Cybersecurity
Category Added in a WPeMatico Campaign
An ongoing campaign of malicious ads has been targeting Chinese-speaking users with lures for popular messaging applications such as Telegram or LINE with the intent of dropping malware. Interestingly, software like Telegram is heavily restricted and was previously banned in China. Many Google services, including Google search, are also either restricted or heavily censored in […]
Jan 25, 2024NewsroomFileless Malware / Endpoint Security Cybersecurity researchers have uncovered an updated version of a backdoor called LODEINFO that’s distributed via spear-phishing attacks. The findings come from Japanese company ITOCHU Cyber & Intelligence, which said the malware “has been updated with new features, as well as changes to the anti-analysis (analysis avoidance) techniques.” LODEINFO […]
Medieval castles stood as impregnable fortresses for centuries, thanks to their meticulous design. Fast forward to the digital age, and this medieval wisdom still echoes in cybersecurity. Like castles with strategic layouts to withstand attacks, the Defense-in-Depth strategy is the modern counterpart — a multi-layered approach with strategic redundancy and a blend of passive and […]
Multiple local governments are dealing with cyberattacks, including ransomware incidents, this week, causing outages and problems for county hospitals, libraries and other local services. Bucks County, Pennsylvania — home to nearly 650,000 people — said on Wednesday that it is still grappling with a cybersecurity incident that has knocked out the Emergency Communications’ Department’s computer-aided […]
The code embedded inside devices that bridges interactions between hardware and software is frequently exposed to security vulnerabilities, but lawmakers and federal officials have not paid enough attention to them, a national security think tank analysis argues. The report, released Wednesday by the Foundation for Defense of Democracies, contends that firmware vulnerabilities remain largely unaddressed, […]
Jan 26, 2024NewsroomMalvertising / Phishing-as-a-service Chinese-speaking users have been targeted by malicious Google ads for restricted messaging apps like Telegram as part of an ongoing malvertising campaign. “The threat actor is abusing Google advertiser accounts to create malicious ads and pointing them to pages where unsuspecting users will download Remote Administration Trojan (RATs) instead,” Malwarebytes’ […]
Anti-Phishing, DMARC , Business Email Compromise (BEC) , Fraud Management & Cybercrime Tight-Lipped Agency’s Next Move in Wake of $7.5M Scam Could Be Telling Marianne Kolbasuk McGee (HealthInfoSec) • January 24, 2024 Image: Getty Even for the federal government, losing $7.5 million to cyberattacks is a big chunk of cash. Speculation is rampant […]
Geo Focus: The United Kingdom , Geo-Specific , Governance & Risk Management Voluntary Rules Will Set Baseline Security Requirement for Software Vendors, Users Akshaya Asokan (asokan_akshaya) • January 24, 2024 Image: Shutterstock The U.K. government is mulling the rollout of a voluntary set of rules urging software vendors to responsibly disclose vulnerabilities in […]
The Synacktiv Team earned $100,000 for chaining three zero-day bugs to gain root permissions on a Tesla Modem and an additional $120,000 for hacking other EV charging stations.