Cybersecurity

Telegram Marketplaces Fuel Phishing Attacks with Easy-to-Use Kits and Malware

Jan 31, 2024NewsroomCyber Crime / Hacking News Cybersecurity researchers are calling attention to the “democratization” of the phishing ecosystem owing to the emergence of Telegram as an epicenter for cybercrime, enabling threat actors to mount a mass attack for as little as $230. “This messaging app has transformed into a bustling hub where seasoned cybercriminals […]

Cybersecurity

Owning a Bitcoin ATM

 by Antonio Requena, Gabriel Gonzalez and Sergio Ruiz. Nowadays, Bitcoin and cryptocurrencies might look lees popular than they did just a few years ago. However, it is still quite common to find Bitcoin ATMs in numerous locations.  IOActive had access to few of these machines, specifically to Lamassu’s Douro ATM (https://lamassu.is). This provided us with […]

Cybersecurity

Rust Payloads Exploiting Ivanti 0-Days Linked to Sliver Toolkit

Payloads recently found on compromised Ivanti Connect Secure appliances could be from the same, sophisticated threat actor, according to incident response provider Synacktiv. A new malware analysis from Synacktiv researcher Théo Letailleur showed that the 12 Rust payloads discovered by Volexity as part of its investigation into two Ivanti Connect Secure VPN remote code execution […]

Cybersecurity

The SEC Won’t Let CISOs Be: Understanding New SaaS Cybersecurity Rules

The SEC isn’t giving SaaS a free pass. Applicable public companies, known as “registrants,” are now subject to cyber incident disclosure and cybersecurity readiness requirements for data stored in SaaS systems, along with the 3rd and 4th party apps connected to them. The new cybersecurity mandates make no distinction between data exposed in a breach […]

Cybersecurity

Italian Businesses Hit by Weaponized USBs Spreading Cryptojacking Malware

Jan 31, 2024NewsroomCryptocurrency / Cybersecurity A financially motivated threat actor known as UNC4990 is leveraging weaponized USB devices as an initial infection vector to target organizations in Italy. Google-owned Mandiant said the attacks single out multiple industries, including health, transportation, construction, and logistics. “UNC4990 operations generally involve widespread USB infection followed by the deployment of […]

Cybersecurity

Fulton County government outage: Cyberattack brings down phones, court site and tax systems | CNN Business

CNN  —  An ongoing cyberattack against Georgia’s Fulton County, which includes parts of Atlanta, has brought some of the government’s systems to a standstill, halting access to court filings, tax processing and other services. The outage has not been resolved, and it’s unclear when systems would return to normal. The office of the county’s District […]