North Korea’s BlueNoroff hackers have updated their arsenal and delivery techniques in a new wave of attacks targeting banks and venture capital firms, cybersecurity firm Kaspersky reports. Part of Lazarus, a hacking group linked to the North Korean government, BlueNoroff is financially motivated and has been blamed for numerous
On Telegram, Killnet hackers have leaked a text file showing the login credentials of 10,000 individuals whom they claim are FBI agents. The hacker group also claimed to have breached the security of the US Federal Motor Carrier Safety Administration (FMCSA). The Russian hacker group, KillNet, claims to have
Microsoft has disclosed details of a now-fixed security vulnerability dubbed Achilles (CVE-2022-42821, CVSS score: 5.5) in Apple macOS that could be exploited by threat actors to bypass the Gatekeeper security feature. The Apple Gatekeeper is designed to protect OS X users by performing a number of checks before allowing
Microsoft revised the severity rate for the CVE-2022-37958 flaw which was addressed with Patch Tuesday security updates for September 2022. Microsoft revised the severity rate for the CVE-2022-37958 vulnerability, the IT giant now rated it as “critical” because it discovered that threat actors can exploit the bug to achieve remote
The Russia-linked Gamaredon group attempted to unsuccessfully break into a large petroleum refining company within a NATO member state earlier this year amid the ongoing Russo-Ukrainian war. The attack, which took place on August 30, 2022, is just one of multiple attacks orchestrated by the advanced persistent threat (APT) that&
A compromised Ukrainian Ministry of Defense email account was found sending phishing emails and instant messages to users of the 'DELTA' situational awareness program to infect systems with information-stealing malware. The campaign was highlighted in a report today by CERT-UA (Computer Emergency Response Team of Ukraine), which warned
This year, various ransomware-as-a-service groups have developed versions of their ransomware in Rust, including Agenda. Agenda's Rust variant has targeted vital industries like its Go counterpart. In this blog, we will discuss how the Rust variant works. This year, ransomware-as-a-service (RaaS) groups like BlackCat, Hive, and RansomExx have
Ukrainian government entities were hacked in targeted attacks after their networks were first compromised via trojanized ISO files posing as legitimate Windows 10 installers. These malicious installers delivered malware capable of collecting data from compromised computers, deploying additional malicious tools, and exfiltrating stolen data to attacker-controlled servers. One of the
Researchers at Trustwave Holdings Inc.’s SpiderLabs detailed a new campaign that leverages Facebook infrastructure for phishing attacks and the theft of personally identifiable information. Users are advised to be extra careful when receiving false violation notifications and not to be fooled by the apparent legitimacy of the initial links.
Navigation system monitors have seen a recent uptick in interruptions since Ukraine began launching long-range drone attacks. EVERY DAY, BILLIONS of people use the GPS satellite system to find their way around the world—but GPS signals are vulnerable. Jamming and spoofing attacks can cripple GPS connections entirely or make
"Uber has suffered a new data breach after a threat actor leaked employee email addresses, corporate reports, and IT asset information stolen from a third-party vendor in a cybersecurity incident. Early Saturday morning, a threat actor named 'UberLeaks' began leaking data they claimed was stolen from Uber
Pro-Ukraine hacker group, Team OneFist reported on strategic cyber strike on construction site of a hydroelectric plant, Zagorskaya GAES-2 in Operation Gradient.
The US Department of Health and Human Services (HHS) is warning healthcare organizations of the threat posed by ongoing Royal ransomware attacks. Initially spotted in September 2022, the ransomware family is employed by a financially-motivated threat actor that also uses known tools for persistence, credential exfiltration, and lateral movement. “Royal
Az oroszbarát NoName057(16) hackercsoport december 8-i posztja szerint DDoS (Distributed Denial of Service ) támadást indított a védelmi minisztériumok ellen. Bár a posztban erre nem tértek ki, az érintett országok EU tagállamok. A támadásokat a szintén oroszbarát KillNet is támogatja, a kapcsolódó posztok a csoport Telegram csatornáján is megjelentek.
Az orosz-ukrán háborúhoz kapcsolódó hacker csoportok állapota a Cyberknow okt. 12-i frissítése szerint: * összesen 84 aktív csoport - az összlétszám a legutóbbi, szept. 7-i frissítéshez képest nem változott, az összetételben ugyanakkor történtek változások * 36 ukránbarát - ami eggyel több a szept. 7-i állapothoz képest * 42 oroszbarát - itt pedig eggyel
Hogy mire számíthatnak az informatikai vezetők 2023-ban a kiberfenyegetettségek területén? Választ legpontosabban inkább arra a kérdésre lehet adni, hogy mire biztosan nem. Ez pedig egy nyugodt, kiberfenyegetettség és -támadás mentes év. 2022 első felében 2,8 milliárd malware támadás és 236,1 millió ransomware támadás történt világszerte. 2022. év végéig
