Krebs on Security

JUNE 8, 2023

It’s not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware — as opposed to just applying software updates. The Barracuda Email Security Gateway (ESG) 900 appliance. Campbell, Calif. Campbell, Calif.

Firmware 307

Firmware Malware Software Ransomware 307

Krebs on Security

FEBRUARY 28, 2024

But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems. But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems. “We are actively working on fixing these problems.

Malware 259

Malware Cryptocurrency Software Scams 259

Malwarebytes

FEBRUARY 9, 2024

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and other authoring agencies have released a joint guidance about common living off the land (LOTL) techniques and common gaps in cyber defense capabilities. And it’s not just the US.

Software 144

Software Ransomware Backups Manufacturing 144

Security Affairs

APRIL 14, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 105

Data breaches Social Engineering Malware Hacking 105

eSecurity Planet

FEBRUARY 14, 2024

Stateful inspection is a firewall feature that filters data packets based on the context of previous data packets. This important feature uses header information from established communication connections to improve overall security. Table of Contents Toggle How Does Stateful Inspection Work?

Network Security 92

Network Security Firewall DNS DDOS 92

Malwarebytes

FEBRUARY 6, 2024

Today, Malwarebytes released its 2024 State of Malware report, detailing six cyberthreats that resource-constrained IT teams should pay attention to in 2024. As a result, innovation in cybercrime has increasingly shifted towards tactics—advancements that focus more on how attacks can succeed and less on what malware can do.

Ransomware 106

Ransomware Cybercrime Malware Social Engineering 106

Security Affairs

APRIL 23, 2024

The state-sponsored hackers hacked into the subcontractors of defense companies by exploiting vulnerabilities in the targeted systems and deployed malware. “North Korean hacking organizations sometimes infiltrated defense companies directly, and their security is relatively low.

Hacking 82

Hacking Malware Accountability Technology 82

Malwarebytes

FEBRUARY 27, 2024

These are “Android banking trojans,” and, according to our 2024 ThreatDown State of Malware report , Malwarebytes detected an astonishing 88,500 of them last year alone. What are Android banking trojans? Take the SharkBot banking trojan, which Malwarebytes detects and stops.

Banking 144

Banking Passwords Accountability Malware 144

Graham Cluley

OCTOBER 26, 2023

A Vietnamese cybercrime gang is being blamed for a malware campaign that has seen bogus adverts posted on LinkedIn, pretending to be related to jobs at computer memory and gaming accessories firm Corsair. Read more in my article on the Tripwire State of Security blog.

Malware 117

Malware Cybercrime 117

Bleeping Computer

SEPTEMBER 25, 2023

Security researchers discovered a new campaign that distributes a new version of the Xenomorph malware to Android users in the United States, Canada, Spain, Italy, Portugal, and Belgium. [.]

Malware 109

Malware Banking Mobile 109

Malwarebytes

FEBRUARY 28, 2024

In a Form 8-K filing the company said it: “identified a suspected nation-state associated cyber security threat actor had gained access to some of the Change Healthcare information technology systems.” Change Healthcare is one of the largest healthcare technology companies in the United States.

Healthcare 113

Healthcare Ransomware Backups Technology 113

SecureWorld News

FEBRUARY 1, 2024

The United States continues to grapple with cyber intrusions emanating from sophisticated hacking groups affiliated with the Chinese government. The botnet, known as the KV Botnet, was comprised of hundreds of compromised small office and home office (SOHO) routers located in the United States. In December 2023, the U.S.

Energy and Utilities 122

Energy and Utilities Government Hacking Malware 122

Security Boulevard

OCTOBER 20, 2023

Law enforcement agencies throughout Europe and the United States took a big swing at the notorious RagnaLocker ransomware group, arresting a malware developer, seizing parts of its infrastructure, and shutting down negotiations and leak sites on the Tor network.

Ransomware 128

Ransomware Malware Cybersecurity Network Security 128

Graham Cluley

DECEMBER 5, 2023

A 40-year-old Russian man faces a lengthy prison sentence in the United States after pleading guilty to his involvement in the distribution and development of the notorious Trickbot malware. Read more in my article on the Hot for Security blog.

Malware 100

Malware 100

Security Boulevard

APRIL 11, 2024

Apple reportedly is alerting iPhone users in 92 countries that they may have been the targets of attacks using “mercenary spyware,” a term that the company is now using in such alerts in place of “state-sponsored” malware. The post Apple Warns of ‘Mercenary Spyware Attacks’ on iPhone Users appeared first on Security Boulevard.

Spyware 67

Spyware Malware Data privacy Security Awareness 67

Security Affairs

FEBRUARY 18, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime 97

Cybercrime Ransomware Malware Data breaches 97

Security Affairs

MARCH 18, 2024

Japanese technology giant Fujitsu on Friday announced it had suffered a malware attack, threat actors may have stolen personal and customer information. The company revealed that multiple work computers were infected with malware, in response to the compromise the security staff disconnected impacted systems from the network.

Data breaches 112

Data breaches Malware Technology Government 112

Security Affairs

SEPTEMBER 26, 2023

A new campaign is spreading Xenomorph malware to Android users in the United States, Spain, Portugal, Italy, Canada, and Belgium. Researchers from ThreatFabric uncovered a new campaign spreading Xenomorph malware to Android users in the United States and all over the world. that was significantly improved.

Malware 111

Malware Banking Phishing Engineering 111

Security Affairs

MARCH 30, 2024

The German Federal Office for Information Security (BSI) warned of thousands of Microsoft Exchange servers in the country vulnerable to critical flaws. The BSI urges operators running vulnerable instances to install available security updates and configure them securely. ” reads the alert published by the BSI.

Information Security 110

Information Security Internet Internet Healthcare 110

Security Affairs

APRIL 29, 2024

This amazing result was possible thanks to the introduction of enhanced security features, policy updates, and advanced machine learning and app review processes. These efforts resulted in the ban of 333,000 accounts for confirmed malware and repeated severe policy breaches. ” states Google.

Accountability 98

Accountability Malware Hacking Risk 98

SecureWorld News

APRIL 25, 2024

North Korea's prolific state-sponsored hacking units are once again setting their sights on South Korea's defense and arms manufacturing sector. Security researchers have evidence that Lazarus Group successfully breached at least two South Korean aerospace companies in 2023, making off with gigabytes of weapons systems data.

Manufacturing 92

Manufacturing Technology Cyber Risk Risk 92

CyberSecurity Insiders

FEBRUARY 13, 2023

Pepsi Bottling Ventures PBV, a business unit of PepsiCo Beverages, suffered a malware attack leading to disruption of services in 18 of its bottling facilities spread across Maryland, Delaware, Virginia, South and North Carolina. And was identified on January 10th,2023 or 18 days after occurrence.

Ransomware 121

Ransomware Insurance Manufacturing Malware 121

Malwarebytes

APRIL 4, 2024

“In its commitment to protect residents, Jackson County prioritizes the security of sensitive financial information and does not keep any such data on its systems. Instead, these crucial details are securely handled and stored by our trusted partner, Payit.” How to avoid ransomware Block common forms of entry.

Ransomware 110

Ransomware Backups Malware Software 110

Security Affairs

FEBRUARY 14, 2024

Microsoft and OpenAI warn that nation-state actors are using ChatGPT to automate some phases of their attack chains, including target reconnaissance and social engineering attacks. LLM-aided development : Utilizing LLMs in the development lifecycle of tools and programs, including those with malicious intent, such as malware.

Artificial Intelligence 112

Artificial Intelligence Social Engineering Phishing Engineering 112

Security Affairs

JANUARY 6, 2024

billion claim arising from the NotPetya malware incident. known as Merck Sharp & Dohme (MSD) outside the United States and Canada, is an American multinational pharmaceutical company. The analysis conducted on the ransomware revealed it was designed to look like ransomware but was wiper malware designed for sabotage purposes.

Insurance 111

Insurance Manufacturing Ransomware Healthcare 111

Malwarebytes

APRIL 11, 2024

The change also included the title that went from “About Apple threat notifications and protecting against state-sponsored attacks ” to “About Apple threat notifications and protecting against mercenary spyware.” The company says it has sent out these types of threat notifications to over 150 countries since the start in 2021.

Spyware 117

Spyware Government Mobile Password Management 117

eSecurity Planet

FEBRUARY 21, 2024

CLGs are important because they provide specialized security filtering and prevent the discovery of IP addresses and open ports on CLG-protected devices. CLGs depend on two key features, proxy capability and stateful packet inspection, to block unsolicited communication.

Firewall 102

Firewall DDOS Architecture Cybersecurity 102

Graham Cluley

JUNE 23, 2023

The NSA has publsihed a guide about how to mitigate against attacks involving the BlackLotus bootkit malware, amid fears that system administrators may not be adequately protecting against the threat. Read more in my article on the Tripwire State of Security blog.

System Administration 104

System Administration Malware 104

Graham Cluley

NOVEMBER 25, 2021

Security researchers are warning biomanufacturing facilities around the world that they are being targeted by a sophisticated new strain of malware, known as Tardigrade. Read more in my article on the Tripwire State of Security blog.

Manufacturing 145

Manufacturing Malware Data breaches Ransomware 145

Security Affairs

APRIL 17, 2024

At the end of October 2023, Atlassian warned of a critical security flaw, tracked as CVE-2023-22518 (CVSS score 9.1), that affects all versions of Confluence Data Center and Server. Cado Security Labs recently became aware that Cerber ransomware is being deployed into Confluence servers via the CVE-2023-22518 exploit.

Ransomware 134

Ransomware Encryption Malware Accountability 134

Bleeping Computer

DECEMBER 30, 2021

Korean researchers have developed a set of attacks against some solid-state drives (SSDs) that could allow planting malware in a location that's beyond the reach of the user and security solutions. [.].

Firmware 144

Firmware Malware 144

Security Affairs

MARCH 17, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 106

Data breaches Computers and Electronics Cybercrime Ransomware 106

Security Affairs

JANUARY 12, 2022

US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) issued a joint alert to warn critical infrastructure operators about threats from Russian state-sponsored hackers. ” reads the joint alert. ” reads the joint alert.

Malware 119

Malware Cyber threats Cybersecurity Government 119

Malwarebytes

APRIL 3, 2024

Google has announced the introduction of Device Bound Session Credentials (DBSC) to secure Chrome users against cookie theft. In January we reported how hackers found a way to gain unauthorized access to Google accounts, bypassing multi-factor authentication (MFA) , by stealing authentication cookies with info-stealer malware.

Authentication 112

Authentication Passwords Malware Accountability 112

Security Affairs

MAY 24, 2022

Interpol Secretary warns that nation-state malware will become available on the cybercrime underground in a couple of years. Interpol Secretary General Jurgen Stock declared that nation-state malwre will become available on the darknet in a couple of years. “We need your [cyber breach] reports.

Malware 107

Malware Cybercrime Government Engineering 107

The Hacker News

JANUARY 12, 2024

As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances since early December 2023.

VPN 84

VPN Malware Authentication 84

Security Affairs

NOVEMBER 25, 2023

MagicLine4NX is a joint certificate program developed by Dream Security, a South Korean company. MagicLine4NX is a joint certificate program developed by Dream Security, a South Korean company. The state-sponsored hackers compromised the website of a media outlet and deployed malicious scripts into an article.

Software 109

Software Authentication Internet Internet 109