Cybersecurity
Category Added in a WPeMatico Campaign
Critical Infrastructure Security , Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime Cyber Group Dubbed Predatory Sparrow Takes Responsibility for Widespread Attack Chris Riotta (@chrisriotta) • December 18, 2023 The Predatory Sparrow group has taken credit for an attack on Iranian gas stations on Dec. 18, 2023. (Image: Shutterstock) Gas stations across […]
Dec 19, 2023NewsroomCyber Espionage / Cyber Attack The Iranian nation-state actor known as MuddyWater has leveraged a newly discovered command-and-control (C2) framework called MuddyC2Go in its attacks on the telecommunications sector in Egypt, Sudan, and Tanzania. The Symantec Threat Hunter Team, part of Broadcom, is tracking the activity under the name Seedworm, which is also […]
Dec 19, 2023NewsroomMalvertising / Browser Security The malware loader known as PikaBot is being distributed as part of a malvertising campaign targeting users searching for legitimate software like AnyDesk. “PikaBot was previously only distributed via malspam campaigns similarly to QakBot and emerged as one of the preferred payloads for a threat actor known as TA577,” […]
One of the biggest apparel companies in the world reported a “material” cyberattack to the U.S. Securities and Exchange Commission (SEC) on the first day that a new cyber incident reporting rule went into effect. VF Corporation said it detected unauthorized activity on a portion of its information technology systems on December 13 and was […]
The leader of the Securities and Exchange Commission’s Division of Corporate Finance downplayed concerns that the agency’s new cybersecurity rules will provide a roadmap to threat groups about their attacks or place an undue burden on security executives. Erik Gerding, director of the Division of Corporate Finance, said staff carefully considered those issues as part […]
SUMMARY In January 2023, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a Risk and Vulnerability Assessment (RVA) at the request of a Healthcare and Public Health (HPH) sector organization to identify vulnerabilities and areas for improvement. An RVA is a two-week penetration test of an entire organization, with one week spent on external testing […]
Artificial Intelligence & Machine Learning , Finance & Banking , Industry Specific Financial Stability Oversight Council Expects AI Use to Increase Rashmi Ramesh (rashmiramesh_) • December 18, 2023 The U.S. Financial Stability Oversight Council classified artificial intelligence as an “emerging vulnerability.” (Image: Shutterstock) U.S. regulators detailed the risks artificial intelligence poses to the […]
I. Background of xorbot In November 2023, NSFOCUS Global Threat Hunting System detected that a type of elf file was being widely distributed and accompanied by a large amount of suspected encrypted outbound communication traffic. However, the detection rate of mainstream antivirus engines on this file was close to zero, which aroused our curiosity. After further […]
After announcing a gradual elimination of third-party printer drivers on Windows earlier this year, Microsoft has now unveiled its plan for enhancing security by introducting Windows Protected Print Mode (WPP). The problem with the current Windows print system For years, the Windows print system has been a key target for attackers because the Windows Print […]