Cybersecurity
Category Added in a WPeMatico Campaign
Laws requiring data brokers to register are catching on at the state government level, but so far they have not been adequately enforced, allowing large numbers of brokers to operate under the radar even in states maintaining registries, privacy experts say. Four states have now passed laws requiring registration, and in the two states with […]
Oct 18, 2023NewsroomRootkit / Cryptocurrency A threat actor, presumably from Tunisia, has been linked to a new campaign targeting exposed Jupyter Notebooks in a two-fold attempt to illicitly mine cryptocurrency and breach cloud environments. Dubbed Qubitstrike by Cado, the intrusion set utilizes Telegram API to exfiltrate cloud service provider credentials following a successful compromise. “The […]
Oct 18, 2023NewsroomCyber Attack / Malware The North Korea-linked Lazarus Group (aka Hidden Cobra or TEMP.Hermit) has been observed using trojanized versions of Virtual Network Computing (VNC) apps as lures to target the defense industry and nuclear engineers as part of a long-running campaign known as Operation Dream Job. “The threat actor tricks job seekers […]
The domestic intelligence chiefs of the Five Eyes alliance warned businesses on Tuesday that they were seeing a “sharp rise” in attempts by hostile states to steal intellectual property. Speaking on the same stage for the first time, at an event hosted by the Hoover Institution at Stanford University, the agency heads presented five principles […]
Cyber entities continue to show a persistent interest in targeting critical infrastructure by taking advantage of vulnerable OT assets. To counter this threat, NSA has released a repository for OT Intrusion Detection Signatures and Analytics to the NSA Cyber GitHub. The capability, known as ELITEWOLF, can enable defenders of critical infrastructure, defense industrial base, and […]
Amazon has added passkey support as a passwordless login option, offering better protection against malware and phishing attacks. Passkeys make it easier for users to log in without the need for password managers or memorizing passwords.
The government of Chile warned of ransomware attacks by a notorious gang of hackers after its customs department dealt with an incident on Tuesday. Officials from the Servicio Nacional de Aduanas de Chile — the government department in charge of foreign trade, imports and more — said on Tuesday afternoon that they were able to […]
Researchers have shared details of a new fake browser update threat that used a new malware called ClearFake to deliver malicious payloads onto victims’ devices. The malware is similar to SocGholish and FakeSG campaigns that use social engineering tactics to trick users into installing a bogus web browser update. Modus operandi The operators behind ClearFake […]
Security researchers have discovered a backdoor called BLOODALCHEMY that is part of the REF5961 intrusion set, believed to be linked to a group with ties to China, targeting governments and organizations in the ASEAN region.