This report provides an overview of the Scattered Spider evolution, its modus operandi and the toolset leveraged over the past years. Additionally, it delves into the Scattered Spider TTPs, as well as the latest ongoing campaigns, including their current targets.…
Category: EN
UK government seeks to strengthen national cyber resilience
In recent years the UK government has been trying to establish Britain as a leading online economy in a bid to attract more business investment.… The post UK government seeks to strengthen national cyber resilience appeared first on Panda Security…
Earth Preta Hackers Abuses Google Drive to Deploy DOPLUGS Malware
Threat actors abuse Google Drive for several malicious activities due to its widespread use, easy file sharing, and collaboration features. These things provide a convenient platform to host and distribute malware. Integration with legitimate services makes detecting and blocking malicious…
LockBit Attempts to Stay Afloat With a New Version
This research is the result of our collaboration with the National Crime Agency in the United Kingdom, who took action against LockBit as part of Operation Cronos, an international effort resulting in the undermining of its operations. This article has…
Swiggy Account Hacked, Hackers Placed Orders Worth Rs 97,000
In a startling incident underscoring the growing menace of cybercrime, a woman’s Swiggy account was hacked, leading to fraudulent orders worth Rs 97,000. The Delhi Police swiftly acted on the complaint, arresting two individuals, Aniket Kalra (25) and Himanshu Kumar…
Digital Deception at the Ballot Box: The Shadow Machinery of Election Manipulation: How Deepfake Technology Threatens the 2024 U.S. Elections
Main Takeaways: Widespread Availability: The ease of access to deepfake technology raises alarms for election security. Unmasking the Invisible Architects: The potential for election fraud through the adept use of artificial intelligence and deepfake technologies, orchestrated by a clandestine network…
New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS
China-linked APT group Mustang Panda targeted various Asian countries with a variant of the PlugX (aka Korplug) backdoor dubbed DOPLUGS. Trend Micro researchers uncovered a cyberespionage campaign, carried out by China-linked APT group Mustang Panda, targeting Asian countries, including Taiwan,…
SASE Survey Reveals User Experience Is Top of Mind
The results are in: end user experience is everything when it comes to SASE. That was the primary feedback from 650 security professionals we surveyed regarding SASE adoption. A full 71% put end user experience as their top concern. This…
Giant leak reveals Chinese infosec vendor I-Soon is one of Beijing’s cyber-attackers for hire
Trove reveals RATs that can pop major OSes, campaigns against offshore and local targets A cache of stolen document posted to GitHub appears to reveal how a Chinese infosec vendor named I-Soon offers rent-a-hacker services for Beijing.… This article has…
Cloud-Native Data Security Posture Management Deployments on AWS with Symmetry Systems
This blog originally appeared here: https://aws.amazon.com/blogs/apn/cloud-native-data-security-posture-management-deployments-on-aws-with-symmetry-systems/ With Amazon Web Services (AWS), you can manage the privacy of your data, control how it’s used, where it’s stored, who has access to it, and how it’s encrypted. Services such as AWS Identity and Access…
A step-by-step plan for safe use of GenAI models for software development
If you are a large-scale company, the recent AI boom hasn’t escaped your notice. Today AI is assisting in a large array of development-related and digital-related tasks, from content generation to automation and analysis. The development of AI is rapid…
Air Canada AI Chatbot spreads misinformation only to fetch hefty legal penalty
When attempting to book a flight ticket on an air travel website, it’s common to encounter a chatbot designed to assist in completing the transaction. However, what happens if this chatbot provides misinformation that could result in costly consequences? This…
U.S. Offers $15 Million Bounty to Hunt Down LockBit Ransomware Leaders
The U.S. State Department has announced monetary rewards of up to $15 million for information that could lead to the identification of key leaders within the LockBit ransomware group and the arrest of any individual participating in the operation. “Since…
Attack velocity surges with average breakout time down to only 62 minutes
The speed of cyberattacks continues to accelerate at an alarming rate, according to CrowdStrike. Adversaries increasingly exploit stolen credentials The speed of cyberattacks continues to accelerate at an alarming rate. The report indicates that the average breakout time is down…
Wire fraud scams escalate in real estate deals
In this Help Net Security video, Tyler Adams, CEO at CertifID, illustrates how the real estate sector needs to invest significant effort in educating consumers and implementing protective measures to safeguard real estate transactions. Recent CertifID research found that median…
Cybersecurity fears drive a return to on-premise infrastructure from cloud computing
42% of organizations surveyed in the US are considering or already have moved at least half of their cloud-based workloads back to on-premises infrastructures, a phenomenon known as cloud repatriation, according to Citrix. The survey showed that 94% of respondents…
MSPs undergo transformation in response to persistent cyber threats
2Organizations are increasingly turning to Managed Service Providers (MSPs) to alleviate pressure on IT departments, according to SonicWall. Managed services have emerged as a game-changing solution, providing organizations with an additional human-layer of defense, addressing alert fatigue, and freeing up…
Safe Clones With Ansible
I started research for an article on how to add a honeytrap to a GitHub repo. The idea behind a honeypot weakness is that a hacker will follow through on it and make his/her presence known in the process. My…
Facebook Marketplace – 77,267 breached accounts
In February 2024, 200k Facebook Marketplace records allegedly obtained from a Meta contractor in October 2023 were posted to a popular hacking forum. The data contained 77k unique email addresses alongside names, phone numbers, Facebook profile IDs and geographic locations.…
Threat Brief: ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709)
CVE-2024-1708 and CVE-2024-1709 affect ConnectWise remote desktop application ScreenConnect. This Threat Brief covers attack scope and includes our telemetry. The post Threat Brief: ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709) appeared first on Unit 42. This article has been indexed from…