Commentaries and Analyses, New Threats, Vulnerabilities
September 02, 2024
51 views 56 secs 0

Microsoft says North Korean hackers stole crypto through Chromium

A vulnerability on multiple web browsers was exploited by the Citrine Sleet threat actor to steal crypto from its victims, according to Microsoft. A Microsoft report claims a North Korean threat actor has been exploiting a flaw on Chromium to steal cryptocurrency. The company’s security blog attributed the exploitation of this bug “with medium confidence” […]

Chinese hackers are increasingly deploying ransomware – researchers

Researchers at Sentinel Labs and Recorded Future report that Chinese-linked cyberespionage campaigns are increasingly deploying ransomware. CyberScoop reports that their research suggests that ransomware is reportedly used in the final stage of cyberespionage operations to either make money, distract adversaries, or make it more difficult to attribute their work: The report that Chinese hackers are […]

Vulnerabilities, Data Breach News, New Threats, News
April 13, 2024
175 views 50 secs 0

Sisense breach and Palo Alto Networks vulnerability made for a busy week for CISOs

Sisense Security Week reports: The US government cybersecurity agency CISA on Thursday issued a red-alert for what appears to be a massive supply chain breach at Sisense, a New York company that sells big-data analytics tools to businesses. In a cryptic note, CISA warned of a recent “compromise of Sisense customer data” that was discovered […]

New Threats, Data Breach News, Healthcare
April 08, 2024
110 views 55 secs 0

US Health Dept warns hospitals of hackers targeting IT help desks

Bleeping Computer reports that hospitals are being warned about a social engineering trick used by hackers to gain access: The sector alert issued by the Health Sector Cybersecurity Coordination Center (HC3) this week says these tactics have allowed attackers to gain access to targeted organizations’ systems by enrolling their own multi-factor authentication (MFA) devices. In […]

Commentaries and Analyses, Finance, Legal News, New Threats
March 30, 2024
157 views 3 mins 0

AI Poses a Threat to Financial Sector, and Cyberattackers are ‘Outpacing’ Defenses – Treasury

Law.com reports that the U.S. Treasury Department warned the financial services sector this week that artificial intelligence (AI) will become a powerful weapon for fraudsters and cyberattackers, who will outgun the sector’s defensive efforts in the foreseeable future.  The report was based on interviews with representatives from 42 financial services and technology companies about the […]

Consumer Alerts, Malware Ransomware, New Threats, News
February 15, 2024
143 views 51 secs 0

Cybercriminals are stealing Face ID scans to break into mobile banking accounts

The Register reports: Cybercriminals are targeting iOS users with malware that steals Face ID scans to break into and pilfer money from bank accounts – thought to be a world first. A Chinese-speaking cybercrime group, dubbed GoldFactory by Group-IB’s researchers, started distributing trojanized smartphone apps in June 2023, however, the latest GoldPickaxe version has been […]

Data Breach News, New Threats, Vulnerabilities
December 21, 2023
155 views 42 secs 0

Google fixes 8th Chrome zero-day exploited in attacks this year

Bleeping Computer reports: Google has released emergency updates to fix another Chrome zero-day vulnerability exploited in the wild, the eighth patched since the start of the year. “Google is aware that an exploit for CVE-2023-7024 exists in the wild,” a security advisory published Wednesday said. The company fixed the zero-day bug for users in the Stable Desktop […]

Data Breach News, New Threats, News, Vulnerabilities
December 05, 2023
157 views 16 secs 0

Russian state-sponsored hackers exploiting Outlook vulnerability, Microsoft warns

Cybernews reports: Microsoft is urging Outlook users to patch and update their systems to mitigate a new threat from Russia. Hackers associated with the Kremlin’s military intelligence agency GRU are exploiting the vulnerability to access victim’s emails. Microsoft warned that a nation-state actor tracked as Forest Blizzard is actively exploiting a vulnerability to provide secret, […]

Malware Ransomware, New Threats
September 29, 2023
169 views 42 secs 0

Two or More Ransomware Variants Impacting the Same Victims and Data Destruction Trends

SummaryThe Federal Bureau of Investigation (FBI) is releasing this Private Industry Notification tohighlight emerging ransomware trends and encourage organizations to implement therecommendations in the “Mitigations” section to reduce the likelihood and impact ofransomware incidents. ThreatAs of July 2023, the FBI noted two trends emerging across the ransomware environment and isreleasing this notification for industry awareness. […]