ποΈ Iranian Hackers Deploy New BugSleep Backdoor in Middle East Cyber Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Iranian nationstate actor known as MuddyWater has been observed using a neverbeforeseen backdoor as part of a recent attack campaign, shifting away from its wellknown tactic of deploying legitimate remote monitoring and management RMM software for maintaining persistent access. That's according to independent findings from cybersecurity firms Check Point and Sekoia, which have.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
An advanced persistent threat APT group called Void Banshee has been observed exploiting a recently disclosed security flaw in the Microsoft MHTML browser engine as a zeroday to deliver an information stealer called Atlantida. Cybersecurity firm Trend Micro, which observed the activity in midMay 2024, the vulnerability tracked as CVE202438112 was used as part of a multistage attack.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Kaspersky Exits U.S. Market Following Commerce Department Ban ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Russian security vendor Kaspersky has said it's exiting the U.S. market nearly a month after the Commerce Department announced a ban on the sale of its software in the country citing a national security risk. News of the closure was first reported by journalist Kim Zetter. The company is expected to wind down its U.S. operations on July 20, 2024, the same day the ban comes into effect. It's also.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ CISA Warns of Actively Exploited RCE Flaw in GeoServer GeoTools Software ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a critical security flaw impacting OSGeo GeoServer GeoTools to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. GeoServer is an opensource software server written in Java that allows users to share and edit geospatial data. It is the reference implementation of the Open.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Hello, is it me youβre looking for? How scammers get your phone number π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Your humble phone number is more valuable than you may think. Heres how it could fall into the wrong hands and how you can help keep it out of the reach of fraudsters.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
Hello, is it me youβre looking for? How scammers get your phone number
Your humble phone number is more valuable than you may think. Hereβs how it could fall into the wrong hands β and how you can help keep it out of the reach of fraudsters.
π Small but mighty: Top 5 pocket-sized gadgets to boost your ethical hacking skills π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
These five formidable bits of kit that can assist cyberdefenders in spotting chinks in corporate armors and help hobbyist hackers deepen their understanding of cybersecurity.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
Small but mighty: Top 5 hacking tools that can fit in your pocket
These five formidable bits of kit can help hobbyist hackers enhance their security knowledge as well as assist red teamers in spotting chinks in corporate armors.
π Qilin Ransomwareβs Sophisticated Tactics Unveiled By Experts π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Qilins attack on Synnovis severely impacted key NHS hospitals in London earlier this month.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Qilin Ransomwareβs Sophisticated Tactics Unveiled By Experts
Qilinβs attack on Synnovis severely impacted key NHS hospitals in London earlier this month
π ICO Reprimands London Council for Mass Data Breach π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The ICO said a lack of security controls led to a largescale data breach at the London Borough of Hackney Council.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
ICO Reprimands London Council for Mass Data Breach
The ICO said a lack of security controls led to a large-scale data breach at the London Borough of Hackney Council
π Understanding NullBulge, the New AI-Fighting 'Hacktivist' Group π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The threat actor who claimed the recent Disney hack previously targeted AIcentric games and applications with commodity malware and ransomware.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Understanding NullBulge, the New AI-Fighting 'Hacktivist' Group
The threat actor who claimed the recent Disney hack previously targeted AI-centric games and applications with commodity malware and ransomware
π Paris 2024 Olympics Face Escalating Cyber-Threats π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Fortinet observed an 8090 increase in darknet activity targeting the Olympics between 2023 and 2024.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Paris 2024 Olympics Face Escalating Cyber-Threats
Fortinet observed an 80-90% increase in darknet activity targeting the Olympics between 2023 and 2024
π Sensitive Data Sharing Risks Heightened as GenAI Surges π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Netskope found that 96 of organizations use generative AI applications, with sensitive data frequently shared with these tools.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Sensitive Data Sharing Risks Heightened as GenAI Surges
Netskope found that 96% of organizations use generative AI applications, with sensitive data frequently shared with these tools
π Global Police Swoop on Black Axe Cybercrime Syndicate π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Interpol claims hundreds of arrests were made as police disrupted the West African Black Axe cybercrime gang.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Global Police Swoop on Black Axe Cybercrime Syndicate
Interpol claims hundreds of arrests were made as police disrupted the West African Black Axe cybercrime gang
π CISA: Patch Critical GeoServer GeoTools Bug Now π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
CISA has told federal agencies to patch a critical GeoServer GeoTools vulnerability under active exploitation.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
CISA: Patch Critical GeoServer GeoTools Bug Now
CISA has told federal agencies to patch a critical GeoServer GeoTools vulnerability under active exploitation
π MHTML Exploited By APT Group Void Banshee π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Void Banshee targeted North American, European and Southeast Asian regions with the Atlantida stealer.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
MHTML Exploited By APT Group Void Banshee
Void Banshee targeted North American, European and Southeast Asian regions with the Atlantida stealer
π1
π Iranian MuddyWater Upgrades Arsenal With New Custom Backdoor π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The Iranian APT group has shifted away from using legitimate remote monitoring tools to compromise its victims.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Iranian MuddyWater Upgrades Arsenal With New Custom Backdoor
The Iranian APT group has shifted away from using legitimate remote monitoring tools to compromise its victims
π Hacktivists Claim Leak Over 1 Terabyte of Disney Data π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Disney unreleased projects and internal data are part of a data leak claimed by hacktivist group NullBulge.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Hacktivists Claim Leak Over 1 Terabyte of Disney Data
Disney unreleased projects and internal data are part of a data leak claimed by hacktivist group βNullBulgeβ
π Hacktivist Groups Target Romania Amid Geopolitical Tensions π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
CyberDragon and Cyber Army of Russia, among others, have claimed responsibility for the attacks.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Hacktivist Groups Target Romania Amid Geopolitical Tensions
CyberDragon and Cyber Army of Russia, among others, have claimed responsibility for the attacks
π Half of SMEs Unprepared for Cyber-Threats π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
JumpCloud found that half of SME IT teams believe they lack the resources and staffing to defend their organization against cyberthreats.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Half of SMEs Unprepared for Cyber-Threats
JumpCloud found that half of SME IT teams believe they lack the resources and staffing to defend their organization against cyber-threats
π1
π Digital Operational Resilience Testing (part of DORA) β What to Expect? π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
A crucial infrastructure company overseeing gas storage and distribution faces a serious cybersecurity threat. So, they involve a penetration test team to assess the companys security posture. They uncovered a critical remote code execution RCE vulnerability in the companys main website connected to their Active Directory system. This vulnerability can provide attackers with unauthorized access The post Digital Operational Resilience Testing part of DORA What to Expect? appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Digital Operational Resilience Testing (part of DORA) - What to Expect?
A crucial infrastructure company overseeing gas storage and distribution faces a serious cybersecurity threat. So, they involve a penetration test team to assess the companyβs security posture. They uncovered a critical remote code execution (RCE) vulnerabilityβ¦
π¦
New Malware Campaign Abusing RDPWrapper and Tailscale to Target Cryptocurrency Users π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key Takeaways Cyble Research and Intelligence Labs CRIL has uncovered a multistage cyberattack campaign with a Zip file containing a malicious shortcut .lnk file. When the shortcut is executed, it downloads a PowerShell script, initiating a chain of events that ultimately allows the Threat Actor TA to gain Remote Desktop Protocol RDP access to the victim's system. The infection involves various components, including PowerShell scripts, batch files, Gobased binaries, and a vulnerable driver. Notably, the TA appears to be planning a Windows BYOVD Bring Your Own Vulnerable Driver attack, using a driver known as Terminator Spyboy. A key aspect of this campaign is using RDPWrapper to facilitate RDP connections and Tailscale to connect to the TA's private network,...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
New Malware Targets Crypto Users Via RDPWrapper, Tailscale
Cyble reveals a cyberattack targeting crypto users using RDPWrapper, Tailscale, and malicious files to gain RDP access. Stay informed.
π΅οΈββοΈ Iranian Cyber Threat Group Drops New Backdoor, 'BugSleep' π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The group which has targeted Israel, Saudi Arabia, and other nations often uses spear phishing and legitimate remote management tools but is developing a brandnew homegrown toolset.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Iranian Cyber-Threat Group Drops New Backdoor, 'BugSleep'
The group β which has targeted Israel, Saudi Arabia, and other nations β often uses spear-phishing and legitimate remote management tools but is developing a brand-new homegrown tool set.