Cybersecurity
Category Added in a WPeMatico Campaign
The North Korea-linked threat group Lazarus has been attributed to a new global campaign that exploits the infamous Log4j flaw to deploy three previously undocumented DLang-based malware – NineRAT, DLRAT, and BottomLoader. The campaign, dubbed Operation Blacksmith, is believed to have been active since March, targeting organizations in the manufacturing, agriculture, and physical security sectors. […]
As a result of the investigation, disciplinary action has been taken against 15 Air National Guard leaders, including the removal of commanders, and the USAF has implemented reforms to strengthen classified data access standards.
Critical Infrastructure Security , Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime Ukrainian President Volodymyr Zelenskyy Is in Washington David Perera (@daveperera) • December 12, 2023 The Kyivstar logo displayed in Kherson, Ukraine in February 2022 (Image: Shutterstock) Ukrainian telecom operator Kyivstar was the target of a cyberattack that knocked internet access […]
Dec 13, 2023NewsroomCryptocurrency / Threat Analysis Microsoft has warned that adversaries are using OAuth applications as an automation tool to deploy virtual machines (VMs) for cryptocurrency mining and launch phishing attacks. “Threat actors compromise user accounts to create, modify, and grant high privileges to OAuth applications that they can misuse to hide malicious activity,” the […]
Fraud Management & Cybercrime , Geo Focus: The United Kingdom , Geo-Specific Parliamentary Committee Says UK Must Be More Aggressive Akshaya Asokan (asokan_akshaya) • December 12, 2023 The U.K. Joint Committee on the National Security Strategy recommended that the government elevate ransomware as an issue. (Image: Shutterstock) A U.K. parliamentary committee investigating ransomware […]
Dec 13, 2023NewsroomCyber Attack / Geopolitics Ukraine’s biggest telecom operator Kyivstar has become the victim of a “powerful hacker attack,” disrupting customer access to mobile and internet services. “The cyberattack on Ukraine’s #Kyivstar telecoms operator has impacted all regions of the country with high impact to the capital, metrics show, with knock-on impacts reported to […]
Attackers target user accounts without robust authentication measures, creating new OAuth apps with high privileges to ensure continued access and hide their malicious activities.
The most significant data breach that has ever occurred in the history of UK policing was due to force-wide security failings and a “light touch approach” to data protection. In August 2023, the Police Service of Northern Ireland (PSNI) suffered from a cyber incident that resulted in 9483 police officers and civilian staff having their […]
The engineer deployed malware, deleted code repositories, and emailed himself proprietary bank code in retaliation for being fired, impersonating a coworker in the process.