Cybersecurity
Category Added in a WPeMatico Campaign
The cybersecurity landscape is continuously evolving, with threat actors often changing tactics and branding to evade detection and expand their operations. A recent development in this arena involves the Royal ransomware gang. According to a joint advisory from the CISA and the FBI, this group has rebranded itself to BlackSuit. Diving into details The rebranding […]
Key takeaways From July through October 2023, Proofpoint researchers observed TA402 engage in phishing campaigns that delivered a new initial access downloader dubbed IronWind. The downloader was followed by additional stages that consisted of downloaded shellcode. During the same period, TA402 adjusted its delivery methods, moving from using Dropbox links to using XLL and RAR […]
Nov 14, 2023The Hacker NewsPen Testing / Vulnerability Management In 2023, the global average cost of a data breach reached $4.45 million. Beyond the immediate financial loss, there are long-term consequences like diminished customer trust, weakened brand value, and derailed business operations. In a world where the frequency and cost of data breaches are skyrocketing, […]
Nov 14, 2023NewsroomCloud Security / Malware Publicly-accessible Docker Engine API instances are being targeted by threat actors as part of a campaign designed to co-opt the machines into a distributed denial-of-service (DDoS) botnet dubbed OracleIV. “Attackers are exploiting this misconfiguration to deliver a malicious Docker container, built from an image named ‘oracleiv_latest’ and containing Python […]
A ransomware attack on Huber Heights, Ohio, is causing significant problems for several city systems. The community of nearly 45,000 residents outside of Dayton released a notice on Sunday warning that its systems were hit with ransomware at around 8 a.m. “While public safety services are not impacted the following city divisions are affected: Zoning, […]
Have you heard about Dependabot? If not, just ask any developer around you, and they’ll likely rave about how it has revolutionized the tedious task of checking and updating outdated dependencies in software projects. Dependabot not only takes care of the checks for you, but also provides suggestions for modifications that can be approved with […]
SUMMARY Update November 13, 2023 This CSA is being re-released to add new TTPs, IOCs, and information related to Royal Ransomware activity. End of Update Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware […]
Security researchers have identified a new cyber-threat targeting publicly exposed instances of the Docker Engine API. In this campaign, attackers exploit misconfigurations to deploy a malicious Docker container with Python malware compiled as an ELF executable. The malicious tool, functioning as a Distributed Denial of Service (DDoS) bot agent, exhibits various attack methods for conducting […]
Nov 14, 2023NewsroomCyber Espionage / Threat Intelligence Government entities in the Middle East are the target of new phishing campaigns that are designed to deliver a new initial access downloader dubbed IronWind. The activity, detected between July and October 2023, has been attributed by Proofpoint to a threat actor it tracks under the name TA402, […]