News


  • 13th Signal Regiment: British Army creates new cyber unit to protect forces

    June 5, 2020

    The British Army has created a new military cyber unit to protect forces in the modern era. The 13th Signal Regiment was formally launched on Monday. It will be based at Blandford Forum in Dorset but operate where needed around the world. It was described by a defence source as a “restructuring of existing capabilities”, bringing together ...

  • Cyber Security for Critical Assets World Summit Launches Online This June!

    June 4, 2020

    On June 30th, Cyber Security for Critical Assets World Summit will bring together senior security leaders from 76+ countries worldwide, in a collaborative effort to safeguard their critical assets and infrastructure. According to the Global State of Industrial Cyber Security, 28% of security leaders expect to see a successful cyber attack carried out on their countries ...

  • Hackers are targeting your smartphone as way into the company network

    June 4, 2020

    The number of phishing attacks targeting smartphones as the entry point for attempting to compromise enterprise networks has risen by more than a third over the course of just a few months. Analysis by cybersecurity company Lookout found that there’s been a 37% increase in mobile phishing attacks worldwide between the last three months of 2019 and the first ...

  • Cisco’s warning: Critical flaw in IOS routers allows ‘complete system compromise’

    June 4, 2020

    Cisco has disclosed four critical security flaws affecting router equipment that uses its IOS XE and IOS software. The four critical flaws are part of Cisco’s June 3 semi-annual advisory bundle for IOS XE and IOS networking software, which includes 23 advisories describing 25 vulnerabilities. The 9.8 out of 10 severity bug, CVE-2020-3227, concerns the authorization controls for the ...

  • Tycoon Ransomware Banks on Unusual Image File Tactic

    June 4, 2020

    A new ransomware strain called Tycoon is seeking to wheel and deal its way into the Windows and Linux worlds, using a little-known Java image format as part of its kill chain. The ransomware is housed in a trojanized version of the Java Runtime Environment (JRE), according to researchers at BlackBerry Cylance, and has been around ...

  • U.S. Nuclear Contractor Hit with Maze Ransomware, Data Leaked

    June 4, 2020

    A U.S. military contractor involved in the maintenance of the country’s Minuteman III nuclear arsenal has been hit by the Maze ransomware, according to reports – with the hackers making off with reams of sensitive information. The company, Westech International, has a range of contracts with the military for everything from ongoing evaluation for the ballistic ...

  • Cycldek: Bridging the (air) gap

    June 3, 2020

    While investigating attacks related to a group named Cycldek post 2018, we were able to uncover various pieces of information on its activities that were not known thus far. In this blog post we aim to bridge the knowledge gap on this group and provide a more thorough insight into its latest activities and modus ...

  • Lemon Duck Cryptominer Spreads through Covid-19 Themed Emails

    June 3, 2020

    Malware authors continue to take advantage of the coronavirus pandemic to propagate threats. In a recent related campaign, we have come across a PowerShell script (mailer script) that distributes the Lemon Duck cryptominer through a new propagation method: Covid-19-themed emails with weaponized attachments. These emails are delivered to all Microsoft Outlook contacts of the user of a ...

  • iPhone looters find devices disabled, with a warning they’re being tracked

    June 3, 2020

    Along with other retailers big and small, Apple Stores have been subject to looting by opportunists amid the ongoing protests around the United States. In response, Apple has again closed all of its stores in the US. Stores had only recently reopened after closures related to the COVID-19 pandemic. But looters who brought stolen iPhones home, ...

  • Threat Assessment: Hangover Threat Group

    June 3, 2020

    Unit 42 researchers recently published on activity by the Hangover threat group (aka Neon, Viceroy Tiger, MONSOON) carrying out targeted cyberattacks deploying BackConfig malware attacks against government and military organizations in South Asia. As a result, we’ve created this threat assessment report for the Hangover Group’s activities. The techniques and campaigns can be visualized using the Unit 42 ...

  • Ransomware gangs team up to form extortion cartel

    June 3, 2020

    Ransomware gangs are teaming up to extort victims through a shared data leak platform, and the exchange of tactics and intelligence. In November 2019, the Maze Ransomware operators transformed ransomware attacks into data breaches after they released unencrypted data of a victim who refused to pay. Soon after, they launched a dedicated “Maze News” site used to shame their unpaid victims ...

  • NIST to Digital Forensics Experts: Show Us What You Got

    June 2, 2020

    First large-scale “black box” study will test the accuracy of computer and mobile phone forensics. Digital forensics experts often extract data from computers and mobile phones that may contain evidence of a crime. Now, researchers at the National Institute of Standards and Technology (NIST) will conduct the first large-scale study to measure how well those experts ...

  • REvil ransomware creates eBay-like auction site for stolen data

    June 2, 2020

    ​The operators of the REvil ransomware have launched a new auction site used to sell victim’s stolen data to the highest bidder. REvil, otherwise known as Sodinokibi, is a ransomware operation that breaches corporate networks using exposed remote desktop services, spam, exploits, and hacked Managed Service Providers. Once established on a network, they quietly spread laterally through the company while stealing ...

  • Severe Cisco DoS Flaw Can Cripple Nexus Switches

    June 2, 2020

    Cisco has patched a high-severity flaw in its NX-OS software, the network operating system used by Cisco’s Nexus-series Ethernet switches. If exploited, the vulnerability could allow an unauthenticated, remote attacker to bypass the input access control lists (ACLs) configured on affected Nexus switches – and launch a denial of service (DoS) attacks on the devices. “A successful ...

  • New cold boot attack affects seven years of LG Android smartphones

    June 2, 2020

    South Korean phone manufacturer LG has released a security update last month to fix a vulnerability that impacts its Android smartphones sold over the past seven years. The vulnerability, tracked under the identifier of CVE-2020-12753, impacts the bootloader component that ships with LG smartphones. Separate from the Android OS, the bootloader is a piece of firmware specific ...

  • Amtrak discloses data breach, potential leak of customer account data

    June 2, 2020

    The National Railroad Passenger Corporation (Amtrak) has disclosed a data breach that may have resulted in the compromise of customer personally identifiable information (PII). The data breach was discovered on April 16, 2020. In a letter to the Attorney General’s Office of Vermont, made public on April 29, the rail service said that an unknown third party managed ...

  • Factory Security Problems from an IT Perspective (Part 3): Practical approach for stable operation

    June 1, 2020

    This article is the last in a series that discusses the challenges that IT departments face when they are assigned the task of overseeing cybersecurity in factories and implementing measures to overcome these challenges. As explained in the first two articles, a factory network that accounts for diverse conditions and environments requires a well-balanced consideration ...

  • CYpBER 2020 – goes VIRTUAL on Wednesday 3 JUNE 2020

    June 1, 2020

    There is no future without development, and this is not achieved without a digital environment and integrated technologies. In this scope there are no borders between countries or between the public and private sectors neither between the various economic and industrial activities. There is only customized knowledge, communication, interaction, progress and evolution. As a consequence, ...

  • Minneapolis Police Department Hack Likely Fake, Says Researcher

    June 1, 2020

    As protests continue to proliferate across the globe in the wake of George Floyd’s death, the Minnesota Police Department is making news for something else: A supposed hack, perpetrated at the hands of the Anonymous hacktivist group. According to Troy Hunt at Have I Been Pwned (HIBP), the group of allegedly ill-gotten email addresses and passwords ...

  • Researcher lands $100,000 reward for ‘Sign in with Apple’ authentication bypass bug

    June 1, 2020

    Apple has awarded a bug bounty hunter $100,000 for finding and reporting a severe security issue that could lead to the takeover of third-party user accounts. As reported by Hacker News, researcher Bhavuk Jain discovered the vulnerability in the “Sign in with Apple” feature, a developer feature that allows users to sign in to services using Apple ...