FreshRSS

🔒
❌ About FreshRSS
☷
△ 🔃
There are new available articles, click to refresh the page.
Before yesterdaySecurity

Tricks of the trade: How a cybercrime ring operated a multi-level fraud scheme

A peek under the hood of a cybercrime operation and what you can do to avoid being an easy target for similar ploys

Think Your MFA and PAM Solutions Protect You? Think Again

By The Hacker News
When you roll out a security product, you assume it will fulfill its purpose. Unfortunately, however, this often turns out not to be the case. A new report, produced by Osterman Research and commissioned by Silverfort, reveals that MFA (Multi-Factor Authentication) and PAM (Privileged Access Management) solutions are almost never deployed comprehensively enough to provide resilience to identity

Massive MGM and Caesars Hacks Epitomize a Vicious Ransomware Cycle

By Lily Hay Newman
Cyberattacks on casinos grab attention, but a steady stream of less publicized attacks leave vulnerable victims struggling to recover.

The Interdependence between Automated Threat Intelligence Collection and Humans

By The Hacker News
The volume of cybersecurity vulnerabilities is rising, with close to 30% more vulnerabilities found in 2022 vs. 2018. Costs are also rising, with a data breach in 2023 costing $4.45M on average vs. $3.62M in 2017. In Q2 2023, a total of 1386 victims were claimed by ransomware attacks compared with just 831 in Q1 2023. The MOVEit attack has claimed over 600 victims so far and that number is still

DDoS 2.0: IoT Sparks New DDoS Alert

By The Hacker News
The Internet of Things (IoT) is transforming efficiency in various sectors like healthcare and logistics but has also introduced new security risks, particularly IoT-driven DDoS attacks. This article explores how these attacks work, why they’re uniquely problematic, and how to mitigate them. What Is IoT? IoT (Internet of Things) refers to online, interconnected devices that collect and exchange

Cybercriminals Combine Phishing and EV Certificates to Deliver Ransomware Payloads

By THN
The threat actors behind RedLine and Vidar information stealers have been observed pivoting to ransomware through phishing campaigns that spread initial payloads signed with Extended Validation (EV) code signing certificates. "This suggests that the threat actors are streamlining operations by making their techniques multipurpose," Trend Micro researchers said in a new analysis published this

How Cyberattacks Are Transforming Warfare

By The Hacker News
There is a new battlefield. It is global and challenging to defend. What began with a high-profile incident back in 2007, when Estonia was hit by hackers targeting its government and commercial sector, has evolved into cyber warfare that is being waged constantly worldwide. Today, cyberattacks have become the norm, transforming how we think about war and international conflict as a whole.  From

China-Linked Hackers Breached a Power Grid—Again

By Andy Greenberg
Signs suggest the culprits worked within a notorious Chinese hacker group that may have also hacked Indian electric utilities years earlier.

Charming Kitten's New Backdoor 'Sponsor' Targets Brazil, Israel, and U.A.E.

By THN
The Iranian threat actor known as Charming Kitten has been linked to a new wave of attacks targeting different entities in Brazil, Israel, and the U.A.E. using a previously undocumented backdoor named Sponsor. Slovak cybersecurity firm is tracking the cluster under the name Ballistic Bobcat. Victimology patterns suggest that the group primarily singles out education, government, and healthcare

New HijackLoader Modular Malware Loader Making Waves in the Cybercrime World

By THN
A new malware loader called HijackLoader is gaining traction among the cybercriminal community to deliver various payloads such as DanaBot, SystemBC, and RedLine Stealer. "Even though HijackLoader does not contain advanced features, it is capable of using a variety of modules for code injection and execution since it uses a modular architecture, a feature that most loaders do not have," Zscaler

Mozilla: Your New Car Is a Data Privacy Nightmare

By Dhruv Mehrotra, Andrew Couts
Plus: Apple patches newly discovered flaws exploited by NSO Group spyware, North Korean hackers target security researchers, and more.

U.K. and U.S. Sanction 11 Russia-based TrickBot Cybercrime Gang Members

By THN
The U.K. and U.S. governments on Thursday sanctioned 11 individuals who are alleged to be part of the notorious Russia-based TrickBot cybercrime gang. “Russia has long been a safe haven for cybercriminals, including the TrickBot group,” the U.S. Treasury Department said, adding it has “ties to Russian intelligence services and has targeted the U.S. Government and U.S. companies, including

North Korean Hackers Exploit Zero-Day Bug to Target Cybersecurity Researchers

By THN
Threat actors associated with North Korea are continuing to target the cybersecurity community using a zero-day bug in an unspecified software over the past several weeks to infiltrate their machines. The findings come from Google’s Threat Analysis Group (TAG), which found the adversary setting up fake accounts on social media platforms like X (formerly Twitter) and Mastodon to forge

CISA Warning: Nation-State Hackers Exploit Fortinet and Zoho Vulnerabilities

By THN
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that multiple nation-state actors are exploiting security flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus to gain unauthorized access and establish persistence on compromised systems. “Nation-state advanced persistent threat (APT) actors exploited CVE-2022-47966 to gain unauthorized

US and UK Mount Aggressive Crackdown on Trickbot and Conti Ransomware Gangs

By Lily Hay Newman
Authorities have sanctioned 11 alleged members of the cybercriminal groups, while the US Justice Department unsealed three federal indictments against nine people accused of being members.

The International Criminal Court Will Now Prosecute Cyberwar Crimes

By Andy Greenberg
And the first case on the docket may well be Russia’s cyberattacks against civilian critical infrastructure in Ukraine.

The State of the Virtual CISO Report: MSP/MSSP Security Strategies for 2024

By The Hacker News
By the end of 2024, the number of MSPs and MSSPs offering vCISO services is expected to grow by almost 5 fold, as can be seen in figure 1. This incredible surge reflects the growing business demand for specialized cybersecurity expertise and the lucrative opportunities for MSPs and MSSPs in vCISO services. Figure 1: Timeline for offering vCISO services The State of the Virtual CISO Survey Report

The Comedy of Errors That Let China-Backed Hackers Steal Microsoft’s Signing Key

By Lily Hay Newman
After leaving many questions unanswered, Microsoft explains in a new postmortem the series of slipups that allowed attackers to steal and abuse a valuable cryptographic key.

Alert: Phishing Campaigns Deliver New SideTwist Backdoor and Agent Tesla Variant

By THN
The Iranian threat actor tracked as APT34 has been linked to a new phishing attack that leads to the deployment of a variant of a backdoor called SideTwist. “APT34 has a high level of attack technology, can design different intrusion methods for different types of targets, and has supply chain attack capability,” NSFOCUS Security Labs said in a report published last week. APT34, also known by

How China Demands Tech Firms Reveal Hackable Flaws in Their Products

By Andy Greenberg
Some foreign companies may be complying—potentially offering China’s spies hints for hacking their customers.

Generative AI’s Biggest Security Flaw Is Not Easy to Fix

By Matt Burgess
Chatbots like OpenAI’s ChatGPT and Google’s Bard are vulnerable to indirect prompt injection attacks. Security researchers say the holes can be plugged—sort of.

Ukraine's CERT Thwarts APT28's Cyberattack on Critical Energy Infrastructure

By THN
The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday said it thwarted a cyber attack against an unnamed critical energy infrastructure facility in the country. The intrusion, per the agency, started with a phishing email containing a link to a malicious ZIP archive that activates the infection chain. “Visiting the link will download a ZIP archive containing three JPG images (

New Python Variant of Chaes Malware Targets Banking and Logistics Industries

By THN
Banking and logistics industries are under the onslaught of a reworked variant of a malware called Chaes. "It has undergone major overhauls: from being rewritten entirely in Python, which resulted in lower detection rates by traditional defense systems, to a comprehensive redesign and an enhanced communication protocol," Morphisec said in a new detailed technical write-up shared with The Hacker

Way Too Vulnerable: Join this Webinar to Understand and Strengthen Identity Attack Surface

By The Hacker News
In today's digital age, it's not just about being online but how securely your organization operates online. Regardless of size or industry, every organization heavily depends on digital assets. The digital realm is where business takes place, from financial transactions to confidential data storage. While organizations have quickly adopted tools like Multi-Factor Authentication (MFA),

Hackers Exploit MinIO Storage System Vulnerabilities to Compromise Servers

By THN
An unknown threat actor has been observed weaponizing high-severity security flaws in the MinIO high-performance object storage system to achieve unauthorized code execution on affected servers. Cybersecurity and incident response firm Security Joes said the intrusion leveraged a publicly available exploit chain to backdoor the MinIO instance. The comprises CVE-2023-28432 (CVSS score: 7.5) and 

Everything You Wanted to Know About AI Security but Were Afraid to Ask

By The Hacker News
There’s been a great deal of AI hype recently, but that doesn’t mean the robots are here to replace us. This article sets the record straight and explains how businesses should approach AI. From musing about self-driving cars to fearing AI bots that could destroy the world, there has been a great deal of AI hype in the past few years. AI has captured our imaginations, dreams, and occasionally,

2 Polish Men Arrested for Radio Hack That Disrupted Trains

By Andy Greenberg, Andrew Couts
Plus: A major FBI botnet takedown, new Sandworm malware, a cyberattack on two major scientific telescopes—and more.

Beware of MalDoc in PDF: A New Polyglot Attack Allowing Attackers to Evade Antivirus

By THN
Cybersecurity researchers have called attention to a new antivirus evasion technique that involves embedding a malicious Microsoft Word file into a PDF file. The sneaky method, dubbed MalDoc in PDF by JPCERT/CC, is said to have been employed in an in-the-wild attack in July 2023. "A file created with MalDoc in PDF can be opened in Word even though it has magic numbers and file structure of PDF,"

Threat Actors Targeting Microsoft SQL Servers to Deploy FreeWorld Ransomware

By THN
Threat actors are exploiting poorly secured Microsoft SQL (MS SQL) servers to deliver Cobalt Strike and a ransomware strain called FreeWorld. Cybersecurity firm Securonix, which has dubbed the campaign DB#JAMMER, said it stands out for the way the toolset and infrastructure is employed. “Some of these tools include enumeration software, RAT payloads, exploitation and credential stealing software

Classiscam Scam-as-a-Service Raked $64.5 Million During the COVID-19 Pandemic

By THN
The Classiscam scam-as-a-service program has reaped the criminal actors $64.5 million in illicit earnings since its emergence in 2019. "Classiscam campaigns initially started out on classified sites, on which scammers placed fake advertisements and used social engineering techniques to convince users to pay for goods by transferring money to bank cards," Group-IB said in a new report. "Since

SapphireStealer Malware: A Gateway to Espionage and Ransomware Operations

By THN
An open-source .NET-based information stealer malware dubbed SapphireStealer is being used by multiple entities to enhance its capabilities and spawn their own bespoke variants. “Information-stealing malware like SapphireStealer can be used to obtain sensitive information, including corporate credentials, which are often resold to other threat actors who leverage the access for additional

Google Fixes Serious Security Flaws in Chrome and Android

By Kate O'Flaherty
Plus: Mozilla patches more than a dozen vulnerabilities in Firefox, and enterprise companies Ivanti, Cisco, and SAP roll out a slew of updates to get rid of some high-severity bugs.

Numbers Don't Lie: Exposing the Harsh Truths of Cyberattacks in New Report

By The Hacker News
How often do cyberattacks happen? How frequently do threat actors target businesses and governments around the world? The BlackBerry® Threat Research and Intelligence Team recently analyzed 90 days of real-world data to answer these questions. Full results are in the latest BlackBerry Global Threat Intelligence Report, but read on for a teaser of several interesting cyber attack statistics.

Unmasking Trickbot, One of the World’s Top Cybercrime Gangs

By Matt Burgess, Lily Hay Newman
A WIRED investigation into a cache of documents posted by an unknown figure lays bare the Trickbot ransomware gang’s secrets, including the identity of a central member.

Earth Estries' Espionage Campaign Targets Governments and Tech Titans Across Continents

By THN
A hacking outfit nicknamed Earth Estries has been attributed to a new, ongoing cyber espionage campaign targeting government and technology industries based in the Philippines, Taiwan, Malaysia, South Africa, Germany, and the U.S. "The threat actors behind Earth Estries are working with high-level resources and functioning with sophisticated skills and experience in cyber espionage and illicit
❌