The notorious Lazarus group has been identified as leveraging compromised IIS servers to deploy malicious ASP web shells. These sophisticated attacks have been reported to facilitate the spread of malware, including the LazarLoader variant, and utilize privilege escalation tools to…
Tag: EN
New kids on the ransomware block channel Lockbit to raid Fortinet firewalls
It’s March already and you haven’t patched? Researchers are tracking a newly discovered ransomware group with suspected links to LockBit after a series of intrusions were reported starting in January.… This article has been indexed from The Register – Security…
UK’s secret iCloud backdoor order triggers civil rights challenge
The U.K. government’s secret order to Apple demanding it backdoor the end-to-end encrypted version of its iCloud storage service has now been challenged by two civil rights groups, Liberty and Privacy International, which filed complaints Thursday. They called the order…
How Security Teams Should Respond to the Rise in Vulnerability Disclosures
In 2024, vulnerability disclosures hit an all-time high, with over 30,000 vulnerabilities recorded in the National Vulnerability Database (NVD). Unfortunately, we can expect these numbers to continue rising as the use of open source, GenAI, and software overall is ever-growing.…
CISA Releases Thirteen Industrial Control Systems Focusing Vulnerabilities & Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) has recently issued multiple Industrial Control Systems (ICS) advisories highlighting significant security vulnerabilities across various critical infrastructure sectors. These advisories reveal several high-severity and critical vulnerabilities that demand immediate attention from organizations operating…
United States Charges Developer of LockBit Ransomware Group
Rostislav Panev, a 51-year-old dual Russian and Israeli national, has been extradited to the United States on charges related to his alleged role as a developer for the notorious LockBit ransomware group. The extradition, which took place on March 13,…
Fraudsters Impersonate Clop Ransomware to Extort Businesses
Barracuda observed threat actors impersonating the Clop ransomware group via email to extort payments, claiming to have exfiltrated sensitive data This article has been indexed from www.infosecurity-magazine.com Read the original article: Fraudsters Impersonate Clop Ransomware to Extort Businesses
Off the Beaten Path: Recent Unusual Malware
Three unusual malware samples analyzed here include an ISS backdoor developed in a rare language, a bootkit and a Windows implant of a post-exploit framework. The post Off the Beaten Path: Recent Unusual Malware appeared first on Unit 42. This…
A New Era of Attacks on Encryption Is Starting to Heat Up
The UK, France, Sweden, and EU have made fresh attacks on end-to-end encryption. Some of the attacks are more “crude” than those in recent years, experts say. This article has been indexed from Security Latest Read the original article: A…
9 PDQ Deploy Alternatives for Better Patch Management
If you’re looking for PDQ Deploy alternatives, you’re either aware of the product’s limitations or exploring your options. As one user puts it: While PDQ Deploy & Inventory consistently meets our needs, the primary driver for exploring alternative solutions was…
Recent Fortinet Vulnerabilities Exploited in ‘SuperBlack’ Ransomware Attacks
The newly discovered SuperBlack ransomware has been exploiting two vulnerabilities in Fortinet firewalls. The post Recent Fortinet Vulnerabilities Exploited in ‘SuperBlack’ Ransomware Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Recent Fortinet…
Cybersecurity Industry Falls Short on Collaboration, Says Former GCHQ Director
Sir Jeremy Fleming spoke during Palo Alto Networks’ Ignite event in London on March 13 This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity Industry Falls Short on Collaboration, Says Former GCHQ Director
Ongoing Cyber Attack Mimic Booking.com to Spread Password-Stealing Malware
Microsoft Threat Intelligence has identified an ongoing phishing campaign that began in December 2024, targeting organizations in the hospitality industry by impersonating the online travel agency Booking.com. The campaign, tracked as Storm-1865, employs a sophisticated social engineering technique called ClickFix…
New Campaign Attacking PyPI Users to Steal Sensitive Data Including Cloud Tokens
Security researchers have uncovered a sophisticated malware campaign targeting users of the Python Package Index (PyPI), Python’s official third-party software repository. This latest attack vector involves several malicious packages disguised as time-related utilities, which are actually designed to steal sensitive…
Microsoft365 Themed Attack Leveraging OAuth Redirection for Account Takeover
Two sophisticated phishing campaigns were observed targeting Microsoft 365 users by exploiting OAuth redirection vulnerabilities combined with brand impersonation techniques. Threat researchers are warning organizations about these highly targeted attacks designed to bypass traditional security controls and achieve account takeover…
Corero Network Security expands AI capabilities across its portfolio
Corero Network Security announced the strategic advancement of AI capabilities across its product portfolio and operations—building on a long-standing legacy of intelligent, adaptive security solutions. For years, Corero’s SmartWall ONE platform has delivered automated, real-time DDoS protection powered by advanced…
Decrypting Linux/ESXi Akira Ransomware Files Without Paying Ransomware
A cybersecurity researcher has successfully broken the encryption used by the Linux/ESXI variant of the Akira ransomware, enabling data recovery without paying the ransom demand. The breakthrough exploits a critical weakness in the ransomware’s encryption methodology. According to the researcher,…
U.S. Charges LockBit Ransomware Developer in Cybercrime Crackdown
The U.S. Department of Justice has charged Rostislav Panev, a dual Russian and Israeli national, for his role as a developer of the notorious LockBit ransomware group. Panev, 51, was arrested in Israel in August following a U.S. provisional arrest…
CISA Releases Security Advisory on 13 Industrial Control System Threats
CISA issued thirteen Industrial Control Systems (ICS) advisories, highlighting current security issues and vulnerabilities in various systems. These advisories are crucial for maintaining the security and integrity of industrial operations. The affected products primarily include several Siemens systems, along with…
New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions
Users searching for pirated software are the target of a new malware campaign that delivers a previously undocumented clipper malware called MassJacker, according to findings from CyberArk. Clipper malware is a type of cryware (as coined by Microsoft) that’s designed…