A massive, malicious campaign is underway using over 200 typosquatting domains that impersonate twenty-seven brands to trick visitors into downloading various Windows and Android malware. Some of the malicious sites were discovered by cyber-intelligence firm Cyble, which published a report this week focusing on domains mimicking popular Android app stores
Pro-Ukranian hacker group, Team OneFist claims a Cisco data center switch belonging to the Institute for Systems Analysis of the Russian Academy of Sciences (ISA RAS) was identified and sucessfully pentetrated.
In recent years, “Big Game Hunting” ransomware attacks against enterprises have dominated media headlines because of their high-profile victims and substantial ransom demands. Yet single-client ransomware – a type of ransomware that infects individual computers, rather than fleets of devices – can still cause significant damage to individuals and organizations. In this
Tata Power Company Limited, India's largest integrated power company, on Friday confirmed it was targeted by a cyberattack. The intrusion on IT infrastructure impacted "some of its IT systems," the company said in a filing with the National Stock Exchange (NSE) of India. It further said
SentinelOne researchers uncovered a new threat cluster, tracked as WIP19, which has been targeting telecommunications and IT service providers in the Middle East and Asia. The experts believe activity of the group is espionage-related and that WIP19 is a Chinese-speaking threat actor. The threat cluster has some overlap with Operation
Details and a proof-of-concept (PoC) exploit have been published for the recent Fortinet vulnerability tracked as CVE-2022-40684, just as cybersecurity firms are seeing what appears to be the start of mass exploitation attempts. Fortinet privately informed some customers last week about the availability of patches and workarounds for a critical
Container and cloud-native application security provider Aqua Security warns that the existence of private NPM packages can be disclosed by performing timing attacks. Specifically, the security firm has discovered that an attacker armed with a list of package names may launch timing attacks to determine whether an organization has created
ESET researchers reveal their findings about POLONIUM, an advanced persistent threat (APT) group about which little information is publicly available and its initial compromise vector is unknown. POLONIUM is a cyberespionage group first documented by Microsoft Threat Intelligence Center (MSTIC) in June 2022. MSTIC’s assessment is that POLONIUM is
The Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a novel ransomware campaign targeting organizations in the transportation and related logistics industries in Ukraine and Poland utilizing a previously unidentified ransomware payload. They observed this new ransomware, which labels itself in its ransom note as “Prestige ranusomeware”, being deployed
Pro-Ukrainina hacker group, Team OneFist completed a major attack against russian telecom and voice infrastructure in Operation 8th-Commandment. Hackers claim they annihilated 214 routers in 36 hours, incuding 28 which belong to russian governmental facilities. Rostelecom concerned too. OneFist hit mid-to-large sized targets brought down several small data-centers during the
Pro-Ukranian hacker group, Team OneFist reported on their third russian satellite company attack as part of Operation Cataclysm. The target was the satellite network of Russian MegaFon. MegaFon is leading mobile operator of Russia.
A Signal a felhasználói élmény egyszerűsítése, valamint a biztonság és az adatvédelem előtérbe helyezése érdekében megkezdi az SMS- és MMS-üzenetek támogatásának fokozatos megszüntetését az Android-alkalmazásból. Signal will remove support for SMS text messages on AndroidSignal says it will start to phase out SMS and MMS message support from its Android
Microsoft Defender has been updated to block 15 different methods of LSASS (Local Security Authority Server Service) dumping. Obtaining user operating system (OS) credentials from a targeted device is among threat actors’ primary goals when launching attacks because these credentials serve as a gateway to various objectives they can achieve
More than a dozen public-facing airport websites, including those for some of the nation’s largest airports, appeared inaccessible Monday morning, and Russian-speaking hackers claimed responsibility. No immediate signs of impact to actual air travel were reported, suggesting the issue may be an inconvenience for people seeking travel information. Russian-speaking
Pegasus is a spyware developed by the NSO group that was repeatedly analyzed by Amnesty International and CitizenLab. In this article, we dissect the Android version that was initially analyzed by Lookout in this paper, and we recommend reading it along with this post. During our research about Pegasus for
