Flow is a permissionless layer-1 blockchain built to support the high-scale use cases of games, virtual worlds, and the digital assets that power them. The blockchain was created by the team behind Cryptokitties, Dapper Labs, and NBA Top Shot. One…
Category: EN
CherryBlos, the malware that steals cryptocurrency via your photos – what you need to know
What’s the deal with CherryBlos? CherryBlos is a rather interesting family of Android malware that can plunder your cryptocurrency accounts – with a little help from your photos. Wait. I’ve heard of hackers stealing photos before, but what do you…
MPs Dangerously Uninformed About Facial Recognition – Report
Privacy International warns UK is “sleepwalking into public mass surveillance” This article has been indexed from www.infosecurity-magazine.com Read the original article: MPs Dangerously Uninformed About Facial Recognition – Report
Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518
We encountered the Cerber ransomware exploiting the Atlassian Confluence vulnerability CVE-2023-22518 in its operations. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518
BlueNoroff Hackers Attacking Apple Users with New macOS Malware
A new malware variant is distributed by BlueNordoff APT group, a financially motivated threat group targeting cryptocurrency exchanges, venture capital firms, and banks. This new campaign has similar characteristics to their RustBucket campaign. BlueNoroff was first discovered in early 2014…
Balancing functionality and privacy concerns in AI-based Endpoint Security solutions
The integration of Artificial Intelligence (AI) in endpoint security has revolutionized the way organizations protect their devices and data. Ok, let’s take a break here: have you read the article about Artificial Intelligence vs. Machine Learning ? By leveraging…
Hackers Actively Exploiting Big-IP and Citrix Vulnerabilities
Experts issued security alerts concerning the ongoing exploitation of Big-IP (CVE-2023-46747, CVE-2023-46748) and Citrix (CVE-2023-4966) vulnerabilities. The publicly available Proof of Concepts (POCs) for these vulnerabilities were rapidly circulated in cybercrime forums. Over 20,000 “Netscaler” instances and 1,000 “Big IP”…
Electric Ireland Confirms Compromise of 8,000 Customers’ Personal and Financial Data
Electric Ireland, an Irish utility company, released an announcement confirming that 8,000 customer accounts containing personal and financial information may have been compromised. Though the exact details of the breach are unknown, the statement explained that “Electric Ireland is aware…
MOVEit Gang Targets SysAid Customers With Zero-Day Attacks
Lace Tempest looks to spread Clop malware to victims This article has been indexed from www.infosecurity-magazine.com Read the original article: MOVEit Gang Targets SysAid Customers With Zero-Day Attacks
Buffer Overflow Flaws in Trusted Platform Modules Allow Malicious Commands
Trusted Computing Group’s Trust Platform Module 2.0 reference library specification has been discovered with two buffer overflow vulnerabilities that threat actors can exploit to access read-only sensitive data or overwrite normally protected data, which is only available to the TPM.…
SysAid zero-day exploited by Clop ransomware group
Microsoft spotted the exploitation of a SysAid zero-day vulnerability in limited attacks carried out by the Lace Tempest group. Microsoft reported the exploitation of a zero-day vulnerability, tracked as CVE-2023-47246, in the SysAid IT support software in limited attacks. The…
Alert: ‘Effluence’ Backdoor Persists Despite Patching Atlassian Confluence Servers
Cybersecurity researchers have discovered a stealthy backdoor named Effluence that’s deployed following the successful exploitation of a recently disclosed security flaw in Atlassian Confluence Data Center and Server. “The malware acts as a persistent backdoor and is not remediated by applying patches…
The New 80/20 Rule for SecOps: Customize Where it Matters, Automate the Rest
There is a seemingly never-ending quest to find the right security tools that offer the right capabilities for your organization. SOC teams tend to spend about a third of their day on events that don’t pose any threat to their organization, and…
ICBC and Allen & Overy Hit By Ransomware
Multinationals believed to have been targeted by LockBit This article has been indexed from www.infosecurity-magazine.com Read the original article: ICBC and Allen & Overy Hit By Ransomware
NTA SMTP Functionality Usage
Customers can enable SMTP functionality to ensure timely receipt of alert notifications and device logs. Below are the steps to configure SMTP functionality. Configuring an SMTP Server 1. Choose Administration > Third-Party Interface > Email Service and click SMTP Server…
The 248th Marine Corps Birthday Message
Read Commandant of the U.S. Marine Corps’ General Eric Smith’s 248th Marine Corps Birthday Message U.S. Marine Corps Video by Staff Sgt. Joshua Chacon, Gunnery Sgt. Melissa Marnell, Staff Sgt. John Martinez and Rick Robinson Communication Directorate. Permalink The post…
The New APT Group DarkCasino and the Global Surge in WinRAR 0-Day Exploits
Overview In 2022, NSFOCUS Research Labs revealed a large-scale APT attack campaign called DarkCasino and identified an active and dangerous aggressive threat actor. By continuously tracking and in-depth study of the attacker’s activities, NSFOCUS Research Labs has ruled out its…
Buyer beware: Phishing sites & Fake Shops still popular among criminals
Just in time for Black Friday, the number of phishing and scam websites is increasing. People on the lookout for a bargain are at risk of having there payment details and personal information stolen. This article has been indexed from…
Iran-Linked Imperial Kitten Cyber Group Targeting Middle East’s Tech Sectors
A group with links to Iran targeted transportation, logistics, and technology sectors in the Middle East, including Israel, in October 2023 amid a surge in Iranian cyber activity since the onset of the Israel-Hamas war. The attacks have been attributed…
ICBC hit by ransomware impacting global trades
CitrixBleed patch has been available for around a month China’s largest bank, ICBC, was hit by ransomware that resulted in disruption of financial services (FS) systems on Thursday Beijing time, according to a notice on its website.… This article has…