Cybersecurity
Category Added in a WPeMatico Campaign
Progress Software released fixes for eight vulnerabilities in WS_FTP, including one with a maximum severity score, but evidence of exploitation was discovered shortly after.
LUCR-3 overlaps with groups such as Scattered Spider, Oktapus, UNC3944, and STORM-0875 and is a financially motivated attacker that leverages the Identity Provider (IDP) as initial access into an environment with the goal of stealing Intellectual Property (IP) for extortion. LUCR-3 targets Fortune 2000 companies across various sectors, including but not limited to Software, Retail, […]
As we realize exciting new advancements in the application of generative pre-trained transformer (GPT) technology, our adversaries are finding ingenious ways to leverage these capabilities to inflict harm. There’s evidence to suggest that offensive actors are using AI and machine learning techniques to carry out increasingly sophisticated, automated attacks. Rather than running from the potential […]
The official website of the UK’s royal family was taken offline by a distributed denial of service (DDoS) attack on Sunday, according to reports. The Royal.uk site was unavailable for around 90 minutes, starting at 10am local time, according to The Independent. It was fully functional again soon after, although Cloudflare checks were in place […]
Cloud computing giant AWS says an internal threat intel decoy system called MadPot has been used successfully to trap malicious activity, including nation state-backed APTs like Volt Typhoon and Sandworm. MadPot, the brainchild of AWS software engineer Nima Sharifi Mehr, is described as “a sophisticated system of monitoring sensors and automated response capabilities” that entraps malicious […]
In-the-wild exploitation of a critical vulnerability in JetBrains’ TeamCity continuous integration and continuous deployment (CI/CD) server started just days after the availability of a patch was announced. The vulnerability, tracked as CVE-2023-42793, impacts the on-premises version of TeamCity and it allows an unauthenticated attacker with access to a targeted server to achieve remote code execution […]
Despite the economic uncertainty and inflation, security budgets generally continued to rise but at a lower rate than prior years, according to new research from IANS and Artico Search. Security budgets increase by 6% in 2023 Respondents reported an average security budget increase of 6%, a significant decrease from the 17% increase in the previous […]
The LostTrust encryptor disables various Windows services and appends the “.losttrustencoded” extension to encrypted files, with ransom demands ranging from $100,000 to millions.
The growing complexity of compliance regulations and ever-evolving criminal methodologies are a major difficulty for financial institutions, according to LexisNexis Risk Solutions. Global financial crime compliance costs for financial institutions exceed $206 billion. This cost is comparable to more than 12% of global research and development (R&D) expenditure and equates to $3.33 per month for […]