Sep 22, 2023THNMalware / Cyber Threat An active malware campaign targeting Latin America is dispensing a new variant of a banking trojan called BBTok, particularly users in Brazil and Mexico. “The BBTok banker has a dedicated functionality that replicates the interfaces of more than 40 Mexican and Brazilian banks, and tricks the victims into entering […]
Fraud Management & Cybercrime , Government , Healthcare Researchers Say Breach Illustrates Why Schools Are Major Targets for Cybercriminals Marianne Kolbasuk McGee (HealthInfoSec) • September 21, 2023 Image: Lakeland Community College An Ohio community college is notifying 290,000 people of a data theft breach this spring that may have compromised their personal, financial […]
Key Points A malicious Python package, “Culturestreak”, hijacks system resources for unauthorized cryptocurrency mining. The malicious package utilizes obfuscated code and random filenames to evade detection. The code runs in an infinite loop, making it a relentless threat that continually exploits system resources. The malicious code originates from an active GitLab repository, underscoring the ongoing […]
By Aleksandar Milenkoski, in collaboration with QGroup Executive Summary SentinelLabs has observed a new threat activity cluster by an unknown threat actor we have dubbed Sandman. Sandman has been primarily targeting telecommunication providers in the Middle East, Western Europe, and the South Asian subcontinent. The activities are characterized by strategic lateral movements and minimal engagements, […]
Apple released emergency security updates to patch three new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 16 zero-days fixed this year.
60% of cyberattacks against the industrial sector are led by state-affiliated actors and often unintentionally enabled by internal personnel (about 33% of the time), according to Rockwell Automation. This corroborates other industry research showing OT/ICS (Industrial Control Systems) cybersecurity incidents are increasing in volume and frequency, and are targeting critical infrastructure, such as energy producers. […]
Canada’s largest airline announced a data breach this week that involved the information of employees, but said its operations and customer data was not impacted. Air Canada, one of the world’s oldest airlines running more than 1,300 flights a day, released a statement on Wednesday explaining a recent data breach. The company did not respond […]
Researchers have come across a new email phishing campaign that distributes a new ValleyRAT malware alongside Sainbox RAT and Purple Fox malware onto the victim’s systems. Active since the beginning of 2023, the campaign has been targeting Chinese-speaking users. So far, the researchers have observed over 30 attack campaigns leveraging these malware families and 20 […]
Sep 22, 2023The Hacker NewsMITRE ATT&CK / Cybersecurity Thorough, independent tests are a vital resource for analyzing provider’s capabilities to guard against increasingly sophisticated threats to their organization. And perhaps no assessment is more widely trusted than the annual MITRE Engenuity ATT&CK Evaluation. This testing is critical for evaluating vendors because it’s virtually impossible to […]