ποΈ New APT Group "CloudSorcerer" Targets Russian Government Entities ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A previously undocumented advanced persistent threat APT group dubbed CloudSorcerer has been observed targeting Russian government entities by leveraging cloud services for commandandcontrol C2 and data exfiltration. Cybersecurity firm Kaspersky, which discovered the activity in May 2024, the tradecraft adopted by the threat actor bears similarities with that of CloudWizard, but pointed.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Dark Web Malware Logs Expose 3,300 Users Linked to Child Abuse Sites ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
An analysis of informationstealing malware logs published on the dark web has led to the discovery of thousands of consumers of child sexual abuse material CSAM, indicating how such information could be used to combat serious crimes. "Approximately 3,300 unique users were found with accounts on known CSAM sources," Recorded Future said in a proofofconcept PoC report published last week. ".π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New Ransomware-as-a-Service 'Eldorado' Targets Windows and Linux Systems ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
An emerging ransomwareasaservice RaaS operation called Eldorado comes with locker variants to encrypt files on Windows and Linux systems. Eldorado first appeared on March 16, 2024, when an advertisement for the affiliate program was posted on the ransomware forum RAMP, Singaporeheadquartered GroupIB said. The cybersecurity firm, which infiltrated the ransomware group, noted that its.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ 5 Key Questions CISOs Must Ask Themselves About Their Cybersecurity Strategy ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Events like the recent massive CDK ransomware attack which shuttered car dealerships across the U.S. in late June 2024 barely raise public eyebrows anymore. Yet businesses, and the people that lead them, are justifiably jittery. Every CISO knows that cybersecurity is an increasingly hot topic for executives and board members alike. And when the inevitable CISOBoard briefing rolls.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Experts Warn of Mekotio Banking Trojan Targeting Latin American Countries ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Financial institutions in Latin America are being threatened by a banking trojan called Mekotio aka Melcoz. That's according to findings from Trend Micro, which said it recently observed a surge in cyber attacks distributing the Windows malware. Mekotio, known to be actively put to use since 2015, is known to target Latin American countries like Brazil, Chile, Mexico, Spain, Peru, and Portugal.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Critical Unpatched Flaws Disclosed in Popular Gogs Open-Source Git Service ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Four unpatched security flaws, including three critical ones, have been disclosed in the Gogs opensource, selfhosted Git service that could enable an authenticated attacker to breach susceptible instances, steal or wipe source code, and even plant backdoors. The vulnerabilities, according to SonarSource researchers Thomas Chauchefoin and Paul Gerste, are listed below CVE202439930 CVSS.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Apple Removes VPN Apps from Russian App Store Amid Government Pressure ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Apple removed a number of virtual private network VPN apps in Russia from its App Store on July 4, 2024, following a request by Russia's state communications watchdog Roskomnadzor, Russian news media reported. This includes the mobile apps of 25 VPN service providers, including ProtonVPN, Red Shield VPN, NordVPN and Le VPN, according to MediaZona. It's worth noting that NordVPN previously shut.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π New APT CloudSorcerer Malware Hits Russian Targets π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The malware issues commands via a hardcoded charcode table and Microsoft COM object interfaces.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New APT CloudSorcerer Malware Hits Russian Targets
The malware issues commands via a hardcoded charcode table and Microsoft COM object interfaces
π Mekotio Trojan Targets Latin American Banking Credentials π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Trend Micro said the trojan has been observed masquerading as communications from tax agencies.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Mekotio Trojan Targets Latin American Banking Credentials
Trend Micro said the trojan has been observed masquerading as communications from tax agencies
π Cisco Warns regreSSHion Vulnerability Impacts Multiple Products π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Cisco has told customers that 42 of its products are impacted by the OpenSSH regreSSHion vulnerability, with a further 51 products being investigated.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Cisco Warns regreSSHion Vulnerability Impacts Multiple Products
Cisco has told customers that 42 of its products are impacted by the OpenSSH regreSSHion vulnerability, with a further 51 products being investigated
π Russia Blocks VPN Services in Information Crackdown π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The ban comes from Russian communication watchdog Roskomnadzor, likely in a bid to control the flow of information to Russian citizens.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Russia Blocks VPN Services in Information Crackdown
The ban comes from Russian communication watchdog Roskomnadzor, likely in a bid to control the flow of information to Russian citizens
π Crypto Thefts Double to $1.4 Billion, TRM Labs Finds π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Higher average token prices are the likely cause of the surge rather than a change in the crypto threat landscape.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Crypto Thefts Double to $1.4 Billion, TRM Labs Finds
Higher average token prices are the likely cause of the surge rather than a change in the crypto threat landscape
π 10 Billion Passwords Leaked on Hacking Forum π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A Cybernews investigation found that nearly 10 billion unique passwords have been posted on a popular hacking forum, putting users worldwide at risk of account compromises.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
10 Billion Passwords Leaked on Hacking Forum
Cybernews found that nearly 10 billion unique passwords have been posted on a popular hacking forum, putting users worldwide at risk of account compromise
π΅οΈββοΈ Cyber-Insurance Prices Plummet as Market Competition Grows π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Now may be a good time to find good deals on insurance coverage for ransomware and security incidents.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Cyber-Insurance Prices Plummet as Market Competition Grows
Now may be a good time to find good deals on insurance coverage for ransomware and security incidents.
π΅οΈββοΈ Identity Orchestration Is Gaining Traction π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Identity orchestration products are increasingly projected to be introduced to the market in the next couple of years. Market trends and benefits of identity orchestration are explored.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Identity Orchestration Is Gaining Traction
Identity orchestration products are increasingly projected to be introduced to the market in the next couple of years. Market trends and benefits of identity orchestration are explored.
π΅οΈββοΈ 10B Passwords Pop Up on Dark Web 'RockYou2024' Release π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The passwords, dumped on a cyberunderground forum on July 4 by a hacker called "ObamaCare," were collected from a variety of older and more recent breaches.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
10B Passwords Pop Up on Dark Web 'RockYou2024' Release
The passwords, dumped on a cyber-underground forum on July 4 by a hacker called "ObamaCare," were collected from a variety of older and more recent breaches.
π΅οΈββοΈ 'CloudSorcerer' Leverages Cloud Services in Cyber-Espionage Campaign π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The newly discovered APT's main weapon is a malware tool that can change behavior depending on the process in which it is running.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
'CloudSorcerer' Leverages Cloud Services in Cyber-Espionage Campaign
The newly discovered APT's main weapon is a malware tool that can change behavior depending on the process in which it is running.
π¦Ώ OpenAI Secrets Stolen in 2023 After Internal Forum Was Hacked π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Last year, hackers breached an online forum used by OpenAI employees and stole confidential information about the firms AI systems.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
OpenAI Secrets Stolen in 2023 After Internal Forum Was Hacked
Last year, hackers breached an online forum used by OpenAI employees and stole confidential information about the firmβs AI systems.
ποΈ Cybersecurity Agencies Warn of China-linked APT40's Rapid Exploit Adaptation ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. have released a joint advisory about a Chinalinked cyber espionage group called APT40, warning about its ability to coopt exploits for newly disclosed security flaws within hours or days of public release. "APT40 has previously targeted organizations in various countries, including.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Trojanized jQuery Packages Found on npm, GitHub, and jsDelivr Code Repositories ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Unknown threat actors have been found propagating trojanized versions of jQuery on npm, GitHub, and jsDelivr in what appears to be an instance of a "complex and persistent" supply chain attack. "This attack stands out due to the high variability across packages," Phylum said in an analysis published last week. "The attacker has cleverly hidden the malware in the seldomused 'end' function of.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Just a Fifth of Manufacturers Have Strongest Anti-Phishing Protection π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Study confirms most manufacturers with DMARC dont have it configured to most secure policy.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Just a Fifth of Manufacturers Have Strongest Anti-Phishing Protection
Study confirms most manufacturers with DMARC donβt have it configured to most secure policy