Cybersecurity
Category Added in a WPeMatico Campaign
Dec 29, 2023NewsroomEmail Security / Malware The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign orchestrated by the Russia-linked APT28 group to deploy previously undocumented malware such as OCEANMAP, MASEPIE, and STEELHOOK to harvest sensitive information. The activity, which was detected by the agency between December 15 and 25, […]
A cyberattack has affected the networks and business activities of First American Financial Corporation and a number of its subsidiaries. The bank has also filed an update of the cyberattack on First American Financial Corporation to the Securities and Exchange Commission of the US. The bank’s filing can be fetched from the website of SEC […]
Dec 29, 2023NewsroomMalware / Cyber Threat Nation-state actors affiliated to North Korea have been observed using spear-phishing attacks to deliver an assortment of backdoors and tools such as AppleSeed, Meterpreter, and TinyNuke to seize control of compromised machines. South Korea-based cybersecurity company AhnLab attributed the activity to an advanced persistent threat group known as Kimsuky. […]
Dec 29, 2023NewsroomMalware / Endpoint Security Microsoft on Thursday said it’s once again disabling the ms-appinstaller protocol handler by default following its abuse by multiple threat actors to distribute malware. “The observed threat actor activity abuses the current implementation of the ms-appinstaller protocol handler as an access vector for malware that may lead to ransomware […]
Experts caution that the decision to pay or not pay depends on various factors, including the type of data compromised, the availability of backups, the financial impact on the organization, and the sector in which the company operates.
The August data breach at Kroll exposed personal information of FTX bankruptcy claimants, including coin holdings and balances, making them potential targets for threat actors in the cryptocurrency market.
The scam involved the developer downloading npm packages from a GitHub repository, which potentially allowed the attackers to gain access to his machine and drain his wallet.
Dec 28, 2023NewsroomCloud Security / Data Protection Google Cloud has addressed a medium-severity security flaw in its platform that could be abused by an attacker who already has access to a Kubernetes cluster to escalate their privileges. “An attacker who has compromised the Fluent Bit logging container could combine that access with high privileges required […]
The Albanian parliament and a telecom company operating in the country were targeted by cyberattacks this week, the country’s cyber agency said in a statement. According to the agency, the attacks originated from outside Albania and country’s tech experts “are currently working to recover the affected systems and analyze the tactics and techniques used by […]