Cyber Security

Ukraine has come under a fresh onslaught of ransomware attacks that mirror previous intrusions attributed to the Russia-based Sandworm nation-state group. Slovak cybersecurity company ESET, which dubbed the new ransomware strain RansomBoggs, said the attacks against several Ukrainian entities were first detected on November 21, 2022. “While the malware written in .NET is new, its

For 6 months, the infamous Emotet botnet has shown almost no activity, and now it’s distributing malicious spam. Let’s dive into details and discuss all you need to know about the notorious malware to combat it. Why is everyone scared of Emotet? Emotet is by far one of the most dangerous trojans ever created. The

The U.S. Federal Communications Commission (FCC) formally announced it will no longer authorize electronic equipment from Huawei, ZTE, Hytera, Hikvision, and Dahua, deeming them an “unacceptable” national security threat. All these Chinese telecom and video surveillance companies were previously included in the Covered List as of March 12, 2021. “The FCC is committed to protecting

Google on Thursday released software updates to address yet another zero-day flaw in its Chrome web browser. Tracked as CVE-2022-4135, the high-severity vulnerability has been described as a heap buffer overflow in the GPU component. Clement Lecigne of Google’s Threat Analysis Group (TAG) has been credited with reporting the flaw on November 22, 2022. Heap-based

An analysis of firmware images across devices from Dell, HP, and Lenovo has revealed the presence of outdated versions of the OpenSSL cryptographic library, underscoring a supply chain risk. EFI Development Kit, aka EDK, is an open source implementation of the Unified Extensible Firmware Interface (UEFI), which functions as an interface between the operating system

Interpol on Thursday announced the seizure of $130 million worth of virtual assets in connection with a global crackdown on cyber-enabled financial crimes and money laundering. The international police operation, dubbed HAECHI-III, transpired between June 28 and November 23, 2022, resulting in the arrests of 975 individuals and the closure of more than 1,600 cases.

The operators of the RansomExx ransomware have become the latest to develop a new variant fully rewritten in the Rust programming language, following other strains like BlackCat, Hive, and Luna. The latest version, dubbed RansomExx2 by the threat actor known as Hive0091 (aka DefrayX), is primarily designed to run on the Linux operating system, although

A set of five medium-severity security flaws in Arm’s Mali GPU driver has continued to remain unpatched on Android devices for months, despite fixes released by the chipmaker. Google Project Zero, which discovered and reported the bugs, said Arm addressed the shortcomings in July and August 2022. “These fixes have not yet made it downstream

Delivering a superior customer experience is essential for any e-commerce business. For those companies, there’s a lot at stake this holiday season. According to Digital Commerce 360, nearly $1.00 of every $4.00 spent on retail purchases during the 2022 holiday season will be spent online, resulting in $224 billion in e-commerce sales. To ensure your

The operators of the Ducktail information stealer have demonstrated a “relentless willingness to persist” and continued to update their malware as part of an ongoing financially driven campaign. “The malware is designed to steal browser cookies and take advantage of authenticated Facebook sessions to steal information from the victim’s Facebook account,” WithSecure researcher Mohammad Kazem

As many as 34 Russian-speaking gangs distributing information-stealing malware under the stealer-as-a-service model stole no fewer than 50 million passwords in the first seven months of 2022. “The underground market value of stolen logs and compromised card details is estimated around $5.8 million,” Singapore-headquartered Group-IB said in a report shared with The Hacker News. Aside

The best line of defense against holiday hacking schemes is a comprehensive incident response strategy that focuses on end-user vulnerabilities. The holiday season is upon us and with it a slew of cybersecurity scams preying on end-user vulnerabilities. Because employees often use their business emails and cell phones as their primary point of contact, these

A malicious extension for Chromium-based web browsers has been observed to be distributed via a long-standing Windows information stealer called ViperSoftX. Czech-based cybersecurity company dubbed the rogue browser add-on VenomSoftX owing to its standalone features that enable it to access website visits, steal credentials and clipboard data, and even swap cryptocurrency addresses via an adversary-in-the-middle

A nascent Go-based malware known as Aurora Stealer is being increasingly deployed as part of campaigns designed to steal sensitive information from compromised hosts. “These infection chains leveraged phishing pages impersonating download pages of legitimate software, including cryptocurrency wallets or remote access tools, and the 911 method making use of YouTube videos and SEO-poised fake

The notorious Emotet malware has returned with renewed vigor as part of a high-volume malspam campaign designed to drop payloads like IcedID and Bumblebee. “Hundreds of thousands of emails per day” have been sent since early November 2022, enterprise security company Proofpoint said last week, adding, “the new activity suggests Emotet is returning to its

The cybercrime group called Daixin Team has leaked sample data belonging to AirAsia, a Malaysian low-cost airline, on its data leak portal. The development comes a little over a week after the company fell victim to a ransomware attack on November 11 and 12, per DataBreaches.net. The threat actors allegedly claim to have obtained the

Google has won a lawsuit filed against two Russian nationals in connection with the operation of a botnet called Glupteba, the company said last week. The U.S. District Court for the Southern District of New York imposed monetary sanctions against the defendants and their U.S.-based legal counsel. The defendants have also been asked to pay

An ongoing supply chain attack has been leveraging malicious Python packages to distribute malware called W4SP Stealer, with over hundreds of victims ensnared to date. “The threat actor is still active and is releasing more malicious packages,” Checkmarx researcher Jossef Harush said in a technical write-up, calling the adversary WASP. “The attack seems related to

Threat hunting is the process of looking for malicious activity and its artifacts in a computer system or network. Threat hunting is carried out intermittently in an environment regardless of whether or not threats have been discovered by automated security solutions. Some threat actors may stay dormant in an organization’s infrastructure, extending their access while

Australian software company Atlassian has rolled out security updates to address two critical flaws affecting Bitbucket Server, Data Center, and Crowd products. The issues, tracked as CVE-2022-43781 and CVE-2022-43782, are both rated 9 out of 10 on the CVSS vulnerability scoring system. CVE-2022-43781, which Atlassian said was introduced in version 7.0.0 of Bitbucket Server and