Top

Tag: Attacks


Cyber warfare, Cyber-crime

France agency ANSSI warns of Russia-linked APT28 attacks on French entities

October 27, 2023

Via: Security Affairs

The French National Agency for the Security of Information Systems ANSSI (Agence Nationale de la sécurité des systèmes d’information) warns that the Russia-linked APT28 group has been targeting multiple French organizations, including government entities, businesses, universities, and research institutes and […]


Threats & Malware, Virus & Malware

Attackers Create Synthetic Security Researchers to Steal IP

June 16, 2023

Via: Dark Reading

During the month of May, an unknown threat group created a malicious GitHub repository that claimed to contain a zero-day exploit for a vulnerability in the Signal messaging app. The attackers supported the credibility of the exploit by creating a […]


Cyber warfare, Cyber-crime

Tonto Team Uses Anti-Malware File to Launch Attacks on South Korean Institutions

April 28, 2023

Via: The Hacker News

South Korean education, construction, diplomatic, and political institutions are at the receiving end of new attacks perpetrated by a China-aligned threat actor known as the Tonto Team. “Recent cases have revealed that the group is using a file related to […]


Access control, Security

Understanding password behavior key to developing stronger cybersecurity protocols

March 13, 2023

Via: Help Net Security

Passwords are still the weakest link in an organization’s network, as proven by the analysis of over 800 million breached passwords, according to Specops Software. The study found 88% of passwords used in successful attacks consisted of 12 characters or […]


Threats & Malware, Vulnerabilities

Experts warn of a surge of attacks exploiting a Realtek Jungle SDK RCE (CVE-2021-35394)

January 26, 2023

Via: Security Affairs

Palo Alto Networks researchers reported that between August and October 2022 the number of attacks that attempted to exploit a Realtek Jungle SDK RCE (CVE-2021-35394) (CVSS score 9.8) accounted for more than 40% of the total number of attacks. “Realtek […]


Data loss, Threats & Malware

Supply chain attacks caused more data compromises than malware

January 26, 2023

Via: Help Net Security

The first half of 2022 saw fewer compromises reported due in part to Russia-based cybercriminals distracted by the war in Ukraine and volatility in the cryptocurrency markets, according to the Identity Theft Resource Center. However, data compromises steadily increased in […]


Cyber-crime, Identity theft

PayPal Warns 35,000 Users of Credential Stuffing Attacks

January 20, 2023

Via: Security Week

“On December 20, 2022, we confirmed that unauthorized parties were able to access your PayPal customer account using your login credentials,” the company said in the notification letter sent to the impacted individuals. According to PayPal, between December 6 and […]


Cyber warfare, Cyber-crime

Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware

January 20, 2023

Via: The Hacker News

A suspected China-nexus threat actor exploited a recently patched vulnerability in Fortinet FortiOS SSL-VPN as a zero-day in attacks targeting a European government entity and a managed service provider (MSP) located in Africa. Telemetry evidence gathered by Google-owned Mandiant indicates […]


Cyber warfare, Cyber-crime

Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy Attacks

January 18, 2023

Via: The Hacker News

The threat actor known as BackdoorDiplomacy has been linked to a new wave of attacks targeting Iranian government entities between July and late December 2022. Palo Alto Networks Unit 42, which is tracking the activity under its constellation-themed moniker Playful […]


Cyber warfare, Cyber-crime

Dark Pink APT Group Targets Governments and Military in APAC Region

January 11, 2023

Via: The Hacker News

Government and military organizations in the Asia Pacific region are being targeted by a previously unknown advanced persistent threat (APT) actor, per the latest research. Singapore-headquartered Group-IB, in a report shared with The Hacker News, said it’s tracking the ongoing […]


Threats & Malware, Virus & Malware

Delinea 2022 State of Ransomware Report Reveals That Attacks Are Down 61% From the Previous Year, and Ransom Payments Are Also on the Decline

January 10, 2023

Via: Dark Reading

Delinea, a leading provider of Privileged Access Management (PAM) solutions for seamless security, today published its 2022 State of Ransomware Report which finds that things may be looking up in the fight against ransomware. Cyber-attacks using the popular compromising tactic […]


Editorial

Cybersecurity During Wartime

January 6, 2023

Via: Natalie Dunn

In a cybersecurity landscape already reeling from the pandemic, the military conflict between Ukraine and Russia has sent a clear message to companies with a weak cybersecurity strategy. Corporate security and intelligence teams have reported an uptick in cyber investigations, […]


Cyber warfare, Cyber-crime

Ukraine’s DELTA Military System Users Under Attack from Info Stealing Malware

December 21, 2022

Via: The Hacker News

The Computer Emergency Response Team of Ukraine (CERT-UA) this week disclosed that users of the Delta situational awareness program received phishing emails from a compromised email account belonging to the Ministry of Defense. The attacks, which have been attributed to […]


Threats & Malware, Vulnerabilities

CISA Alert: Veeam Backup and Replication Vulnerabilities Being Exploited in Attacks

December 16, 2022

Via: The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities impacting Veeam Backup & Replication software to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation in the wild. The now-patched critical flaws, tracked as CVE-2022-26500 […]


Cyber-crime, Malware

Ransomware Attackers Use Microsoft-Signed Drivers to Gain Access to Systems

December 14, 2022

Via: The Hacker News

Microsoft on Tuesday disclosed it took steps to suspend accounts that were used to publish malicious drivers that were certified by its Windows Hardware Developer Program were used to sign malware. The tech giant said its investigation revealed the activity […]


Cyber warfare, Cyber-crime

Russian hacktivists hit Ukrainian orgs with ransomware – but no ransom demands

November 14, 2022

Via: Help Net Security

The Ukrainian CERT (CERT-UA) has uncovered an attack campaign aimed at compromising Ukrainian organizations and irretrievably encrypting their files. To do that, they are leveraging a specific version of the Somnia ransomware that, “according to the attackers’ theoretical plan, does […]


Cyber warfare, Cyber-crime

POLONIUM APT targets Israel with a new custom backdoor dubbed PapaCreep

October 13, 2022

Via: Security Affairs

POLONIUM APT focused only on Israeli targets, it launched attacks against more than a dozen organizations in various industries, including engineering, information technology, law, communications, branding and marketing, media, insurance, and social services. Microsoft MSTIC researchers believe that the attackers […]


Cyber warfare, Cyber-crime

China Accuses NSA’s TAO Unit of Hacking its Military Research University

September 12, 2022

Via: The Hacker News

China has accused the U.S. National Security Agency (NSA) of conducting a string of cyberattacks aimed at aeronautical and military research-oriented Northwestern Polytechnical University in the city of Xi’an in June 2022. The National Computer Virus Emergency Response Centre (NCVERC) […]


Threats & Malware, Vulnerabilities

Mirai Variant MooBot Botnet Exploiting D-Link Router Vulnerabilities

September 7, 2022

Via: The Hacker News

A variant of the Mirai botnet known as MooBot is co-opting vulnerable D-Link devices into an army of denial-of-service bots by taking advantage of multiple exploits. “If the devices are compromised, they will be fully controlled by attackers, who could […]


Cyber-crime, Malware

Three ransomware gangs consecutively attacked the same network

August 9, 2022

Via: Help Net Security

Hive, LockBit and BlackCat, three prominent ransomware gangs, consecutively attacked the same network, according to Sophos. The first two attacks took place within two hours, and the third attack took place two weeks later. Each ransomware gang left its own […]