CSO
US AI experts targeted in cyberespionage campaign using SugarGh0st RAT
Threat actors use phishing techniques to obtain non-public information about generative artificial intelligence.
Bleeping Computer
Microsoft shares temp fix for Outlook encrypted email reply issues
Microsoft has shared a temporary fix for a known issue preventing Microsoft 365 customers from replying to encrypted emails using the Outlook Desktop client.
Bleeping Computer
Russian hackers use new Lunar malware to breach a European govt's agencies
Security researchers discovered two previously unseen backdoors dubbed LunarWeb and LunarMail that were used to compromise a European government's diplomatic institutions abroad.
DarkReading
Windows Quick Assist Anchors Black Basta Ransomware Gambit
When abused by threat actors with sophisticated social-engineering chops, remote-access tools demand that enterprises remain sharp in both defense strategy and employee-awareness training.
SC Magazine
Microsoft’s Quick Assist used in scam to drop Black Basta ransomware
Threat actors use the remote management tool and social engineering to access victims’ systems and install malware.
DarkReading
Scammers Fake DocuSign Templates to Blackmail & Steal From Companies
Cybercriminals are trafficking DocuSign assets that allow for easy extortion and business email compromise.
The Cyber Express
Banco Santander Confirms Data Breach, Assures Customers’ Transactions Remain Secure
Santander, one of the largest banks in the eurozone, confirmed that an unauthorized party had gained access to a database
Security Magazine
Meta is the second most spoofed brand for credential phishing
A sophisticated phishing campaign is bypassing multi-factor authentication in order to target Meta business accounts.
Cyber Security News
5 Common Phishing Vectors and Examples - 2024
Phishing attacks can be executed through various means, such as SMS and phone calls, but the most prevalent method involves sending victims emails containing malicious attachments.
Ars Technica
SSH backdoor has infected 400,000 Linux servers over 15 years and keeps on spreading
Ebury backdoors SSH servers in hosting providers, giving the malware extraordinary reach.
DarkReading
D-Link Routers Vulnerable to Takeover Via Exploit for Zero-Day
A vulnerability in the HNAP login request protocol that affects a family of devices gives unauthenticated users root access for command execution.
Bleeping Computer
Protect against lateral movement attacks by securing credentials
Organizations need to detect and remove intruders quickly to prevent data loss and minimize the impact of lateral movement attacks. Learn more from Specops Software on blocking lateral movement in networks.
.webp)
Cyber Security News
Turla APT Group Attacking European Ministry of Foreign Affairs
The well-known advanced persistent threat (APT) group Turla, which is based in Russia, is said to be going after the European Ministry.
The Hacker News
Turla Group Deploys LunarWeb and LunarMail Backdoors in Diplomatic Missions
Two new backdoors, LunarWeb and LunarMail, have targeted a European ministry of foreign affairs and its diplomatic missions in the Middle East
SecurityWeek
Santander Data Breach Impacts Customers, Employees
The Spanish bank Santander said customers in Chile, Spain and Uruguay are affected by a data breach at a third-party provider.
The Cyber Express
Santander Confirms Data Breach, Assures Customers’ Transactions Remain Secure
Santander, one of the largest banks in the eurozone, confirmed that an unauthorized party had gained access to a database
Cyber Security News
10 Best Network Security Providers for Healthcare Industry in 2024
Best Network Security Providers for the Healthcare Industry - 1. Perimeter 81, 2. Palo Alto Networks, 3. Fortinet, 4. Cisco, 5. Trend Micro
The Cyber Express
SideCopy APT Campaign Found Targeting Indian Universities
Cyble Research and Intelligence Labs (CRIL) researchers have uncovered a new SideCopy campaign. The threat actor group has previously been
Cyber Security News
How To Reduce The Alert Triage Time In Security Operations: SOC Analyst Guide
Alert Triage is a process of recognizing the important alerts from a huge pool of security alerts and allocating the resources accurately.
The Record
Law enforcement data stolen in Wichita ransomware attack
In a data breach notice about the incident, which is still affecting numerous city services, the municipality said hackers copied files from its network.
The Record
Officials defend election security efforts as senators call on them to improve their game
“We've got to do a better job of making sure Americans of all political stripes understand what is very probably coming their way over the next less than six months,” Senate Intelligence Chair Mark Warner told leaders from ODNI, CISA and the FBI.
HACKRead
Android Malware Poses as WhatsApp, Instagram, Snapchat to Steal Data
A new Android malware poses as popular applications like WhatsApp, Instagram, and Snapchat to steal user data, including login credentials.
HACKRead
DNS Tunneling Used for Stealthy Scans and Email Tracking
DNS tunneling is being used to bypass security filters by hiding malicious traffic in DNS packets, allowing hackers to steal stolen data.
DarkReading
DNS Tunneling Abuse Expands to Tracking & Scanning Victims
Several campaigns are leveraging the evasive tactic to provide useful insights into victims' online activities, and find new ways to compromise organizations.
SecurityWeek
Attackers Use DNS Tunneling to Track Victim Activity, Scan Networks
Threat actors are using DNS tunneling to track victims’ interaction with spam and to scan network infrastructures.
The Cyber Express
Credibility in Question: Meesho Data Breach Claims Echo 2020 Leak
A threat actor using the alias qpwomsx has claimed responsibility for an alleged data breach affecting the popular Indian online
The Hacker News
Ongoing Campaign Bombarded Enterprises with Spam Emails and Phone Calls
A new social engineering campaign is targeting enterprises with spam emails to gain initial access. The threat actor overwhelms users' email and calls
Infosecurity News
Hackers Use DNS Tunneling to Scan and Track
Palo Alto Networks warns threat actors are using DNS tunneling techniques to probe for network vulnerabilities
Cyber Security News
Hackers Weaponize Word Files To Deliver DanaBot Malware
Recent email campaigns distribute DanaBot malware through two document types: those using equation editor exploits and those containing
.webp)
Cyber Security News
Beware! Threat Actor Selling Outlook RCE 0-Day on Hacking Forums
A threat actor has reportedly put up for sale a RCE 0-day exploit targeting various versions of Microsoft Outlook..
Security Affairs
Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware
Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware
SC Magazine
LockBit ransomware spread in millions of emails via Phorpiex botnet
Emails from “Jenny Green” delivered LockBit Black through attached ZIP files.
DarkReading
500 Victims In, Black Basta Reinvents With Novel Vishing Strategy
Ransomware groups have always created problems for their victims that only they could solve. Black Basta is taking that core idea in a creative, new direction.
Ars Technica
Black Basta ransomware group is imperiling critical infrastructure, groups warn
Threat group has targeted 500 organizations. One is currently struggling to cope.
Bleeping Computer
Botnet sent millions of emails in LockBit Black ransomware campaign
Since April, millions of phishing emails have been sent through the Phorpiex botnet to conduct a large-scale LockBit Black ransomware campaign.
Bleeping Computer
Hackers use DNS tunneling for network scanning, tracking victims
Threat actors are using Domain Name System (DNS) tunneling to track when their targets open phishing emails and click on malicious links, and to scan networks for potential vulnerabilities.
DarkReading
IntelBroker Nabs Europol Info; Agency Investigating
Europe's cross-border law enforcement agency says the well-known hacking outfit, contrary to claims, did not access operational data.
SecurityWeek
Europol Investigating Breach After Hacker Offers to Sell Classified Data
Europol is investigating a data breach, but says no core systems are impacted and no operational data has been compromised.
Latest Hacking News
Dell API Exploitation Led to Breach Affecting 49M Customers
Dell customers need to stay cautious as the vendors admit a data breach impacting their customers. What makes this breach notable is its root cause, which turns out to be a Dell API exploit by
The Hacker News
The 2024 Browser Security Report Uncovers How Every Web Session Could be a Security Minefield
Are your browser extensions safe? 33% in most orgs aren't! Learn to protect your data with insights from the 2024 Browser Security Report.
CyberNews
AI abused to clone voices, FBI warns
The San Francisco division of the FBI is warning individuals and organizations to be aware of AI used by cybercriminals.
The Cyber Express
TCE Cyberwatch: Weekly Wrap on AI, Deepfakes, Cybersecurity Challenges Affecting Nations Worldwide
This week on TCE Cyberwatch we’re covering the different data breaches and vulnerabilities faced by different companies. Along with this,
The Record
'Russian' hackers deface potentially hundreds of local British news sites
An infiltrator posted a breaking news story titled "PERVOKLASSNIY RUSSIAN HACKERS ATTACK" on websites owned by Newsquest Media Group.
Krebs on Security
How Did Authorities Identify the Alleged Lockbit Boss?
Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit's leader "LockBitSupp" claims the feds named the wrong guy,…
The Cyber Express
State Actor Made Three Attempts to Breach B.C. Government Networks
A state or state-sponsored actor orchestrated the "sophisticated" cyberattacks against the British Columbia government networks, revealed the head of B.C.’s
Bleeping Computer
Dell API abused to steal 49 million customer records in data breach
The threat actor behind the recent Dell data breach revealed they scraped information of 49 million customer records using an partner portal API they accessed as a fake company.
The Hacker News
North Korean Hackers Deploy New Golang Malware 'Durian' Against Crypto Firms
North Korean hackers have unleashed a new Golang malware called "Durian" in targeted attacks against South Korean crypto firms.
Security Affairs
Russia-linked APT28 targets government Polish institutions
CERT Polska warns of a large-scale malware campaign against Polish government institutions conducted by Russia-linked APT28.
CyberSecurity Dive
Officials see a real change in Microsoft’s security plans: financial accountability
CISA Director Jen Easterly pointed to Microsoft’s decision to link security to executive compensation as a meaningful signal of its priorities.
CSO
Dell data breach exposes data of 49 million customers
The company says the breach compromised non-critical customer data and involved no sensitive personal or financial information.
Cyber Security News
Dell Hacked - 49 Million Customers Data Affected
Dell Technologies is investigating a data breach incident involving a company portal containing limited customer information related to purchases.
The Record
Okta’s security chief on the company’s own cyberattack and how the ‘battleground’ has shifted
Okta Chief Security Officer David Bradbury discusses lessons from the incident, how nation-state threats are evolving, and how AI is already influencing identity-based attacks.
Bleeping Computer
Poland says Russian military hackers target its govt networks
Poland says a state-backed threat group linked to Russia's military intelligence service (GRU) has been targeting Polish government institutions throughout the week.
Bleeping Computer
Monday.com removes "Share Update" feature abused for phishing attacks
Project management platform Monday.com has removed its "Share Update" feature after threat actors abused it in phishing attacks.
Bleeping Computer
AT&T delays Microsoft 365 email delivery due to spam wave
AT&T's email servers are blocking connections from Microsoft 365 due to a "high volume" spam wave originating from Microsoft's service.
Infosecurity News
Mobile Banking Malware Surges 32%
Afghanistan, Turkmenistan and Tajikistan victims experienced the highest share of banking Trojans
Bleeping Computer
Dell warns of data breach, 49 million customers allegedly affected
Dell is warning customers of a data breach after a threat actor claimed to have stolen information for approximately 49 million customers.
The Hacker News
Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign
Russia-Linked APT28 Strikes Poland with Malware Campaign Polish government bodies were hit by a sophisticated malware attack orchestrated by the infam
The Cyber Express
International Baccalaureate Exam Hack Speculation Sparks Student Outrage
The International Baccalaureate Organization (IBO) confirmed a hacking incident, while clarifying that no ongoing exam papers were leaked despite claims
CyberNews
AI ethicists warn against haunting of ‘griefbots’
The emerging industry of “digital afterlives” will cause social and psychological harm, University of Cambridge researchers have warned.
SecurityWeek
BetterHelp Customers Begin Receiving Refund Notices From $7.8M Data Privacy Settlement, FTC Says
BetterHelp customers have started receiving refund notices from a $7.8 million data privacy settlement, the FTC says.
HACKRead
The Future of Phishing Email Training for Employees in Cybersecurity
The future of cybersecurity awareness lies in training programs. Discover the future of phishing email training, including gamification and AI.
The Record
Poland says it was targeted by Russian military intelligence hackers
A phishing campaign against Polish institutions was the work of Russia’s military intelligence agency, the GRU, according to CERT-PL.
DarkReading
UK Military Data Breach a Reminder of Third-Party Risk
An attacker accessed personal information of over 225,000 active, reserve, and former UK military members from third-party payroll processing system.
SecurityWeek
New 'TunnelVision' Technique Leaks Traffic From Any VPN System
A new technique named TunnelVision allows attackers to bypass the VPN and redirect traffic through the local network.
DarkReading
Microsoft Will Hold Execs Accountable for Cybersecurity
At least a portion of executive compensation going forward will be tied to meeting security goals and metrics.
The Cyber Express
MedStar Health Reports Data Breach Impacting 183,000 Patients
MedStar Health, a prominent non-profit healthcare provider disclosed a data breach that impacts more than 183,000 patients from its hundreds
CyberSecurity Dive
Generative AI is a looming cybersecurity threat
Researchers have not identified any AI-engineered cyberattack campaigns, yet, but they say it’s only a matter of time before an AI system is dominant enough in the market to draw attention.
Infosecurity News
MedStar Health and DocGo Reveal Data Breaches
MedStar Health and DocGo have become the latest US healthcare providers to announce cybersecurity incidents
The Hacker News
APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data
APT42, an Iranian state-backed hacking group, is leveling up its social engineering tactics. They're posing as journalists and event organizers to bui
Cyber Security News
HijackLoader Using Weaponized PNG Files To Deliver Multiple Malware
HijackLoader, a modular malware loader observed in 2023, is evolving with new evasion techniques, as it is a variant using a PNG image to
SecurityWeek
Germany Recalls Its Ambassador in Russia for a Week in Protest Over a Hacker Attack
Germany recalled its ambassador to Russia for consultations in Berlin following an alleged hacker attack on Chancellor Olaf Scholz’s party.
The Record
Nearly 184,000 MedStar Health patients' personal data possibly breached
The major Washington, D.C., and Maryland health network says the personal data of tens of thousands of people was likely exposed when an outsider accessed emails and files belonging to three employees.
HACKRead
Cuckoo Mac Malware Mimics Music Converter to Steals Passwords and Crypto
Cybersecurity researchers from Mac security provider, Kandji, have discovered a new malware dubbed "Cuckoo" targeting macOS users.
SecurityWeek
Google Debuts New Security Products, Hyping AI and Mandiant Expertise
Google rolls out new threat-intel and security operations products and looks to the magic of AI to tap into the booming cybersecurity market.
SecurityWeek
CyberNut Emerges From Stealth With K-12 Security Awareness Training Solution
CyberNut has emerged from stealth mode with a K-12-focused security awareness training solution and $800k in pre-seed funding.
%20(1).webp)
Cyber Security News
MedStar Health Breach: Hackers Accessed Emails & Files
MedStar Health, a major healthcare provider in the U.S, has reported a data breach involving unauthorized access to the email accounts.
The Cyber Express
Six Australian MPs Confirm They were Targeted by China’s APT31 Hackers
Six Australian Members of the Parliament confirmed today that they were targeted by Chinese-state hackers APT31 in a brazen cyberattack
CyberNews
MedStar suffers data breach,183K patients exposed
The American healthcare service MedStar has suffered a breach, with attackers gaining access to the personal information of 183,000 patients.
CSO
Germany blames Russian hackers for months-long cyber espionage
The attacks by Russia-backed Fancy Bear used an Outlook exploit to compromise several German officials’ accounts.
SC Magazine
RSAC 2024: Google on the promise of large language models and cybersecurity
Taking a sober look at where and how offensive and defensive GenAI is being used to keep security professionals on their toes.
.png)
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
The weekly news summary keeps you up to date with what’s happening in cybersecurity, including developments, vulnerabilities, breaches, threats, and defensive strategies. Knowing about new cyber risks and attack vectors helps you put up safeguards and preventive measures as soon as possible to protect your systems. Remaining constantly aware gives you a holistic view of […]
Bleeping Computer
Iranian hackers pose as journalists to push backdoor malware
The Iranian state-backed threat actor tracked as APT42 is employing social engineering attacks, including posing as journalists, to breach corporate networks and cloud environments of Western and Middle Eastern targets.
SecurityWeek
German Foreign Minister Says Russia will Face Consequences for Monthslong Cyber Espionage
Germany was joined by NATO and fellow European countries in warning that Russia’s cyberespionage would have consequences.
CyberNews
Tech support scams top list of elder fraud, new FBI report
Cyber scams targeting seniors have risen 11% since 2022, costing those over 60 more than $3.4 billion in losses, a new FBI Elderly Fraud report states.
Bleeping Computer
NSA warns of North Korean hackers exploiting weak DMARC email policies
The NSA and FBI warned that the APT43 North Korea-linked hacking group exploits weak email Domain-based Message Authentication Reporting and Conformance (DMARC) policies to mask spearphishing attacks.
SecurityWeek
Microsoft Overhauls Cybersecurity Strategy After Scathing CSRB Report
Microsoft security chief Charlie Bell pledges significant reforms and a strategic shift to put security above all other product features.
CyberSecurity Dive
Microsoft restructures security governance, aligning deputy CISOs and engineering teams
The company will enhance management roles under the CISO and partially tie compensation to security performance.
DarkReading
Critical GitLab Bug Under Exploit Enables Account Takeover, CISA Warns
Patch now: Cyberattackers are exploiting CVE-2023-7028 (CVSS 10) to take over and lock users out of GitLab accounts, steal source code, and more.
Infosecurity News
North Korean Hackers Spoofing Journalist Emails to Spy on Experts
The US warns that the North Korea-linked Kimsuky group is exploiting poorly configured DMARC protocols to spoof legitimate domains in espionage phishing campaigns
SecurityWeek
US Says North Korean Hackers Exploiting Weak DMARC Settings
The US government warns of a North Korean threat actor abusing weak email DMARC settings to hide spear-phishing attacks.
Cyber Security News
How U.S K-12 Schools Can Solve Their Top 10 Cybersecurity Challenges - Free E-Book
Solutions for each challenge are explained in more depth by Cynet’s new guide, “Top 10 Cybersecurity Challenges Faced by K-12 Institutions.”
SecurityWeek
Botnet Disrupted by FBI Still Used by Russian Spies, Cybercriminals
A botnet dismantled in January and used by Russia-linked APT28 consisted of more than just Ubiquiti Edge OS routers.
The Hacker News
New Guide Explains How to Eliminate the Risk of Shadow SaaS and Protect Corporate Data
Beware of "Shadow SaaS" - a hidden threat to organizations. Learn more: click the link for a must-read guide.
The Hacker News
NSA, FBI Alert on N. Korean Hackers Spoofing Emails from Trusted Sources
U.S. government warns of North Korean hackers sending spoofed emails to gather intelligence.
CSO
Microsoft continues to add, shuffle security execs in the wake of security incidents
The company has appointed new product security chiefs as well as a customer-facing CISO as it continues to respond to high-profile attacks on its products and own network.
The Record
Email security loopholes are latest path for North Korean social engineering attacks
The FBI, NSA are warning that the group labeled Kimsuky is exploiting improperly configured instances of DMARC, an email security tool, to send messages intended to trick recipients into thinking they came from legitimate sources.
SC Magazine
FBI warns of email spoofing by North Korean threat actor Kimsuky
The state-sponsored group is exploiting weak DMARC policies to impersonate legitimate domains.
The Record
Ukraine records increase in financially motivated attacks by Russian hackers
“The emergence of new actors suggests a deliberate strategy by Russia to diversify its cyberwarfare arsenal,” according to an official with Ukraine's cyber agency.
DarkReading
DPRK's Kimsuky APT Abuses Weak DMARC Policies, Feds Warn
Organizations can go a long way toward preventing spoofing attacks by changing one basic parameter in their DNS settings.
Loading more articles....