph" custom spyware, whose full capabilities have not yet been uncovered.
The Hacker News
Watch the Webinar — AI vs. AI: Harnessing AI Defenses Against AI-Powered Risks
Leveraging the power of AI in cybersecurity to outsmart ever-evolving threats. Discover how it can be your ultimate ally!
Infosecurity News
Researchers Spot Novel “Deadglyph” Backdoor
Malware is linked to UAE-backed spies
The DFIR Report
From ScreenConnect to Hive Ransomware in 61 hours - The DFIR Report
In 2022, The DFIR Report observed an increase in the adversarial usage of Remote Management and Monitoring (RMM) tools. When compared to post-exploitation channels that heavily rely on terminals, such … Read More
Bleeping Computer
Hotel hackers redirect guests to fake Booking.com to steal cards
Security researchers discovered a multi-step information stealing campaign where hackers breach the systems of hotels, booking sites, and travel agencies and then use their access to go after financial data belonging to customers.
The Hacker News
Mysterious 'Sandman' Threat Actor Targets Telecom Providers Across Three Continents
Sandman, a new cyber threat actor, is targeting telecom providers across continents. Read more about this cyber espionage campai
Bleeping Computer
‘Sandman’ hackers backdoor telcos with new LuaDream malware
A previously unknown threat actor dubbed 'Sandman' targets telecommunication service providers in the Middle East, Western Europe, and South Asia, using a modular info-stealing malware named 'LuaDream.'
Cyber Security News
Papercut Print Manager Flaw Let Attackers Perform Sophisticated Attacks
The PaperCutNG Mobility Print 1.0.3512 application has been identified to have a cross-site request forgery vulnerability that leads to sophisticated phishing attacks.
SecurityWeek
Navigating the Digital Frontier in Cybersecurity Awareness Month 2023
Zero Trust Network Access (ZTNA) solutions help minimize attack surfaces while ensuring productivity and security of remote workers
Cyber Security News
Magento Security Checklist: 8 Steps To a Secure Magento Store - 2023
Magento Security Checklist : 1. Update to the Latest Version 2. Ensure a Strong Password 3. Limit Magento Admin Login Attempts 4. Switch 2FA.
Cyber Security News
ChatGPT-Powered Malware Analysis
An interactive online malware analysis sandbox ANY.RUN has recently introduced a new ChatGPT AI-driven detection approach.
Infosecurity News
Brits Lose $9.3bn to Scams in a Year
One in 10 have suffered from fraud in past 12 months
The Record
Canada blames border checkpoint outages on cyberattack
A cyberattack suspected to be carried out by a pro-Russia hacking group reportedly resulted in widespread service disruptions at several Canadian airports.
SecurityWeek
HiddenLayer Raises Hefty $50M Round for AI Security Tech
Texas startup attracts major investor interest to build an MLMDR (machine learning detection and response) technology.
Cyber Security News
Top 10 Best Data Loss Prevention Software - 2023
Best Data Loss Prevention Software: 1. DoControl 2. Check Point 3. Forcepoint 4. Code42 5. Digital Guardian 6. Trellix 7. Proofpoint.
Latest Hacking News
Hackers Target Azerbaijan Users With A Novel Rust Malware
Researchers have caught a new malware campaign in the wild that deploys a novel Rust-based malware to Azerbaijan targets. While not linked to a known threat actor group, the campaign still includes some false flags,
DarkReading
'ShroudedSnooper' Backdoors Use Ultra-Stealth in Mideast Telecom Attacks
The threat cluster hasn't been seen before, but its custom Windows server backdoors have researchers intrigued thanks to their extremely effective stealth mechanisms.
The Hacker News
Inside the Code of a New XWorm Variant
XWorm: The new kid on the malware block. ANY.RUN's analysts dive deep to expose its tactics and evasion techniques.
SecurityWeek
OT/IoT and OpenTitan, an Open Source Silicon Root of Trust
OpenTitan is a project aimed at bringing the success of open source software to the silicon design space – specifically a silicon-level root of trust
Cyber Security News
Threat and Vulnerability Roundup For The Week Of 10th to September 16th
This week's Threat and Vulnerability Roundup from Cyber Writes brings you the most recent cybersecurity news.
DarkReading
DoD: China's ICS Cyber Onslaught Aimed at Gaining Kinetic Warfare Advantage
Escalating incursions into military base infrastructure, telecom networks, utilities, and more signal that Beijing is laying the groundwork for mass disruption.
Computerworld
Critical updates for Microsoft Office and Visual Studio drive September's Patch Tuesday
Microsoft this week rolled out 59 updates with its Patch Tuesday update, including critical patches for Microsoft Office and Visual Studio.
Bleeping Computer
Google pays $93M to settle Android tracking lawsuit in California
California's Attorney General announced today that Google will pay $93 million to settle a privacy lawsuit alleging it violated the U.S. state's consumer protection laws.
Bleeping Computer
Fake Cisco Webex Google Ads abuse tracking templates to push malware
Threat actors use Google Ads tracking templates as a loophole to create convincing Webex software search ads that redirect users to websites that distribute the BatLoader malware.
CSO
JFrog combines ML development with DevSecOps
ML model management capabilities manage the organization’s local and open source ML models and ensure the security of those models through SDLC.
CSO
Perception Point launches MSP program to help partners tackle threats
New program provides managed service providers dedicated, enterprise-level threat prevention, detection, and response capabilities.
Infosecurity News
New Microsoft Teams Phishing Campaign Targets Corporate Employees
The new campaign is believed to be perpetrated by Storm-0324, which distributes the payloads of other attackers after achieving initial network compromise
Cyber Security News
Interactive Malware Sandbox - Free File Analysis, Live Malware Hunting & Threat Intelligence
Interactive sandboxing solutions let you run programs, open files, and reboot the virtual machine to change the execution process.
Cyber Security News
Loda Malware Attack Windows To Control RDP, Spread Malware, And Log User Inputs
Threat actors have been actively employing Loda, a remote access trojan (RAT) developed in AutoIT, to attack Windows and gain RDP access
SecurityWeek
After Microsoft and X, Hackers Launch DDoS Attack on Telegram
Anonymous Sudan launches a DDoS attack against Telegram in retaliation for the suspension of their primary account on the platform.
The Hacker News
Google Chrome Rolls Out Support for 'Privacy Sandbox' to Bid Farewell to Tracking Cookies
Google rolls out Privacy Sandbox for Chrome, boosting privacy while maintaining access to your favorite content.
The Hacker News
New HijackLoader Modular Malware Loader Making Waves in the Cybercrime World
HijackLoader, a new stealthy malware loader, is making waves in the cybercriminal world. Learn how it delivers dangerous payloads and evades security
CSO
North Korean hackers are targeting security researchers: Google
Government-backed threat actors are using zero-day exploits to infect security researchers and exfiltrate critical vulnerability information.
Bleeping Computer
Google rolls out Privacy Sandbox to use Chrome browsing history for ads
Google has started to roll out its new interest-based advertising platform called the Privacy Sandbox, shifting the tracking of user's interests from third-party cookies to the Chrome browser.
Infosecurity News
Google TAG Exposes North Korean Campaign Targeting Researchers
The team has discovered the exploitation of at least one zero-day flaw in the last few weeks
SecurityWeek
Emsisoft Tells Users to Update Products, Reboot Systems Due to Certificate Mishap
Emsisoft urges its users to update anti-malware and other security products after signing them with an improperly issued digital certificate.
The Hacker News
North Korean Hackers Exploit Zero-Day Bug to Target Cybersecurity Researchers
North Korean hackers using fake social media accounts and exploiting zero-day bugs to compromise cybersecurity researchers.
The Hacker News
Apple Rushes to Patch Zero-Day Flaws Exploited for Pegasus Spyware on iPhones
🚨 Urgent Spyware Alert! Apple patched 2 new zero-day vulnerabilities in iOS, iPadOS, and macOS devices.
The Record
Swatting started in the gaming world and it’s coming for the rest of us
The prank of choice among the young cyber set is swatting: calling in a hoax report that sends police, guns drawn, to the dwelling of an unsuspecting victim. The Click Here podcast team talks with an expert about what can be done to track and deter swatting.
Ars Technica
North Korea-backed hackers target security researchers with 0-day
Google researchers say currently unfixed vulnerability affects a popular software package.