Researchers have identified a network of compromised devices, CovertNetwork-1658, used by Chinese threat actors to launch highly evasive password spray attacks, successfully stealing credentials from multiple Microsoft customers. The stolen credentials are then leveraged by threat actors like Storm-0940 to…
Tag: EN
Sophisticated Phishing Attack Targeting Ukraine Military Sectors
The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215 against critical Ukrainian infrastructure, including government agencies, key industries, and military entities. Phishing emails promoting integration with Amazon, Microsoft, and ZTA contained malicious .rdp files. Upon…
Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files
Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals in various sectors. The attacks involve sending signed RDP configuration files to thousands of targets, aiming to compromise systems for intelligence gathering. The actor impersonates Microsoft…
Evasive Panda Attacking Cloud Services To Steal Data Using New Toolkit
The Evasive Panda group deployed a new C# framework named CloudScout to target a Taiwanese government entity in early 2023, which leverages three modules, CGM, CGN, and COL, to hijack web sessions and access cloud services like Google Drive, Gmail,…
The Evolution of Transparent Tribe’s New Malware
Executive Summary: In recent cyber attacks, Transparent Tribe, or APT36, has utilized an increasingly sophisticated malware called ElizaRAT. Check Point Research tracked ElizaRAT’s evolution, uncovering its improved execution methods, detection evasion, and Command and Control communication since its public disclosure…
SYS01 InfoStealer Malware Attacking Meta Business Page To Steal Logins
The ongoing Meta malvertising campaign, active for over a month, employs an evolving strategy to distribute the SYS01 InfoStealer through ElectronJs applications disguised as legitimate software like video editors, productivity tools, and streaming services. The campaign leverages nearly a hundred…
THN Recap: Top Cybersecurity Threats, Tools, and Practices (Oct 28 – Nov 03)
This week was a total digital dumpster fire! Hackers were like, “Let’s cause some chaos!” and went after everything from our browsers to those fancy cameras that zoom and spin. (You know, the ones they use in spy movies? 🕵️♀️)…
German Police Disrupt DDoS-for-Hire Platform dstat[.]cc; Suspects Arrested
German law enforcement authorities have announced the disruption of a criminal service called dstat[.]cc that made it possible for other threat actors to easily mount distributed denial-of-service (DDoS) attacks. “The platform made such DDoS attacks accessible to a wide range…
Sophos Versus the Chinese Hackers
Really interesting story of Sophos’s five-year war against Chinese hackers. This article has been indexed from Schneier on Security Read the original article: Sophos Versus the Chinese Hackers
FBI Seeking Information on Chinese Hackers Targeting Sophos Firewalls
The FBI is asking for information on the Chinese threat actors targeting Sophos edge devices to compromise private and government entities. The post FBI Seeking Information on Chinese Hackers Targeting Sophos Firewalls appeared first on SecurityWeek. This article has been…
Singapore’s Government Directed ISPs To Block Access To Ten Inauthentic Websites
Singapore’s government has instructed internet service providers to block access to websites deemed “inauthentic,” which are believed to be part of hostile information campaigns potentially targeting Singapore. The government’s action is intended to combat the distribution of false information and…
Embargo Ransomware Actors Abuses Safe Mode To Disable Security Solutions
In July 2024, the ransomware group Embargo targeted US companies using the malicious loader MDeployer and EDR killer MS4Killer. MDeployer deployed MS4Killer, which disabled security products, before executing the Embargo ransomware. The ransomware encrypted files with a random six-letter extension…
Russian Hackers Attacking Ukraine Military With Malware Via Telegram
Researchers discovered a Russian-linked threat actor, UNC5812, utilizing a Telegram persona named “Civil Defense. ” This persona has been distributing Windows and Android malware disguised as legitimate software designed to aid potential conscripts in Ukraine. Once installed, these malicious apps…
A Massive Hacking Toolkit From “You Dun” Threat Group Developed To Lauch Massive Cyber Attack
The “You Dun” hacking group exploited vulnerable Zhiyuan OA software using SQL injection, leveraging tools like WebLogicScan, Vulmap, and Xray for reconnaissance. They further escalated privileges on compromised hosts with tools like traitor and CDK. Active Cobalt Strike server leaked,…
Russia, Iran, And China Influence U.S. Elections, Microsoft Warns
The researchers have observed consistent efforts by Russia, Iran, and China to exert foreign influence on democratic processes in the United States. Recent U.S. government actions have exposed Iranian cyberattacks on the Trump-Vance campaign and the dissemination of stolen Trump…
Top Traceable API Security Alternative: Escape vs. Traceable
Learn why Escape’s agentless discovery and developer-friendly testing make it a top Traceable alternative. The post Top Traceable API Security Alternative: Escape vs. Traceable appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original…
What is Enterprise Compliance and Why is It Important?
In today’s fast-paced business world, companies juggle numerous responsibilities—from meeting customer demands to navigating complex regulations. One crucial area that’s often misunderstood but incredibly important is enterprise compliance. What exactly is enterprise compliance, and why should it matter to you?…
Cybersecurity and AI Challenges: How Companies Must Evolve to Stay Secure and Competitive
Cybersecurity remains a big concern, with a recent study from DataDome showing that 91% of websites are at risk from bot attacks. The study looked at over 14,000 sites in industries like healthcare, luxury goods, and e-commerce, revealing that…
Supply Chain Attack Uses Smart Contracts for C2 Ops
Checkmarx has observed a novel npm supply chain attack using Ethereum smart contracts to manage command-and-control (C2) operations This article has been indexed from www.infosecurity-magazine.com Read the original article: Supply Chain Attack Uses Smart Contracts for C2 Ops
Huawei Sees Sales Surge, But Profits Fall
US-sanctioned Huawei sees sales surge in first three quarters of 2024 on domestic smartphone popularity, even as net profits fall This article has been indexed from Silicon UK Read the original article: Huawei Sees Sales Surge, But Profits Fall