Cybersecurity
Category Added in a WPeMatico Campaign
The U.S. government is offering “cutting-edge cybersecurity shared services” to critical infrastructure organizations that need it most. In a letter on Friday, the Cybersecurity and Infrastructure Security Agency (CISA) announced a new voluntary pilot program focused on entities in the healthcare, water, and K-12 education sectors — organizations that continue to face a daily barrage […]
The CISA and the FBI issued a joint advisory to warn organizations about a cybercriminal group named Scattered Spider, which has recently updated its TTPs to infiltrate targets. It comes a few days after the CISA issued advisories on IOCs and TTPs associated with Rhysida ransomware and Royal ransomware that have been targeting organizations worldwide. […]
The vulnerability allows attackers to access files, execute code, and obtain passwords. The exploit takes advantage of an unauthenticated mass-assignment vulnerability and AS2 header parsing.
Today’s security leaders must manage a constantly evolving attack surface and a dynamic threat environment due to interconnected devices, cloud services, IoT technologies, and hybrid work environments. Adversaries are constantly introducing new attack techniques, and not all companies have internal Red Teams or unlimited security resources to stay on top of the latest threats. On […]
Nov 20, 2023NewsroomMalware / Cyber Attack The stealer malware known as LummaC2 (aka Lumma Stealer) now features a new anti-sandbox technique that leverages the mathematical principle of trigonometry to evade detection and exfiltrate valuable information from infected hosts. The method is designed to “delay detonation of the sample until human mouse activity is detected,” Outpost24 […]
Nov 20, 2023NewsroomCryptocurrency / Blockchain Bitcoin wallets created between 2011 and 2015 are susceptible to a new kind of exploit called Randstorm that makes it possible to recover passwords and gain unauthorized access to a multitude of wallets spanning several blockchain platforms. “Randstorm() is a term we coined to describe a collection of bugs, design […]
An Indian hack-for-hire group targeted the U.S., China, Myanmar, Pakistan, Kuwait, and other countries as part of a wide-ranging espionage, surveillance, and disruptive operation for over a decade. The Appin Software Security (aka Appin Security Group), according to an in-depth analysis from SentinelOne, began as an educational startup offering offensive security training programs, while carrying […]
The threat actors behind the 8Base ransomware are leveraging a variant of the Phobos ransomware to conduct their financially motivated attacks. The findings come from Cisco Talos, which has recorded an increase in activity carried out by cybercriminals. “Most of the group’s Phobos variants are distributed by SmokeLoader, a backdoor trojan,” security researcher Guilherme Venere […]
Several K-12 schools, colleges and universities are dealing with significant technology outages due to cyberattacks this week. A spokesperson for North Carolina Central University told Recorded Future News that the school was alerted to a cyberattack on its campus technology systems on the morning of November 12. “Certain systems, including the campus wi-fi network and […]