ποΈ Iranian Hackers Set Up New Network to Target U.S. Political Campaigns ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have unearthed new network infrastructure set up by Iranian threat actors to support activities linked to the recent targeting of U.S. political campaigns. Recorded Future's Insikt Group has linked the infrastructure to a threat it tracks as GreenCharlie, an Irannexus cyber threat group that overlaps with APT42, Charming Kitten, Damselfly, Mint Sandstorm formerly.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Breaking Down AD CS Vulnerabilities: Insights for InfoSec Professionals ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The most dangerous vulnerability youve never heard of. In the world of cybersecurity, vulnerabilities are discovered so often, and at such a high rate, that it can be very difficult to keep up with. Some vulnerabilities will start ringing alarm bells within your security tooling, while others are far more nuanced, but still pose an equally dangerous threat. Today, we want to discuss one of.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New Malware Masquerades as Palo Alto VPN Targeting Middle East Users ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed a new campaign that potentially targets users in the Middle East through malware that disguises itself as Palo Alto Networks GlobalProtect virtual private network VPN tool. "The malware can execute remote PowerShell commands, download and exfiltrate files, encrypt communications, and bypass sandbox solutions, representing a significant threat to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ North Korean Hackers Target Developers with Malicious npm Packages ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors with ties to North Korea have been observed publishing a set of malicious packages to the npm registry, indicating "coordinated and relentless" efforts to target developers with malware and steal cryptocurrency assets. The latest wave, which was observed between August 12 and 27, 2024, involved packages named tempetherscanapi, ethersscanapi, telegramcon, helmetvalidate, and.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ SANS Institute Unveils Critical Infrastructure Strategy Guide for 2024: A Call to Action for Securing ICS/OT Environments ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A comprehensive guide authored by Dean Parsons, SANS Certified Instructor and CEO Principal Consultant of ICS Defense Force, emphasizes the growing need for specialized ICS security measures in the face of rising cyber threats. With a staggering 50 increase in ransomware attacks targeting industrial control systems ICS in 2023, the SANS Institute is taking decisive action by announcing the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New Cyberattack Targets Chinese-Speaking Businesses with Cobalt Strike Payloads ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Chinesespeaking users are the target of a "highly organized and sophisticated attack" campaign that is likely leveraging phishing emails to infect Windows systems with Cobalt Strike payloads. "The attackers managed to move laterally, establish persistence and remain undetected within the systems for more than two weeks," Securonix researchers Den Iuzvyk and Tim Peck said in a new report. The.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Atlassian Confluence Vulnerability Exploited in Crypto Mining Campaigns ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors are actively exploiting a nowpatched, critical security flaw impacting the Atlassian Confluence Data Center and Confluence Server to conduct illicit cryptocurrency mining on susceptible instances. "The attacks involve threat actors that employ methods such as the deployment of shell scripts and XMRig miners, targeting of SSH endpoints, killing competing crypto mining processes,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Published Vulnerabilities Surge by 43% π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Forescout highlighted a 43 increase in published vulnerabilities in H1 2024, with attackers targeting flaws in VPNs and network infrastructure for initial access.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Published Vulnerabilities Surge by 43%
Forescout highlighted a 43% increase in published vulnerabilities in H1 2024, with attackers targeting flaws in VPNs and network infrastructure for initial access
π1
π Russian Hackers Use Commercial Spyware Exploits to Target Victims π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
In a campaign targeting Mongolian government websites, Russianbacked APT29 leveraged exploits previously used by spyware vendors NSO Group and Intellexa.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Russian Hackers Use Commercial Spyware Exploits to Target Victims
In a campaign targeting Mongolian government websites, Russian-backed APT29 leveraged exploits previously used by spyware vendors NSO Group and Intellexa
π¦
Weekly IT Vulnerability Report: Cyble Researchers Find Nearly 1 Million Exposed Fortinet, SonicWall Devices π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key Takeaways Cyble researchers investigated 17 vulnerabilities and six dark web exploits in the week of August 2127. The researchers identified three vulnerabilities in particular in products by SonicWall, Traccar and Fortra as meriting highpriority attention. Cyble vulnerability scanners detected nearly 1 million webfacing assets exposed to the weeks top vulnerabilities and dark web exploits, with SonicWall and Fortinet devices accounting for more than 941,000 exposed vulnerabilities. Cyble researchers also warned that a 9.8severity Incorrect Authorization vulnerability in affected versions of Apache OFbiz is at risk of mass exploitation. Overview Cybles weekly vulnerability report for August 2127 found the highest number of exposed vulnerable assets in nearly th...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Weekly IT Vulnerability Report: Cyble Researchers Find Nearly 1 Million Exposed Fortinet, SonicWall Devices - Cyble
In a week of significant vulnerabilities and dark web exploits, flaws in SonicWall, Traccar, Fortra and Apache OFbiz merit high attention from security teams.
π1
π¦
Critical Advisory on RansomHub Ransomware: A Comprehensive Analysis and Mitigation Guide π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key Takeaways RansomHub ransomware emerged in February 2024 and has rapidly become a significant threat, targeting a wide range of sectors, including critical infrastructure like water treatment, healthcare, and government services. RansomHub uses a doubleextortion model, encrypting data and exfiltrating it to demand ransoms. Victims must pay not only to regain access to their encrypted data but also to prevent the public release of stolen information. Cybles Vision platform reported that the ransomware employs sophisticated techniques, such as exploiting zeroday vulnerabilities like Zerologon and using advanced data exfiltration methods. It utilizes tools for scanning networks, mapping potential targets, and evading detection. RansomHub affiliates gain access through phish...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Critical Advisory On RansomHub Ransomware - Cyble
Cybersecurity agencies reveal new advisory for the RansomHub ransomware, detailing its double-extortion tactics, advanced techniques, and global impact.
π¦
ManticoraLoader: New Loader Announced from the Developers of AresLoader π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble Research Intelligence Labs CRIL has discovered the announcement of a new malwareasaservice named ManticoraLoader in the underground. The threat actors behind the group DeadXInject have been offering the service in underground forums and on their Telegram channel since August 8, 2024. The same threat actors are behind the development of the infamous AresLoader and, as reported by CRIL, were observed to be targeting Citrix users in April 2023. Previously, researchers attributed the same threat group to the development of AiDLocker ransomware in late 2022. Figure 1 TAs advertisement on the Telegram Channel. In a detailed post under the alias 'DarkBLUP'previously used to advertise AresLoader on the XSS forumthe threat actors outlined the functionalities, operational logic,...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
ManticoraLoader: New Tool By AresLoader Developers
Cyble Research & Intelligence Labs (CRIL) has discovered the announcement of a new malware-as-a-service named βManticoraLoaderβ in the underground.
ποΈ North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A recently patched security flaw in Google Chrome and other Chromium web browsers was exploited as a zeroday by North Korean actors in a campaign designed to deliver the FudModule rootkit. The development is indicative of the persistent efforts made by the nationstate adversary, which had made a habit of incorporating rafts of Windows zeroday exploits into its arsenal in recent months.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ Ransomware Gangs Pummel Southeast Asia π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Successful ransomware attacks against organizations in Asia continue at peak levels in 2024 following a wave of highprofile data breaches last year.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Ransomware Gangs Pummel Southeast Asia
Successful ransomware attacks against organizations in Asia continue at peak levels in 2024 following a wave of high-profile data breaches last year.
ποΈ Malicious npm Packages Mimicking 'noblox.js' Compromise Roblox Developersβ Systems ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Roblox developers are the target of a persistent campaign that seeks to compromise systems through bogus npm packages, once again underscoring how threat actors continue to exploit the trust in the opensource ecosystem to deliver malware. "By mimicking the popular 'noblox.js' library, attackers have published dozens of packages designed to steal sensitive data and compromise systems," Checkmarx.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π¦Ώ TechRepublic Premium Editorial Calendar: Policies, Hiring Kits, and Glossaries for Download π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic Premium content helps you solve your toughest IT issues and jumpstart your career or next project.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
TechRepublic Premium Editorial Calendar: Policies, Hiring Kits, and Glossaries for Download
TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.
ποΈ Webinar: Learn to Boost Cybersecurity with AI-Powered Vulnerability Management ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The world of cybersecurity is in a constant state of flux. New vulnerabilities emerge daily, and attackers are becoming more sophisticated. In this highstakes game, security leaders need every advantage they can get. That's where Artificial Intelligence AI comes in. AI isn't just a buzzword it's a gamechanger for vulnerability management. AI is poised to revolutionize vulnerability.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Next-Generation Attacks, Same Targets - How to Protect Your Users' Identities ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The FBI and CISA Issue Joint Advisory on New Threats and How to Stop Ransomware Note on August 29, the FBI and CISA issued a joint advisory as part of their ongoing StopRansomware effort to help organizations protect against ransomware. The latest advisory, AA24242A, describes a new cybercriminal group and its attack methods. It also details three important actions to take today to mitigate.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Cicada3301 Ransomware Group Emerges From the Ashes of ALPHV π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Truesec claims new Cicada3301 ransomwareasaservice group could have ties to ALPHVBlackCat and Brutus.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Cicada3301 Ransomware Group Emerges From the Ashes of ALPHV
Truesec claims new Cicada3301 ransomware-as-a-service group could have ties to ALPHV/BlackCat and Brutus
π Scores of Organizations Hit By Novel Voldemort Malware π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Proofpoint has uncovered a new cyberespionage campaign deploying new malware dubbed Voldemort.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Scores of Organizations Hit By Novel Voldemort Malware
Proofpoint has uncovered a new cyber-espionage campaign deploying new malware dubbed βVoldemortβ
π¦Ώ The 6 Best Small Business VPNs for 2024 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Looking for the best VPN services for SMBs? Here's a comprehensive guide covering the top options for secure remote access and data protection on a budget.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
The 6 Best Small Business VPNs for 2024
If youβre looking for a small business VPN, solutions like NordLayer, Surfshark VPN or Proton VPN are among the best choices when it comes to protecting company data.