NEWS
Cybersecurity Experts Warn of Emerging Threat of “Black Basta” Ransomware
The Black Basta ransomware-as-a-service (RaaS) syndicate has amassed nearly 50 victims in the U.S., Canada, the U.K., Australia, and New Zealand within two months of its emergence in the wild, making it a prominent threat in a short window. "Black Basta has been...
Critical Security Flaws Identified in CODESYS ICS Automation Software
CODESYS has released patches to address as many as 11 security flaws that, if successfully exploited, could result in information disclosure and a denial-of-service (DoS) condition, among others. "These vulnerabilities are simple to exploit, and they can be...
What Are Shadow IDs, and How Are They Crucial in 2022?
Just before last Christmas, in a first-of-a-kind case, JPMorgan was fined $200M for employees using non-sanctioned applications for communicating about financial strategy. No mention of insider trading, naked shorting, or any malevolence. Just employees circumventing...
Italy Data Protection Authority Warns Websites Against Use of Google Analytics
Following the footsteps of Austria and France, the Italian Data Protection Authority has become the latest regulator to find the use of Google Analytics to be non-compliant with E.U. data protection regulations. The Garante per la Protezione dei Dati Personali, in a...
Researchers Warn of ‘Matanbuchus’ Malware Campaign Dropping Cobalt Strike Beacons
A malware-as-a-service (Maas) dubbed Matanbuchus has been observed spreading through phishing campaigns, ultimately dropping the Cobalt Strike post-exploitation framework on compromised machines. Matanbuchus, like other malware loaders such as BazarLoader, Bumblebee,...
Learn NIST Inside Out With 21 Hours of Training @ 86% OFF
In cybersecurity, many of the best jobs involve working on government projects. To get a security clearance, you need to prove that you meet NIST standards. Cybersecurity firms are particularly interested in people who understand the RMF, or Risk Management Framework...
Hackers Exploit Mitel VoIP Zero-Day in Likely Ransomware Attack
A suspected ransomware intrusion attempt against an unnamed target leveraged a Mitel VoIP appliance as an entry point to achieve remote code execution and gain initial access to the environment. The findings come from cybersecurity firm CrowdStrike, which traced the...
Google Says ISPs Helped Attackers Infect Targeted Smartphones with Hermit Spyware
A week after it emerged that a sophisticated mobile spyware dubbed Hermit was used by the government of Kazakhstan within its borders, Google said it has notified Android users of infected devices. Additionally, necessary changes have been implemented in Google Play...
Multiple Backdoored Python Libraries Caught Stealing AWS Secrets and Keys
Researchers have discovered a number of malicious Python packages in the official third-party software repository that are engineered to exfiltrate AWS credentials and environment variables to a publicly exposed endpoint. The list of packages includes loglib-modules,...
State-Backed Hackers Using Ransomware as a Decoy for Cyber Espionage Attacks
A China-based advanced persistent threat (APT) group is possibly deploying short-lived ransomware families as a decoy to cover up the true operational and tactical objectives behind its campaigns. The activity cluster, attributed to a hacking group dubbed Bronze...
New ‘Quantum’ Builder Lets Attackers Easily Create Malicious Windows Shortcuts
A new malware tool that enables cybercriminal actors to build malicious Windows shortcut (.LNK) files has been spotted for sale on cybercrime forums. Dubbed Quantum Lnk Builder, the software makes it possible to spoof any extension and choose from over 300 icons, not...
NSO Confirms Pegasus Spyware Used by at least 5 European Countries
The beleaguered Israeli surveillanceware vendor NSO Group this week admitted to the European Union lawmakers that its Pegasus tool was used by at least five countries in the region. "We're trying to do the right thing and that's more than other companies working in...
Manual vs. SSPM: Research on What Streamlines SaaS Security Detection & Remediation
When it comes to keeping SaaS stacks secure, IT and security teams need to be able to streamline the detection and remediation of misconfigurations in order to best protect their SaaS stack from threats. However, while companies adopt more and more apps, their...
Chinese Hackers Distributing SMS Bomber Tool with Malware Hidden Inside
A threat cluster with ties to a hacking group called Tropic Trooper has been spotted using a previously undocumented malware coded in Nim language to strike targets as part of a newly discovered campaign. The novel loader, dubbed Nimbda, is "bundled with a Chinese...
Critical PHP Vulnerability Exposes QNAP NAS Devices to Remote Attacks
QNAP, Taiwanese maker of network-attached storage (NAS) devices, on Wednesday said it's in the process of fixing a critical three-year-old PHP vulnerability that could be abused to achieve remote code execution. "A vulnerability has been reported to affect PHP...
Russian Hackers Exploiting Microsoft Follina Vulnerability Against Ukraine
The Computer Emergency Response Team of Ukraine (CERT-UA) has cautioned of a new set of spear-phishing attacks exploiting the "Follina" flaw in the Windows operating system to deploy password-stealing malware. Attributing the intrusions to a Russian nation-state group...
Newly Discovered Magecart Infrastructure Reveals the Scale of Ongoing Campaign
A newly discovered Magecart skimming campaign has its roots in a previous attack activity going all the way back to November 2021. To that end, it has come to light that two malware domains identified as hosting credit card skimmer code — "scanalytic[.]org" and...
Europol Busts Phishing Gang Responsible for Millions in Losses
Europol on Tuesday announced the dismantling of an organized crime group that dabbled in phishing, fraud, scams, and money laundering activities. The cross-border operation, which involved law enforcement authorities from Belgium and the Netherlands, saw the arrests...