The Cyber Express
Russian Hackers Used Two New Backdoors to Spy on European Foreign Ministry
Researchers recently uncovered two new backdoors implanted within the infrastructure of a European Ministry of Foreign Affairs (MFA) and its
The Hacker News
Researchers Uncover 11 Security Flaws in GE HealthCare Ultrasound Machines
Nearly a dozen security flaws have been discovered in the GE HealthCare Vivid Ultrasound product family.
Cyber Security News
5 Common Phishing Vectors and Examples - 2024
Phishing attacks can be executed through various means, such as SMS and phone calls, but the most prevalent method involves sending victims emails containing malicious attachments.
Infosecurity News
PDF Exploitation Targets Foxit Reader Users
CPR said exploit builders in .NET and Python have been employed to deploy this malware
Bleeping Computer
Banco Santander warns of a data breach exposing customer info
Banco Santander S.A. announced it suffered a data breach impacting customers after an unauthorized actor accessed a database hosted by one of its third-party service providers.
SecurityWeek
Threat Actors Abuse GitHub to Distribute Multiple Information Stealers
Russian-speaking threat actors are caught abusing a GitHub profile to distribute information stealers posing as legitimate software.
.webp)
Cyber Security News
Turla APT Group Attacking European Ministry of Foreign Affairs
The well-known advanced persistent threat (APT) group Turla, which is based in Russia, is said to be going after the European Ministry.
The Hacker News
Turla Group Deploys LunarWeb and LunarMail Backdoors in Diplomatic Missions
Two new backdoors, LunarWeb and LunarMail, have targeted a European ministry of foreign affairs and its diplomatic missions in the Middle East
SecurityWeek
400,000 Linux Servers Hit by Ebury Botnet
The Ebury Linux botnet has ensnared over 400,000 Linux systems in 15 years, with roughly 100,000 still infected.
Ars Technica
Apple, SpaceX, Microsoft return-to-office mandates drove senior talent away
"It’s easier to manage a team that’s happy.”
SecurityWeek
FCC Warns of 'Royal Tiger' Robocall Scammers
The FCC has issued a public notice on robocall scammer group ‘Royal Tiger’, the first designated threat actor.
SC Magazine
Royal Tiger robocall gang impersonated feds, banks, utilities, FCC says
The FCC has smacked the group with a first-of-its-kind threat classification for its persistent, fraudulent activity.
Bleeping Computer
FCC reveals Royal Tiger, its first tagged robocall threat actor
The Federal Communications Commission (FCC) has named its first officially designated robocall threat actor 'Royal Tiger,' a move aiming to help international partners and law enforcement more easily track individuals and entities behind repeat robocall campaigns.
The Cyber Express
Hacker Offers Data Allegedly Stolen from the City of New York
An unidentified threat actor known as "pwns3c" has offered access to a database purported to contain sensitive data and documents
.png)
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
Staying informed is the key in this dynamic battle of cybersecurity, and due to this, the weekly news recap provides you with the newest trends, weaknesses, infringements found, and some possible defense mechanisms.
Ars Technica
Dell responds to return-to-office resistance with VPN, badge tracking
Report claims new tracking starts May 13 with unclear consequences.
Bleeping Computer
FBI warns of gift card fraud ring targeting retail companies
The FBI warned retail companies in the United States that a financially motivated hacking group has been targeting employees in their gift card departments in phishing attacks since at least January 2024.
CyberSecurity Dive
Generative AI is a looming cybersecurity threat
Researchers have not identified any AI-engineered cyberattack campaigns, yet, but they say it’s only a matter of time before an AI system is dominant enough in the market to draw attention.
The Hacker News
Russian Operator of BTC-e Crypto Exchange Pleads Guilty to Money Laundering
Russian operator of BTC-e crypto exchange pleads guilty to money laundering charges spanning 2011-2017.
Krebs on Security
U.S. Charges Russian Man as Boss of LockBit Ransomware Group
The United States joined the United Kingdom and Australia today in sanctioning 31-year-old Russian national Dmitry Yuryevich Khoroshev as the alleged leader of the infamous ransomware group LockBit. The U.S. Department of Justice also indicted Khoroshev as the gang's leader…
Ars Technica
Counterfeit Cisco gear ended up in US military bases, used in combat operations
"One of the largest counterfeit-trafficking operations ever."
Ars Technica
Microsoft ties executive pay to security following multiple failures and breaches
Microsoft has been criticized for "preventable" failures and poor communication.
Bleeping Computer
NSA warns of North Korean hackers exploiting weak DMARC email policies
The NSA and FBI warned that the APT43 North Korea-linked hacking group exploits weak email Domain-based Message Authentication Reporting and Conformance (DMARC) policies to mask spearphishing attacks.
SecurityWeek
CISA, FBI Urge Organizations to Eliminate Path Traversal Vulnerabilities
CISA and the FBI warn of threat actors abusing path traversal software vulnerabilities in attacks targeting critical infrastructure.
Bleeping Computer
CISA urges software devs to weed out path traversal vulnerabilities
CISA and the FBI urged software companies today to review their products and eliminate path traversal security vulnerabilities before shipping.
SecurityWeek
Verizon DBIR 2024 Shows Surge in Vulnerability Exploitation, Confirmed Data Breaches
Verizon 2024 DBIR shows that vulnerability exploitation increased three times and confirmed data breaches doubled compared to 2023.
CSO
Iranian hackers harvest credentials through advanced social engineering campaigns
Mandiant observed several malicious campaigns with threat actors impersonating journalists and harvesting the victim’s cloud environment credentials.
The Cyber Express
Ladakh Social Welfare Department Data Hit By Alleged Cyberattack
A threat actor has claimed to have leaked the database of the Department of Social Welfare Ladakh, Government of India.
SecurityWeek
UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware Strike
UnitedHealth Group’s CEO Andrew Witty shares details on the damaging cyberattack in testimony before a US Congress committee on May 1.
Bleeping Computer
New Latrodectus malware attacks use Microsoft, Cloudflare themes
Latrodectus malware is now being distributed in phishing campaigns using Microsoft Azure and Cloudflare lures to appear legitimate while making it harder for email security platforms to detect the emails as malicious.
Bleeping Computer
Philadelphia Inquirer: Data of over 25,000 people stolen in 2023 breach
Daily newspaper Philadelphia Inquirer revealed that attackers behind a May 2023 security breach have stolen the personal and financial information of 25,549 individuals.
DarkReading
Wireless Carriers Face $200M FCC Fine As Data Privacy Waters Roil
Verizon, AT&T, and T-Mobile USA are being fined $200 million for sharing location data. They plan to appeal the decision, which is the culmination of a four-year investigation into how carriers sold customer data to third parties.
SecurityWeek
Chinese Hackers Have Been Probing DNS Networks Globally for Years: Report
Muddling Meerkat conducts operations through DNS by creating large volumes of widely distributed queries that are propagated using open DNS resolvers.
SecurityWeek
Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues
Microsoft Copilot provides an easy and logical first step into GenAI for many organizations, but beware of the privacy pitfalls.
SC Magazine
Defending infrastructure, securing systems key to CISA's new AI guidelines
The guidelines are part of Homeland Security’s ongoing efforts to reduce the risks, and maximize the benefits of artificial intelligence.
SecurityWeek
Honeywell: USB Malware Attacks on Industrial Orgs Becoming More Sophisticated
An analysis conducted by Honeywell shows that much of the USB-borne malware targeting industrial organizations can still cause OT disruption.
CyberNews
FTC accuses Bezos, other Amazon execs of concealing potential evidence
The FTC is claiming top Amazon executives, including founder Jeff Bezos, have been using disappearing messaging apps such as Signal to conceal potential evidence.
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
Welcome to this week's edition of the Cyber Security News Weekly Round-Up. This issue covers the latest vulnerabilities, cyber attacks, and emerging threats that have been making headlines. Stay informed and stay secure!
HACKRead
Feds Bust Privacy-Centric Samourai Wallet Over BTC Money Laundering
The official website of Samourai Wallet has been seized, while its official app on the Apple Store and Google Play has been removed.
Cyber Security News
Hackers Abuse Autodesk Drive For Hosting Weaponized PDF Files
Hackers abuse the Autodesk hosting platform to host malicious PDF files, which leads to phishing attacks on victims.
Cyber Security News
PoC Exploit Released For Critical Flowmon Vulnerability
A critical vulnerability was addressed by Progress last week which was associated with unauthenticated Command injection on the Progress
SecurityWeek
Autodesk Drive Abused in Phishing Attacks
A new phishing campaign abuses compromised email accounts and targets corporate users with PDF files hosted on Autodesk Drive.
DarkReading
Iran Dupes US Military Contractors, Gov't Agencies in Cyber Campaign
A state-sponsored hacking team employed a clever masquerade and elaborate back-end infrastructure as part of a five-year info-stealing campaign that compromised the US State and Treasury Departments, and hundreds of thousands of accounts overall.
SecurityWeek
UnitedHealth Says Patient Data Exposed in Change Healthcare Cyberattack
UnitedHealth confirms that personal and health information was stolen in a ransomware attack that could cost the company up to $1.6 billion.
SecurityWeek
US Government Releases Guidance on Securing Election Infrastructure
New US guidance details foreign malign influence operations to help election infrastructure stakeholders increase resilience.
SecurityWeek
SAP Applications Increasingly in Attacker Crosshairs, Report Shows
Malicious hackers are targeting SAP applications at an alarming pace, according to warnings from Onapsis and Flashpoint.
SecurityWeek
Five Eyes Agencies Release New AI Security Guidance
Five Eyes cybersecurity agencies have released joint guidance on securely deploying and operating AI systems.
The Hacker News
How to Conduct Advanced Static Analysis in a Malware Sandbox
Ever worried about malware in PDFs? ANY.RUN's sandbox can expose hidden threats just by analyzing the file's structure.
Ars Technica
Broadcom says “many” VMware perpetual licenses got support extensions
Broadcom reportedly accused of changing VMware licensing and support conditions.
CyberNews
Canada pushes taxes on Big Tech firms, America unhappy
Canada will press ahead with the introduction of a digital services tax on large tech companies, Because these firms are American, Washington thinks the plan is unfair.
SecurityWeek
Cryptojacker Arrested, Charged for Defrauding Cloud Providers of $3.5 Million
Charles O. Parks III was arrested and charged with defrauding two cloud-services providers of $3.5 million.
The Hacker News
FTC Fines Mental Health Startup Cerebral $7 Million for Major Privacy Violations
The FTC fined mental telehealth service Cerebral over $7 million for deceptive data sharing practices and failing to honor its cancellation policies.
Krebs on Security
Who Stole 3.6M Tax Records from South Carolina?
For nearly a dozen years, residents of South Carolina have been kept in the dark by state and federal investigators over who was responsible for hacking into the state's revenue department in 2012 and stealing tax and bank account information…
Cyber Security News
StrelaStealer’s Malware Resurgence: What Security Leaders Need to Know in 2024
we’ll dissect a timely example of credential theft—StrelaStealer—to identify the malware’s characteristics and capabilities.
CSO
CISA opens its malware analysis and threat hunting tool for public use
Malware Next-Gen will allow organizations to submit suspicious files and URLs for analysis.
HACKRead
Best Paid and Free OSINT Tools for 2024
In this article, we will explore 12 paid and free OSINT tools that can be very useful when utilized properly and for appropriate purposes.
Bleeping Computer
CISA makes its "Malware Next-Gen" analysis system publicly available
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new version of "Malware Next-Gen," now allowing the public to submit malware samples for analysis by CISA.
Bleeping Computer
LastPass: Hackers targeted employee in failed deepfake CEO call
LastPass revealed this week that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the company's Chief Executive Officer.
SecurityWeek
Sisense Data Breach Triggers CISA Alert and Urgent Calls for Credential Resets
CISA issues a red-alert for what appears to be a massive supply chain breach at Sisense, a company that sells big-data analytics services.
Bleeping Computer
How to automate up to 90% of IT offboarding tasks
Employee offboarding isn't anybody's favorite task—but it's a critical IT process that needs to be executed diligently and efficiently. Learn more from Nudge Security on automating offboarding of users in a secure manner.
SecurityWeek
IMF: Financial Firms Lost $12 Billion to Cyberattacks in Two Decades
The financial sector has suffered over 20,000 cyberattacks in two decades, causing more than $12 billion in losses.
SecurityWeek
CISA Releases Malware Next-Gen Analysis System for Public Use
The Malware Next-Gen system is now available for any organization to submit malware samples and other suspicious artifacts for analysis.
SecurityWeek
530k Impacted by Data Breach at Wisconsin Healthcare Organization
The personal information of 500,000 people was compromised in a data breach at Group Health Cooperative of South Central Wisconsin.
DarkReading
Top MITRE ATT&CK Techniques and How to Defend Against Them
A cheat sheet for all of the most common techniques hackers use, and general principles for stopping them.
Infosecurity News
Foreign Interference Drives Record Surge in IP Theft
DTEX claims industrial espionage and IP theft are at an all-time high thanks to malicious insiders
DarkReading
Vietnamese Cybergang Nets Financial, Social Media Data
With a complex attack chain and a Telegram C2, CoralRaider targets victims in Asian countries — and appears to have accidentally infected itself.
Infosecurity News
Byakugan Infostealer Capabilities Revealed
Fortinet said the malware functions identified include screen monitoring, screen capturing, cryptomining and more
SecurityWeek
Healthcare IT Help Desk Employees Targeted in Payment-Hijacking Attacks
The US Department of Health warns of financially motivated social engineering attacks targeting healthcare organizations.
CyberNews
Microsoft: China uses AI to test US voters and sow division
Chinese actors have been doubling down on familiar targets over the past year and are now using AI-generated content to achieve their goals, a report from Microsoft says.
DarkReading
Solar Spider Targets Saudi Arabia Banks via New Malware
An ongoing cyberattack with ties to China uses new version of sophisticated JSOutProx Trojan, now targeting banks in the Middle East.
Cyber Security News
JsOutProx Malware Abusing GitLab To Attack Financial Institutions
GitLab is a prominent web-based Git repository manager that is exploited by hackers to gain unauthorized access to confidential source code,
SC Magazine
Health sector help desks duped by social engineering scams, HHS warns
Hackers are using a sophisticated social engineering ruse targeting IT help desk staff to gain initial access to healthcare organizations.
Bleeping Computer
The new features coming in Windows 11 24H2, expected this fall
Windows 11 24H2 is set to arrive on existing devices this fall with several new features, mostly Copilot-related improvements.
Bleeping Computer
New Windows driver blocks software from changing default web browser
Microsoft is now using a Windows driver to prevent users from changing the Windows 10 and Windows 11 default browser manually or through software.
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
Welcome to the Cyber Security News Weekly Round-Up. Each week, we will explore the latest cyber threats, vulnerabilities, and notable stories that have shaped the cybersecurity landscape.
Bleeping Computer
US Health Dept warns hospitals of hackers targeting IT help desks
The U.S. Department of Health and Human Services (HHS) warns that hackers are now using social engineering tactics to target IT help desks across the Healthcare and Public Health (HPH) sector.
Cyber Security News
Hackers Use Weaponized PDF Files to Deliver Byakugan Malware on Windows
PDF files weaponized by hackers are commonly used as an attack vector since PDFs are highly trusted and shared documents.
HACKRead
Beware the Blur: Phishing Scam Drops Byakugan Malware via Fake PDF
Cybersecurity firm Fortinet alerts users of a phishing scam campaign distributing the Byakugan malware which targets Windows users.
SecurityWeek
Lens Maker Hoya Scrambling to Restore Systems Following Cyberattack
Japanese lens maker Hoya says production processes and ordering systems were disrupted by a cyberattack that may involve ransomware.
The Hacker News
From PDFs to Payload: Bogus Adobe Acrobat Reader Installers Distribute Byakugan Malware
Watch out for FAKE Adobe Acrobat Reader installers. They carry a nasty malware called Byakugan that steals your data.
Cyber Security News
Rhadamanthys Stealer Using Weaponized PDF Files To Attack Oil And Gas Sector
Hackers use weaponized PDF files as they have the ability to incorporate malicious codes or scripts within a well-known and trusted form of
The Hacker News
New Wave of JSOutProx Malware Targeting Financial Firms in APAC and MENA
Financial organizations in APAC & MENA are under attack. A sophisticated threat dubbed JSOutProx combines JavaScript & .NET to infiltrate systems.
Computerworld
A phish by any other name should still not be clicked
Why are so many companies sending out emails to customers that look like phasing attempts? Don't they pay attention to their own security efforts?
Bleeping Computer
Visa warns of new JSOutProx malware variant targeting financial orgs
Visa is warning about a spike in detections for a new version of the JsOutProx malware targeting financial institutions and their customers.
Bleeping Computer
Hoya’s optics production and orders disrupted by cyberattack
Hoya Corporation, one of the largest global manufacturers of optical products, says a "system failure" caused servers at some of its production plants and business divisions to go offline on Saturday.
Infosecurity News
New JSOutProx Malware Targets Financial Firms in APAC, MENA
First found in 2019, JSOutProx combines JavaScript and .NET functionalities to infiltrate systems
The Hacker News
New Phishing Campaign Targets Oil & Gas with Evolved Data-Stealing Malware
Oil & gas companies beware! Hackers are using the updated Rhadamanthys info-stealer in phishing attacks.
Krebs on Security
Fake Lawsuit Threat Exposes Privnote Phishing Sites
A cybercrook who has been setting up websites that mimic the self-destructing message service Privnote.com accidentally exposed the breadth of their operations recently when they threatened to sue a software company. The disclosure revealed a profitable network of phishing sites…
Bleeping Computer
Jackson County in state of emergency after ransomware attack
Jackson County, Missouri, is in a state of emergency after a ransomware attack took down some county services on Tuesday.
DarkReading
Oil & Gas Sector Falls for Fake Car Accident Phishing Emails
Effective Rhadamanthys phishing campaign spoofs nonexistent "Federal Bureau of Transportation" to compromise recipients, analysts discover.
HACKRead
Sophos Reveals Ransomware Attacks Are Now Targeting Backups
The Sophos report is based on a survey of nearly 3,000 IT professionals whose organizations fell victim to ransomware attacks in the past year.
HACKRead
Sophos Reveals Ransomware Attacks Are Now Targeting Backups
The Sophos report is based on a survey of nearly 3,000 IT professionals whose organizations fell victim to ransomware attacks in the past year.
The Hacker News
Mispadu Trojan Targets Europe, Thousands of Credentials Compromised
Banking trojan Mispadu expands from Latin America, now targets users in Italy, Poland & Sweden. Finance, automotive, legal & commercial entities at ri
Ars Technica
Broadcom execs say VMware price, subscription complaints are unwarranted
Industry groups aren't giving up hope for government intervention.
%20--%20Supply%20Chain%20Backdoor%20(1).webp)
Cyber Security News
Urgent Security Alert! Upstream Supply Chain Attack Lead to SSH Compromise
Fedora Linux 40 beta users have been urged to take immediate action after an Upstream supply chain attack that has compromised SSH protocol.
Cyber Security News
TOP 10 Emerging Cybersecurity Threats for 2030
The European Union Agency for Cybersecurity (ENISA) has published a list of the top ten emerging threats anticipated to impact the digital.
Cyber Security News
Hackers Attack macOS Using Infostealer To Steal Sensitive Data
Over the past year, macOS users, particularly those in the cryptocurrency sector, have been increasingly targeted by infostealers.
Cyber Security News
AT&T Data Breach: Millions of Customers Data Exposed in Dark Web Leak
AT&T has confirmed that personal data from approximately 73 million current and former customers has been leaked on the dark web. This confirmation comes after the telecommunications giant initially denied that the leaked data originated from their systems.
Cyber Security News
Hackers Attack Python Developers by Poising With Typosquat on PyPI
An automated risk detection system identified a typosquatting campaign targeting popular Python libraries on PyPI.
The DFIR Report
From OneNote to RansomNote: An Ice Cold Intrusion - The DFIR Report
Key Takeaways We provide a range of services, one of which is our Threat Feed, specializing in monitoring Command and Control frameworks like Cobalt Strike, Metasploit, Sliver, Viper, Mythic, Havoc, … Read More
Loading more articles....