Cybersecurity
Category Added in a WPeMatico Campaign
Our investigations on potential security threats uncovered a malicious Google Chrome extension that we named “ParaSiteSnatcher.” The ParaSiteSnatcher framework allows threat actors to monitor, manipulate, and exfiltrate highly sensitive information from multiple sources. ParaSiteSnatcher also utilizes the powerful Chrome Browser API to intercept and exfiltrate all POST requests containing sensitive account and financial information before […]
Nov 24, 2023NewsroomCloud security / Data Protection Cybersecurity researchers are warning of publicly exposed Kubernetes configuration secrets that could put organizations at risk of supply chain attacks. “These encoded Kubernetes configuration secrets were uploaded to public repositories,” Aqua security researchers Yakir Kadkoda and Assaf Morag said in a new research published earlier this week. Some […]
Nov 23, 2023NewsroomMalware / Cyber Espionage A new phishing attack has been observed leveraging a Russian-language Microsoft Word document to deliver malware capable of harvesting sensitive information from compromised Windows hosts. The activity has been attributed to a threat actor called Konni, which is assessed to share overlaps with a North Korean cluster tracked as […]
PRESS RELEASE London / San Mateo, USA, November 22, 2023 – Kiteworks, which delivers data privacy and compliance for sensitive content communications through its Private Content Network, announced today the merger with Maytech, which offers data file transfer solutions to organisations representing numerous industries. The strategic move solidifies Kiteworks’ leadership in the UK market while […]
The breach occurred after a file transfer program used by the company was hacked. Welltok works with health service providers, maintaining online wellness programs and holding databases with patient data.
Nov 23, 2023NewsroomMalware / Threat Analysis Delivery- and shipping-themed email messages are being used to deliver a sophisticated malware loader known as WailingCrab. “The malware itself is split into multiple components, including a loader, injector, downloader and backdoor, and successful requests to C2-controlled servers are often necessary to retrieve the next stage,” IBM X-Force researchers […]
The incident affected multiple systems, including eFiling, electronic payment, and case management systems. The affected services are still offline. The incident also involved a data breach, with hackers threatening to leak stolen data.
The New York City Bar Association confirmed that the data of more than 27,000 members and employees was leaked during a cyberattack nearly a year ago. In filings with regulators in Maine and Vermont, the organization said an investigation completed on October 18 confirmed that hackers broke into its systems and had access to internal […]
Microsoft has uncovered a supply chain attack by North Korean hackers who attached a malicious file to a legitimate photo and video editing application installer. In a blog on Wednesday, Microsoft Threat Intelligence said it attributed the activity to a group it calls Diamond Sleet — a hacking group within the North Korean government that […]