SecurityWeek
Police Dismantle Major Ukrainian Ransomware Operation
Police from several countries have dismantled a major Ukraine-based ransomware operation and arrested its alleged ringleader.
Security Affairs
Daixin Team group claimed the hack of North Texas Municipal Water District
The Daixin Team group claims to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data.
The Hacker News
How Hackers Phish for Your Users' Credentials and Sell Them
Did you know that a single stolen credential can jeopardize your entire network? Protect your organization against sophisticated phishing attacks. Lea
The Hacker News
Key Cybercriminals Behind Notorious Ransomware Families Arrested in Ukraine
A coordinated effort led to the arrest of key figures in Ukraine linked to various ransomware attacks, involving LockerGoga, MegaCortex, and Dharma.
Infosecurity News
Ukraine Police Dismantle Major Ransomware Group
Affiliate deployed LockerGoga, MegaCortex, Hive and Dharma
Bleeping Computer
Police dismantle ransomware group behind attacks in 71 countries
In cooperation with Europol and Eurojust, law enforcement agencies from seven nations have arrested in Ukraine the core members of a ransomware group linked to attacks against organizations in 71 countries.
The Record
High-profile ransomware gang suspects arrested in Ukraine
The international operation, centered on Kyiv, essentially neutralized a group known for deploying variants of LockerGoga, MegaCortex, Hive and Dharma ransomware, authorities said.
The Record
English council spent £1.1 million recovering from ransomware attack
Gloucester's local government released the expense figures related to a 2021 attack. The council had received a formal reprimand from the Information Commissioner's Office in August.
SecurityWeek
US, UK Cybersecurity Agencies Publish AI Development Guidance
New guidance from US and UK cybersecurity agencies provides recommendations for secure AI system development.
-1.webp)
Cyber Security News
Loader Malware Steal Sensitive System Data & Installs Other Malware
Loader malware emerges as a silent force, discreetly breaching unsuspecting systems and setting the stage for more sophisticated onslaughts.
The Record
Suspected Hamas-linked hackers target Israel with new version of SysJoker malware
Cybersecurity companies Check Point and Intezer analyzed what appears to be a rewrite of backdoor malware that targeted Israel's education sector as early as 2021.
Security Affairs
Rhysida ransomware gang claimed China Energy hack
The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation.
Security Affairs
App used by hundreds of schools leaking children's data
Almost a million files with minors' data, including home addresses and photos were left open to anyone on the internet.
Bleeping Computer
Critical bug in ownCloud file sharing app exposes admin passwords
Open source file sharing software ownCloud is warning of three critical-severity security vulnerabilities, including one that can expose administrator passwords and mail server credentials.
The Hacker News
Cybercriminals Using Telekopye Telegram Bot to Craft Phishing Scams on a Grand Scale
Beware of Telekopye: The malicious Telegram bot used by the "Neanderthals" for large-scale phishing scams. It crafts phishing websites and emails.
SecurityWeek
In Other News: National Laboratory Breach, Airplane GPS Attacks, Russia Accuses Allies of Hacking
Idaho National Laboratory breach, GPS attacks target airplanes, Russian accuses China and North Korea of hacking.
Infosecurity News
Black Friday: Phishing Emails Soar 237%
Global brands impersonated to capitalize on busy shopping period
Security Affairs
North Korea-linked Konni APT uses Russian-language documents
North Korea-linked Konni APT group used Russian-language Microsoft Word documents to deliver malware .............
The Hacker News
Konni Group Using Russian-Language Malicious Word Docs in Latest Attacks
Threat actor Konni, potentially tied to North Korea, deploys RAT in cyber espionage using Russian Word doc, exploiting WinRAR flaw.
Infosecurity News
University of Manchester CISO Speaks Out on Summer Cyber-Attack
University of Manchester CISO Heather Lowrie shared how the institution tackled a major data breach earlier in 2023
The Hacker News
6 Steps to Accelerate Cybersecurity Incident Response
Effective Incident Response is more than just tools. It's a process. Explore the 6-step framework for successful IR.
CyberNews
App used by hundreds of schools leaking children's data
Almost a million files with minors' data, including home addresses, photos, and information about the school they attend, were left open to anyone on the internet, posing a threat to children.
Cyber Security News
Hackers Exploiting Windows SmartScreen Zero-day Vulnerability to Deploy Remcos RAT
Microsoft released multiple security patches as part of their Patch Tuesday in which three zero-day vulnerabilities were also patched.
Cyber Security News
Microsoft Defender Bounty Program: Rewards up to $20,000 USD
Microsoft introduced the Defender Bounty Program to enhance the security of customers' experience with rewards to researchers up to USD 20,000.
Infosecurity News
Europol Launches OSINT Taskforce to Hunt For Russian War Crimes
New unit will scour the internet for evidence
The Hacker News
ClearFake Campaign Expands to Deliver Atomic Stealer on Mac Systems
macOS users beware! Atomic Stealer, a $1,000/month malware, is now spreading through deceptive web browser updates via ClearFake.
DarkReading
Exploit for Critical Windows Defender Bypass Goes Public
Threat actors were actively exploiting CVE-2023-36025 in Windows SmartScreen as a zero-day vulnerability before Microsoft patched it in November.
DarkReading
DPRK Hackers Masquerade as Tech Recruiters, Job Seekers
No one has turned the job market into an attack surface quite like North Korea, which plays both sides for financial gain and, possibly, espionage.
Infosecurity News
India Faces Surge in IM App Attacks With Trojan Campaigns
Microsoft highlighted a shift in tactics, with attackers directly sharing malicious APK files
Infosecurity News
Konni Campaign Deploys Advanced RAT With UAC Bypass Capabilities
Fortinet researchers have detected a malicious Word document displaying Russian text
Bleeping Computer
DarkGate and Pikabot malware emerge as Qakbot’s successors
A sophisticated phishing campaign pushing the DarkGate malware infections has recently added the PikaBot malware into the mix, making it the most advanced phishing campaign since the Qakbot operation was dismantled.
Infosecurity News
DarkGate and PikaBot Activity Surge in the Wake of QakBot Takedown
DarkGate and PikaBot have been observed as part of phishing campaigns using the same tactics as the ones used by QakBot perpetrators
Bleeping Computer
Criminal IP Becomes VirusTotal IP and URL Scan Contributor
The Criminal IP Threat Intelligence (CTI) search engine has integrated its IP address and URL scans into VirusTotal. Learn more from Criminal IP about how this integration can help you.
Cyber Security News
CISA Releases Cyber Attack Mitigation for Healthcare Organizations
CISA has released a Cyber Attack Mitigation Guide specifically tailored for the Healthcare and Public Health (HPH) Sector.
Bleeping Computer
Black Friday deal: Get 50% off Malwarebytes Premium + Privacy VPN
Malwarebytes' is running a Black Friday 2023 deal now through Cyber Monday, offering a 50% discount to the Malwarebytes Premium + Privacy VPN bundle until November 30th.
CyberNews
Enterprise software provider Tmax leaks 2TB of data
Tmax has leaked over 50 million sensitive records.
The Hacker News
New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks
New variant of Agent Tesla malware identified. It's a keylogger and remote access trojan (RAT) offered as part of a malware-as-a-service (MaaS) model.
Security Affairs
Experts warn of a surge in NetSupport RAT attacks
Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors.
The Hacker News
How Multi-Stage Phishing Attacks Exploit QRs, CAPTCHAs, and Steganography
Phishing attacks are getting smarter! Cybercriminals are now using QR codes, CAPTCHAs, and steganography to trick victims. Learn how to stay safe.
CyberNews
Appin group legacy: Indian cyber mercenaries will hack for coin
Researchers from SentilenLabs with a high confidence level attributed intrusions in Norway, Pakistan, China, and India to Appin.
Infosecurity News
US Cybersecurity Lab Suffers Major Data Breach
Idaho National Laboratory is also a center for nuclear research
CyberSecurity Dive
SMBs hit by rise in legitimate tool-based attacks
Attackers are moving away from malware and evading detection by abusing remote monitoring and management software, according to Huntress research.
The Hacker News
Mustang Panda Hackers Targets Philippines Government Amid South China Sea Tensions
China-linked Mustang Panda cyber actor targets Philippines government entity amid South China Sea tensions.
DarkReading
Proof of Concept Exploit Publicly Available for Critical Windows SmartScreen Flaw
Threat actors were actively exploiting CVE-2023-36025 before Microsoft patched it in November.
The Record
Hackers create fake banking apps to steal financial data from Indian users
Researchers have uncovered an ongoing information-stealing campaign targeting customers of Indian banks with mobile malware.
CyberNews
British Library ransom attack claimed, data leak confirmed
The British Library confirms data has been leaked as it struggles to recover from a November 6 ransomware attack claimed by the e Rhysida ransom gang.
Security Affairs
Rhysida ransomware gang is auctioning data stolen from the British Library
The Rhysida ransomware group claimed responsibility for the recent cyberattack on the British Library that has caused a major IT outage.
Infosecurity News
Infostealer Lumma Evolves With New Anti-Sandbox Method
Outpost24 explained the technique relies on trigonometry to discern genuine human behavior
The Hacker News
NetSupport RAT Infections on the Rise - Targeting Government and Business Sectors
Education, government, and businesses are under attack by NetSupport RAT, a dangerous remote access trojan.
SecurityWeek
CISA Releases Cybersecurity Guidance for Healthcare, Public Health Organizations
New CISA guidance details cyber threats and risks to healthcare and public health organizations and recommends mitigations.
The Hacker News
DarkGate and PikaBot Malware Resurrect QakBot's Tactics in New Phishing Attacks
New high-volume phishing campaigns mimic tactics of defunct QakBot trojan, hijacking email threads and using unique URLs to deliver DarkGate & PikaBot
Security Affairs
APT29 group exploited WinRAR 0day in attacks against embassies
Russia-linked cyberespionage group APT29 has been observed leveraging the CVE-2023-38831 vulnerability in WinRAR in recent attacks.
Latest Hacking News
Google Elaborates On Campaigns Exploiting A Now-Patched Zimbra Zero-Day
Months after ensuring that the patch actually works, Google has now disclosed more details about active exploitation of a Zimbra zero-day vulnerability. The tech giant explained how the threat actors exploited the Zimbra zero-day in
The Hacker News
Why Defenders Should Embrace a Hacker Mindset
Prioritizing cybersecurity is key. Learn how to prioritize remediation based on impact and protect your organization's crown jewels.
Infosecurity News
Russia’s APT29 Targets Embassies With Ngrok and WinRAR Exploit
Threat group may be looking for intel on Azerbaijan
Security Affairs
DarkCasino joins the list of APT groups exploiting WinRAR 0day
The DarkCasino APT group leveraged a recently disclosed WinRAR zero-day vulnerability tracked as CVE-2023-38831.
CyberNews
Welltok MOVEit hack impacts 1.6M individuals
Welltok MOVEit Trasnfer breach impacted millions of individuals.
.webp)
Cyber Security News
Hackers Exploiting Zimbra 0-day to Attack Government Organizations
Zimbra Collaboration is an open-source solution software suite with an email server and web client for collaboration.
The Hacker News
Indian Hack-for-Hire Group Targeted U.S., China, and More for Over 10 Years
Indian Hack-for-Hire Group targeted U.S., China, Pakistan, and more for over a decade.
Bleeping Computer
Russian hackers use Ngrok feature and WinRAR exploit to attack embassies
After Sandworm and APT28 (known as Fancy Bear), another state-sponsored Russian hacker group, APT29, is leveraging the CVE-2023-38831 vulnerability in WinRAR for cyberattacks.
Cyber Security News
Weekly Cyber Security News Roundup for the Week of November 13th to 18th
Welcome to the Cyber Security News Recap, a weekly publication by Cyber Writes. Our aim is to bring you up-to-date information on the latest developments in the field of cybersecurity.
Security Affairs
Israeli man sentenced to 80 months in prison for providing hacker-for-hire services
An Israeli hacker has been sentenced to 80 months in prison in the US for his role in a massive spear-phishing campaign
The Hacker News
Russian Cyber Espionage Group Deploys LitterDrifter USB Worm in Targeted Attacks
Russian cyber espionage group linked to the FSB are using a USB worm called LitterDrifter to target Ukrainian organizations.
Bleeping Computer
Bloomberg Crypto X account snafu leads to Discord phishing attack
The official Twitter account for Bloomberg Crypto was used earlier today to redirect users to a deceptive website that stole Discord credentials in a phishing attack.
DarkReading
Scattered Spider Casino Hackers Evade Arrest in Plain Sight
The feds seem to know all about the hacking group brazenly breaking into corporate networks; so why are enterprise teams left on their own to stop their cybercrimes?
DarkReading
Shadowy Hack-for-Hire Group Behind Sprawling Web of Global Cyberattacks
For several years operators at New Delhi-based Appin hacked into, spied on, and stole data from targets around the world for clients that included private investigators, government agencies, law enforcement, and others.
DarkReading
Actions to Take to Defeat Initial Access Brokers
Initial access brokers (IAB) are often difficult to track. This Tech Tip spells out some countermeasures enterprises need to defend against stolen credentials.
Bleeping Computer
Google: Hackers exploited Zimbra zero-day in attacks on govt orgs
Hackers leveraged a medium-severity security issue now identified as CVE-2023-37580 since June 29, nearly a month before the vendor addressed it in version 8.8.15 Patch 41of the software on July 25.
SecurityWeek
In Other News: Major Law Firm Hacked, Chinese Bank Pays Ransom, PyPI Security Audit
Noteworthy stories that might have slipped under the radar: top law firm hacked, Chinese bank pays ransom, PyPI conducts first security audit
The Hacker News
Beware: Malicious Google Ads Trick WinSCP Users into Installing Malware
Operation SEO#LURKER: Cybercriminal are using fake Google ads to trick users searching for software into downloading malware.
SecurityWeek
Researchers Dive Into Activities of Indian Hack-for-Hire Firm Appin
Researchers uncover the activities of Appin, a hack-for-hire Indian firm involved in espionage, surveillance, and disruptive attacks.
Cyber Security News
FBI Shares Tactics & Techniques Used by Scattered Spider Hacker Group
Recently, the FBI and CISA issued a joint Cybersecurity Advisory (CSA) on Scattered Spider threat actors targeting commercial facilities.
SecurityWeek
Israeli Man Who Made $5M From Hacking Scheme Sentenced to Prison in US
Aviram Azari, an Israeli man who made nearly $5 million from a hacking scheme, has been sentenced to 80 months in prison in the US.
CyberSecurity Dive
Threat actors behind Las Vegas casino attacks are social-engineering mavens
Scattered Spider threat actors are attacking large companies and their IT help desks to steal data for extortion, according to federal cyber authorities.
Infosecurity News
Black Friday: Scammers Exploit Luxury Brands to Lure Victims
Check Point Research say these latest luxury brand scams are a wake-up call for shoppers to stay vigilant online
Infosecurity News
FBI Lifts the Lid on Notorious Scattered Spider Group
Security advisory details TTPs of prolific threat actors
The Hacker News
U.S. Cybersecurity Agencies Warn of Scattered Spider's Gen Z Cybercrime Ecosystem
U.S. agencies warn about Scattered Spider cybercriminals using advanced phishing to steal data and extort victims.
The Hacker News
CISA Adds Three Security Flaws with Active Exploitation to KEV Catalog
U.S. CISA has added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog due to evidence of active exploitation in the wild.
The Record
Remcos, again: Ukrainian agencies targeted in a new spying campaign
In a recent campaign, the hacking group tracked as UAC-0050 attempted to spread the Remcos remote access tool, according to research by Ukraine's computer emergencies response team (CERT-UA).
The Record
CISA, FBI warn of Scattered Spider expertise with social engineering, SIM swapping
The leading cybersecurity officials in the U.S. published a stark warning on Thursday about a group of hackers who have disrupted some of the largest companies in the country through social engineering and other tactics.
Bleeping Computer
FBI shares tactics of notorious Scattered Spider hacker collective
The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency released an advisory about the evasive threat actor tracked as Scattered Spider, a loosely knit hacking collective that now collaborates with the ALPHV/BlackCat Russian ransomware operation..
CyberNews
FBI warning on MGM hacker group Scattered Spider, urges victims to come forward
The FBI is warning organizations to guard against the Scattered Spider ransom group, responsible for the MGM and Caesars hacks, plus dozens more US attacks this year.
Security Affairs
Zimbra zero-day exploited to steal government emails by 4 groups
Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day (CVE-2023-37580) to steal emails from governments.
SecurityWeek
Google Adds Passkey Support to New Titan Security Key
Google launches new Titan security key with passkey support, allowing users to store up to 250 unique passkeys.
The Hacker News
Zero-Day Flaw in Zimbra Email Software Exploited by Four Hacker Groups
Zero-day flaw ( CVE-2023-37580) in Zimbra Collaboration email software was exploited by 4 groups, exposing email data and credentials.
SecurityWeek
Zimbra Zero-Day Exploited to Hack Government Emails
Google says a Zimbra zero-day from earlier this year, CVE-2023-37580, was exploited in several campaigns to hack government emails.
SecurityWeek
Bad Bots Account for 73% of Internet Traffic: Analysis
A new report estimates that 73% of all internet traffic currently (Q3, 2023) comprises bad bots and related fraud farm traffic.
The Hacker News
Experts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR Flaw
DarkCasino: From Zero-Day Exploit to APT Threat! Cybersecurity experts classify DarkCasino as a powerful APT group after exploiting a WinRAR flaw
The Hacker News
CISA and FBI Issue Warning About Rhysida Ransomware Double Extortion Attacks
U.S. agencies warn of Rhysida ransomware double extortion attacks on multiple industries, including education, manufacturing and IT.
CyberNews
Multi-million dollar voice phishing fraudsters busted in Europe
A phishing gang defrauded victims across Europe of tens of millions of euros through call centers located in Ukraine, according to Europol.
CyberNews
Vietnam Post exposes 1.2TB of data, including email addresses
At the time of discovery, the data store contained 226 million logged events, resulting in 1.2 Terabytes of data, which was being updated in real-time.
Infosecurity News
European Police Take Down $9m Vishing Gang
Fraudsters operated from Ukrainian call centers
Cyber Security News
Best Network Security Vendors for SaaS - 2024
Best Network Security Vendors for SaaS : 1. Perimeter 81 2. Palo Alto Networks 3. Fortinet 4. Symantec 5. Check Point 6. McAfee 7. Okta.
Security Affairs
FBI and CISA warn of attacks by Rhysida ransomware gang
The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors.
CSO
Top cybersecurity product news of the week
New product and service announcements from Wiz, Palo Alto Networks, Sophos, SecureAuth, Kasada, Lacework, Noname Security, and more.
The Record
Ukrainian and Czech police bust $9 million bank fraud gang
The scammers pretended to be bank security officers, telling victims that their accounts had been hacked, police said. The scheme escalated from there.
The Record
Hackers target Greece, Tunisia, Moldova, Vietnam and Pakistan with Zimbra zero-day
The attacks targeting government agencies were carried out by four different groups throughout the summer, Google's Threat Analysis Group found.
Bleeping Computer
FBI and CISA warn of opportunistic Rhysida ransomware attacks
The FBI and CISA warned today of Rhysida ransomware gang's opportunistic attacks targeting organizations across multiple industry sectors.
Bleeping Computer
Fraud researchers impersonated on X to push crypto-stealing sites
Multiple fake accounts impersonating cryptocurrency scam investigators and blockchain security companies are promoting phishing pages to drain wallets in an ongoing campaign on X (former Twitter).
Bleeping Computer
Fraudsters make $50,000 a day by spoofing crypto researchers
Multiple fake accounts impersonating cryptocurrency scam investigators and blockchain security companies are promoting phishing pages to drain wallets in an ongoing campaign on X (former Twitter).
Infosecurity News
Microsoft Fixes Five Zero-Day Vulnerabilities
Patch Tuesday includes fixes for three actively exploited bugs
Security Affairs
Gamblers’ data compromised after casino giant Strendus fails to set password
Mexican online casino Strendus has exposed sensitive user data, including home addresses and the amounts of money they spent on gambling.
The Record
CISA adds three Microsoft Patch Tuesday bugs to vulnerability list
The top cybersecurity agency in the U.S. warned that hackers are exploiting three vulnerabilities disclosed by Microsoft on Tuesday.
The Record
Critical systems restored at English council following ransomware attack
St Helens Borough Council in northwest England says that about eight weeks after the incident, most services are operating business-as-usual.
Security Affairs
Microsoft Patch Tuesday security updates fixed 3 actively exploited flaws
Patch Tuesday security updates for November 2023 fixed three vulnerabilities actively exploited in the wild.
Bleeping Computer
Pharmacy provider Truepill data breach hits 2.3 million customers
Postmeds, doing business as 'Truepill,' is sending notifications of a data breach informing recipients that threat actors accessed their sensitive personal information.
.jpg)
DarkReading
Royal Ransom Demands Exceed $275M, Rebrand in Offing
The swift-moving ransomware crew continues to evolve quickly and has already attacked more than 350 victims since it was first detected just over a year ago.
Cyber Security News
10 Best Network Security Companies For CISO - 2024
Best Network Security Companies for CISO: 1. Perimeter81 2. Palo Alto Networks 3. Cisco 4. Check Point 5. IBM 6. Crowdstrike 7. Trend Micro.
Cyber Security News
Ransomedvc to Shutdown Operations, Selling Out Infrastructure
Ransomed[.]vc, a notorious ransomware and data extortion group, has recently announced the end of its operations
SecurityWeek
Royal Ransomware Possibly Rebranding After Targeting 350 Organizations Worldwide
CISA says Royal ransomware has targeted 350 organizations to date, demanding over $275 million in ransoms.
CyberNews
Pro-Hamas cybergang develops complex infection tactics with new downloader
A threat actor targeting West Asian governments now uses a labyrinthine infection chain based on delivering a new initial access downloader dubbed IronWind
CyberNews
Gamblers’ data compromised after casino giant fails to set password
One of the biggest online casinos in Mexico has exposed sensitive user data, including home addresses and the amounts of money they spent on gambling.
Infosecurity News
Pro-Palestine APT Group Uses Novel Downloader in New Campaign
TA402 launches new targeted phishing campaigns
CyberSecurity Dive
File-transfer services, rich with sensitive data, are under attack
This year has seen a trio of supply-chain attacks that created turmoil for thousands of corporate victims and their customers.
Infosecurity News
Royal Ransomware Gang Demands $275m in a Year
CISA highlights links to newer Blacksuit variant
The Hacker News
New Campaign Targets Middle East Governments with IronWind Malware
Government entities in the Middle East are under attack by a new phishing campaign employing the IronWind downloader.
CyberNews
Royal Ransomware has a new name after demanding $275M from 350 victims
Royal Ransomware, which emerged in early 2022, already has at least 350 known victims under its belt, added since September 2022.
The Record
Cyber-espionage operation on embassies linked to Russia’s Cozy Bear hackers
Targets in Azerbaijan and Italy bore the brunt of the operation by the Kremlin-backed hackers of APT29, also known as Cozy Bear, according to Ukraine's National Cyber Security Coordination Center.
Jule-Nisserne
Flotte Bjørn og Russiske Hackere Mislykkedes i Angreb på Julenisse-Centralen
I et dristigt forsøg på at forstyrre julen 2023, planlagde Flotte Bjørn og flere prominente russiske ransomware grupper et angreb på Julenisse-Centralen. Operationen blev imidlertid forpurret af Julenissernes overlegne cybersikkerhed.
The Record
CISA, FBI warn that Royal ransomware gang may rebrand as ‘BlackSuit’
The leading cybersecurity agencies in the U.S. released startling new data on the Royal ransomware gang on Monday, confirming previous reports that the gang may be preparing for a rebrand.
Bleeping Computer
Ethereum feature abused to steal $60 million from 99K victims
Malicious actors have been abusing Ethereum's 'Create2' function to bypass wallet security alerts and poison cryptocurrency addresses, which led to stealing $60,000,000 worth of cryptocurrency from 99,000 people in six months.
Bleeping Computer
FBI: Royal ransomware asked 350 victims to pay $275 million
The FBI and CISA revealed in a joint advisory that the Royal ransomware gang has breached the networks of at least 350 organizations worldwide since September 2022.
DarkReading
Ducktail Malware Targets the Fashion Industry
Threat actors distributed an archive containing images of new products by major clothing companies, along with a malicious executable disguised with a PDF icon.
Bleeping Computer
Criminal IP & Cisco SecureX/XDR: Enhanced Cyber Threat Analysis
The Criminal IP threat intelligence search engine by AI SPERA has recently integrated with Cisco SecureX/XDR, empowering organizations to stay ahead of malicious actors. Learn more about this integration from Criminal IP in this article.
Infosecurity News
Malaysian Police Dismantle “BulletProftLink” Phishing Operation
Several arrested and servers seized
The Hacker News
Major Phishing-as-a-Service Syndicate 'BulletProofLink' Dismantled by Malaysian Authorities
Malaysian authorities, with help from the AFP and FBI, shut down the notorious phishing-as-a-service (PhaaS) operation, BulletProofLink.
Bleeping Computer
LockBit ransomware leaks gigabytes of Boeing data
The LockBit ransomware gang published data stolen from Boeing, one of the largest aerospace companies that services commercial airplanes and defense systems.
Bleeping Computer
Iranian hackers launch malware attacks on Israel’s tech sector
Security researchers have tracked a new campaign from Imperial Kitten targeting transportation, logistics, and technology firms.
Cyber Security News
Best Security Solutions for Marketers - 2024
Best security solutions for Marketers: 1. Perimeter 81 2. Surfshark3. Private Internet Access 4. Malwarebytes 5. CyberGhost 6. GoodAccess
Bleeping Computer
Police takes down BulletProftLink large-scale phishing provider
The notorious BulletProftLink phishing-as-a-service (PhaaS) platform that provided more than 300 phishing templates has been seized, the Royal Malaysian Police announced.
Cyber Security News
Batloader: A Batch File That Delivers Several Different Types of Malware
One of the common methods used for delivering the ransomware, RATs, and Cryptojackers was the use of a batloader.
Bleeping Computer
The Rise of Ransomware in Healthcare: What IT Leaders Need to Know
Ransomware attacks are rapidly becoming the weapon of choice, making up over half of all attacks in the healthcare industry. Learn more from Specops Software on securing your organization from these attacks.
Cyber Security News
SideCopy APT group Exploiting WinRAR Zero-Day to Deliver Ares RAT
SideCopy, the Pakistani-based threat actor, has been using the WinRAR vulnerability (CVE-2023-38831) to target Indian government entities.
CyberNews
Data of 800K Chess.com players scraped and released
A hacker under the username DrOne shared data from more than 800k Chess.com users on BreachForums.
CyberNews
McLaren Health Care breach exposes medical data of 2.3M+ individuals
McLaren Health Care breach exposed millions of individuals' sensitive medical data.
The Hacker News
Iran-Linked Imperial Kitten Cyber Group Targeting Middle East's Tech Sectors
Iranian hacker group Imperial Kitten launches cyberattacks on transportation, logistics, and tech sectors, including Israel.
The Hacker News
Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability
Microsoft exposes Lace Tempest's latest move: exploiting a zero-day flaw in SysAid IT support software.
CyberNews
Be careful what you scan: QR scams increase by 51%
Threat actors are using malicious QR codes to steal valuable data and money. Experts say it’s still difficult to detect and mitigate the threats spread by this method.
Cyber Security News
ChatGPT-Powered Malware Attacking Cloud Platforms to Steal Login Credentials
Threat actors can ChatGPT to generate convincing phishing emails or deceptive content that encourages users to download malware.
Infosecurity News
Iran-Affiliated Group Targets Israeli Firms Amid Israel-Hamas Conflict
CrowdStrike attributes recent attacks on the Israeli transportation, logistics, and technology sectors to Iran-affiliated group Imperial Kitten
The Hacker News
New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers
Malicious sites posing as legit Windows news portals spotted distributing malware disguised as CPU-Z.
Infosecurity News
Quishing Campaigns Spike 50% in September
QR code phishing is becoming increasingly popular
Latest Hacking News
Microsoft Authenticator Restricts Suspicious MFA Notifications
The Redmond giant has recently announced introducing a new privacy feature to its authenticator app. With this feature, Microsoft Authenticator app now blocks suspicious multi-factor authentication notifications to prevent potential abuse. Microsoft Authenticator App Blocks Suspicious
CyberNews
Bittrex crypto scam targets defunct platform’s ex clients
Phishing scam that tried to trick former customers of Bittrex into parting with credentials to recover funds exposed.
Cyber Security News
Top 6 Cyber Incident Response Plans - 2024
Top Incident Response Plans : 1. Preparation 2. Identification 3. Containment 4. Eradication 5. Recovery 6. Lessons learned.
The Hacker News
When Email Security Meets SaaS Security: Uncovering Risky Auto-Forwarding Rules
Beware of email auto-forwarding pitfalls. Learn how Wing Security's free tool can safeguard your sensitive data.
The Hacker News
MuddyC2Go: New C2 Framework Iranian Hackers Using Against Israel
MuddyWater expands its cyber arsenal with MuddyC2Go, a new C2 framework used in sophisticated attacks targeting Israel.
CyberSecurity Dive
Ransomware targeting casinos is on the rise, FBI warns
Threat actors have used phishing attacks and exploited vulnerabilities in third-party vendor remote access tools to target the casino gaming industry.
Infosecurity News
UK Shoppers Lost Nearly £11m to Fraud Last Festive Season
NCSC warns of AI-generated scams in run-up to Christmas
Trend Micro
Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting
We analyzed a phishing campaign involving malicious emails containing a link to a file-sharing solution, which further leads to a PDF document with a secondary link designed to steal login info and session cookies.
The Record
Iranian Charming Kitten hackers targeted Israeli organizations in October
The Iranian hacking group targeted organizations in Israel’s transportation, logistics and technology sectors amid an uptick in Iranian cyber activity since the start of Israel’s war with Hamas.
DarkReading
Evasive Jupyter Infostealer Campaign Showcases Dangerous Variant
The attacks are another manifestation of the concerning rise in information stealers for harvesting data and enabling persistent access to enterprise networks.
CSO
Generative AI to fuel stronger phishing campaigns, information operations at scale in 2024
Google Cloud forecasts continued use of gen AI to create smarter campaigns while cybersecurity pros will use the same tools to defend and close the skills gap.
Bleeping Computer
FBI: Ransomware gangs hack casinos via 3rd party gaming vendors
The Federal Bureau of Investigation is warning that ransomware threat actors are targeting casino servers and use legitimate system management tools to increase their permissions on the network.
Infosecurity News
FBI Warns of Emerging Ransomware Initial Access Techniques
The FBI notification advises how to protect against the growing targeting of third-party vendors and services
Cyber Security News
What is Crowdsourced Threat Intelligence?
Crowdsourced threat intelligence is a type of threat intelligence that is gathered and analyzed from a variety of sources.
The Hacker News
Experts Expose Farnetwork's Ransomware-as-a-Service Business Model
Cybersecurity experts unmask 'farnetwork', a Russian-speaking cybercriminal linked to 5 different ransomware-as-a-service (RaaS) programs.
Cyber Security News
4 Zero-Day Bug in Microsoft Exchange Let Attackers Execute Arbitrary Code
Four new zero-day vulnerabilities have been identified in Microsoft Exchange with server-side request forgery and remote code execution.
CyberNews
Marina Bay Sands Singapore luxury resort breached
Singapore’s iconic Marina Bay Sands luxury resort and casino says loyalty member's personal information was compromised in a data breach.
DarkReading
North Korea's BlueNoroff APT Debuts 'Dumbed Down' macOS Malware
Kim Jong-Un's hackers are scraping the bottom of the barrel, using script kiddie-grade malware to steal devalued digital assets.
Infosecurity News
Data Breach at Singapore’s Marina Bay Sands Affects 665,000 Customers
The leaked data include personally identifiable information, such as customers’ names, email addresses, phone numbers and membership numbers
Infosecurity News
GootBot Implant Heightens Risk of Post-Infection Ransomware
IBM found Gootloader group opting for GootBot over off-the-shelf tools for lateral movement
Bleeping Computer
Marina Bay Sands discloses data breach impacting 665,000 customers
The Marina Bay Sands (MBS) luxury resort and casino in Singapore has disclosed a data breach that impacts personal data of 665,000 customers.
CyberNews
TikTok lagging behind rivals like Facebook in security
A new study shows TikTok trailing behind rival platforms in terms of security while Facebook and YouTube lead the way.
The Hacker News
Offensive and Defensive AI: Let’s Chat(GPT) About It
Get the full story on the dangers of the rapidly growing consumer application, ChatGPT, and learn how to resist cyber crime.
The Hacker News
SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities
Pakistani threat actor SideCopy exploiting recent WinRAR vulnerability in attacks on Indian government entities.
The Record
Singapore’s Marina Bay Sands says 665,000 customers had data stolen during cyberattack
The company said it became aware of a data security incident on October 20 after hackers broke into their systems the day before.
The Record
North Korean ‘BlueNoroff’ group targeting financial institutions with macOS malware
BlueNoroff is believed to be affiliated with the notorious Lazarus hacking group and has targeted cryptocurrency exchanges, venture capital firms and banks with malware.
Infosecurity News
Spy Trojan SpyNote Unveiled in Attacks on Gamers
The findings are part of Kaspersky’s latest investigation, spanning from July 2022 to July 2023
Cyber Security News
Hilb Group Cyber Attack: 81K people's Personal Information Exposed
The Hilb Group Operating Company, LLC, a Maryland-based company, has disclosed a major data breach that has affected 81,539 individuals.
Cyber Security News
The Ultimate SaaS Security Admin Guide - 2024
SaaS Security Admin Guide: 1. Encryption 2. Backup and Recovery 3. Data Residency 4. Regular Audits 5. Data Privacy 6. Least Privileges.
The Record
Researchers spot an increase in Jupyter infostealer infections
Education and healthcare institutions seem to be targets in the latest wave of Jupyter infections, according to VMware's Carbon Black team.
Bleeping Computer
Socks5Systemz proxy service infects 10,000 systems worldwide
A proxy botnet called 'Socks5Systemz' has been infecting computers worldwide via the 'PrivateLoader' and 'Amadey' malware loaders, currently counting 10,000 infected devices.
CSO
Iran-linked spy APT MuddyWater ratchets up anti-Israel attacks: Report
Fake folders and remote access tools are part of the MuddyWater advanced persistent threat (APT) espionage group’s latest campaign against Israeli targets, according to cybersecurity firm Deep Instinct.
Bleeping Computer
American Airlines pilot union hit by ransomware attack
Allied Pilots Association (APA), a labor union representing 15,000 American Airlines pilots, disclosed a ransomware attack that hit its systems on Monday.
Bleeping Computer
New Microsoft Exchange zero-days allow RCE, data theft attacks
Microsoft Exchange is impacted by four zero-day vulnerabilities that attackers can exploit remotely to execute arbitrary code or disclose sensitive information on affected installations.
The Hacker News
NodeStealer Malware Hijacking Facebook Business Accounts for Malicious Ads
Cybercriminals are using compromised business accounts to lure victims with "revealing photos of young women," distributing NodeStealer malware.
Jule-Nisserne
Hygge Bjørn Bag Stor Phishing Kampagne
En omfattende phishing-kampagne, lanceret af Hygge Bjørn, har målrettet politiske figurer og organisationer verden over.
The Record
Okta defends 2-week gap in response to identity token theft, says 134 customers affected
The identity management company said that from September 28, to October 17, a threat actor “gained unauthorized access to files inside Okta’s customer support system associated with 134 Okta customers.”
The Record
‘Multi-stage social engineering’ campaign against Israel tied to Iran-based group
Researchers uncovered a recent hacking campaign by a long-running group known as MuddyWater, OilRig or APT34.
Bleeping Computer
Ace Hardware says 1,202 devices were hit during cyberattack
Ace Hardware confirmed that a cyberattack is preventing local stores and customers from placing orders as the company works to restore 196 servers.
Bleeping Computer
Mortgage giant Mr. Cooper hit by cyberattack impacting IT systems
U.S. mortgage lending giant Mr. Cooper was breached in a cyberattack that caused the company to shut down IT systems, including access to their online payment portal.
Infosecurity News
Israeli Entities Under Attack By MuddyWater’s Advanced Tactics
Deep Instinct said MuddyWater leveraged a new file-sharing service called “Storyblok”
CyberSecurity Dive
Okta employee data breached in third-party healthcare attack
An incident at Rightway Healthcare resulted in a breach of sensitive health information of almost 5,000 Okta employees. It’s the latest in a series of security woes for the IAM provider.
Infosecurity News
Spy Module Discovered in WhatsApp Mods
Kaspersky said that between October 5 and 31 alone, it intercepted over 340,000 attacks
Bleeping Computer
Your end-users are reusing passwords – that’s a big problem
Password reuse is a difficult vulnerability for IT teams to get full visibility over. Learn more from Specops Software on how to mitigate the risk of compromised credentials.
Infosecurity News
The People Hacker: AI a Game-Changer in Social Engineering Attacks
Jenny Radcliffe talks to Infosecurity about the changing nature of social engineering scams and the threats posed by AI
Cyber Security News
Securing Your SaaS: Best Practices and Proven Strategies
Protecting cloud-based apps and the data they manage is the primary goal of Software as a Service (SaaS) security.
SecurityWeek
AP News Site Hit by Apparent Denial-of-Service Attack
The Associated Press news website experienced an outage that appeared to be consistent with a denial-of-service attack
Infosecurity News
Forrester: GenAI Will Lead to Breaches and Privacy Fines in 2024
Analyst warns that risks of using the technology will become apparent
The Hacker News
Iran's MuddyWater Targets Israel in New Spear-Phishing Cyber Campaign
Iranian state-backed hackers, MuddyWater, has evolved its tactics. They're now using N-able's Advanced Monitoring Agent.
CSO
Red Sift adds protection against phishing, BEC, and brand abuse
The new capabilities will bolster a company’s cyber resilience, especially in the areas of brand impersonation, BEC, and PKI certificates.
The Record
EU urged to drop new law that could allow member states to intercept and decrypt global web traffic
More than 100 of the world’s most respected cybersecurity experts have written to European Union lawmakers to warn that a proposed legal reform that may soon become law could fundamentally undermine security online.
The Hacker News
Researchers Expose Prolific Puma's Underground Link Shortening Service
Meet "Prolific Puma," the secretive threat actor behind a dangerous link shortening service with thousands of malicious domains used for phishing.
Bleeping Computer
LayerX Enterprise Browser Security Extension – Secure the Modern Workspace
LayerX has developed a secure enterprise browser extension that delivers comprehensive visibility, monitoring, and granular policy enforcement on every event within a browsing session. Learn more about this cybersecurity platform from LayerxSecurity.
SecurityWeek
MITRE Releases ATT&CK v14 With Improvements to Detections, ICS, Mobile
MITRE announces the release of ATT&CK v14, which brings enhancements related to detections, ICS, and mobile.
The Hacker News
Hands on Review: LayerX's Enterprise Browser Security Extension
Protect your organization's most critical interface—The Browser! LayerX's secure extension offers comprehensive visibility and policy enforcement, de
Latest Hacking News
Samsung Galaxy Rolls Out Auto Blocker To Protect Devices
Pledging the utmost security and privacy for its users, Samsung has now developed a dedicated device protection feature. Dubbed “Auto Blocker,” this new feature protects Samsung Galaxy devices from malicious actions, such as sneaky sideloading,
The Hacker News
North Korean Hackers Targeting Crypto Experts with KANDYKORN macOS Malware
State-sponsored North Korean hackers are using a sneaky macOS malware called KANDYKORN to target crypto engineers via Discord.
The Hacker News
Turla Updates Kazuar Backdoor with Advanced Anti-Analysis to Evade Detection
Turla hackers are back with a revised Kazuar backdoor, featuring stealthy anti-analysis techniques & C2 communication disruption.