Category: Uncategorized
-

SANS Institute Unveils Critical Infrastructure Strategy Guide for 2024: A Call to Action for Securing ICS/OT Environments [email protected] (The Hacker News)
A comprehensive guide authored by Dean Parsons emphasizes the growing need for specialized ICS security measures in the face of rising cyber threats. With a staggering 50% increase in ransomware attacks targeting industrial control systems (ICS) in 2023, the SANS Institute is taking decisive action by announcing the release of its essential new strategy guide,…
-

New Cyberattack Targets Chinese-Speaking Businesses with Cobalt Strike Payloads [email protected] (The Hacker News)
Chinese-speaking users are the target of a “highly organized and sophisticated attack” campaign that is likely leveraging phishing emails to infect Windows systems with Cobalt Strike payloads. “The attackers managed to move laterally, establish persistence and remain undetected within the systems for more than two weeks,” Securonix researchers Den Iuzvyk and Tim Peck said in…
-

Atlassian Confluence Vulnerability Exploited in Crypto Mining Campaigns [email protected] (The Hacker News)
Threat actors are actively exploiting a now-patched, critical security flaw impacting the Atlassian Confluence Data Center and Confluence Server to conduct illicit cryptocurrency mining on susceptible instances. “The attacks involve threat actors that employ methods such as the deployment of shell scripts and XMRig miners, targeting of SSH endpoints, killing competing crypto mining processes,Read More
-

Vietnamese Human Rights Group Targeted in Multi-Year Cyberattack by APT32 [email protected] (The Hacker News)
A non-profit supporting Vietnamese human rights has been the target of a multi-year campaign designed to deliver a variety of malware on compromised hosts. Cybersecurity company Huntress attributed the activity to a threat cluster known as APT32, a Vietnamese-aligned hacking crew that’s also known as APT-C-00, Canvas Cyclone (formerly Bismuth), Cobalt Kitty, and OceanLotus. The…
-

Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyberattack [email protected] (The Hacker News)
Cybersecurity researchers have flagged multiple in-the-wild exploit campaigns that leveraged now-patched flaws in Apple Safari and Google Chrome browsers to infect mobile users with information-stealing malware. “These campaigns delivered n-day exploits for which patches were available, but would still be effective against unpatched devices,” Google Threat Analysis Group (TAG) researcher ClementRead More
-
Dick’s Sporting Goods Discloses Cyberattack Ionut Arghire
The sporting goods retail chain said hte incident exposed portions of the its IT systems containing confidential information. The post Dick’s Sporting Goods Discloses Cyberattack appeared first on SecurityWeek. Read More
-
Google Catches Russian APT Reusing Exploits From Spyware Merchants NSO Group, Intellexa Ryan Naraine
Google TAG publishes evidence showing identical or striking similarities between exploits used by Russia’s APT29 and commercial spyware vendors. The post Google Catches Russian APT Reusing Exploits From Spyware Merchants NSO Group, Intellexa appeared first on SecurityWeek. Read More
-
Cybersecurity Maturity: A Must-Have on the CISO’s Agenda Marc Solomon
Undertaking a cybersecurity maturity review helps leaders establish a benchmark from which to build a proactive improvement strategy. The post Cybersecurity Maturity: A Must-Have on the CISO’s Agenda appeared first on SecurityWeek. Read More
-

U.S. Agencies Warn of Iranian Hacking Group’s Ongoing Ransomware Attacks [email protected] (The Hacker News)
U.S. cybersecurity and intelligence agencies have called out an Iranian hacking group for breaching multiple organizations across the country and coordinating with affiliates to deliver ransomware. The activity has been linked to a threat actor dubbed Pioneer Kitten, which is also known as Fox Kitten, Lemon Sandstorm (formerly Rubidium), Parisite, and UNC757, which it described…
-
Cisco Patches Multiple NX-OS Software Vulnerabilities Ionut Arghire
Cisco on Wednesday announced NX-OS software updates that resolve multiple vulnerabilities, including a high-severity DoS bug. The post Cisco Patches Multiple NX-OS Software Vulnerabilities appeared first on SecurityWeek. Read More
