News – June 2023

June 23, 2023

Artificial intelligence (AI) is catching a lot of headlines recently. It doesn’t matter whether you’ve been paying attention to these headlines or not—chances are you’ve heard about the recent developments in the world of AI and the extraordinary feats these projects are accomplishing. Large language models (LLMs) like OpenAI’s ChatGPT, Microsoft’s Bing Chat and Google’s Bard ...

June 23, 2023

A cyber-attack that took over iPhones at a Russian technology company is being blamed on US government hackers. Could the attack, and the response from the Russian government, be rewriting the narrative of who the good guys and bad guys are in cyber-space? Camaro Dragon, Fancy Bear, Static Kitten and Stardust Chollima – these aren’t the ...

June 22, 2023

Since March 2023, Unit 42 researchers have observed threat actors leveraging several IoT vulnerabilities to spread a variant of the Mirai botnet. The threat actors have the ability to gain complete control over the compromised devices, integrating those devices into the botnet. These devices are then used to execute additional attacks, including distributed denial-of-service (DDoS) attacks. Read ...

June 22, 2023

In recent months, Kaspersky published private reports on a broad range of subjects. They wrote about malware targeting Brazil, about CEO fraud attempts, Andariel, LockBit and others. For this post, Kaspersky researchers selected three private reports, namely those related to LockBit and phishing campaigns targeting businesses, and prepared excerpts from these. Read more… Source: Kaspersky  

June 22, 2023

In early 2023, the Check Point Incident Response Team (CPIRT) team investigated a malware incident at a European healthcare institution involving a set of tools mentioned in the Avast report in late 2022. The incident was attributed to Camaro Dragon, a Chinese-based espionage threat actor whose activities overlap with activities tracked by different researchers as Mustang ...

June 22, 2023

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the following advisories and apply the necessary updates. watchOS 8.8.1 macOS Big Sur 11.7.8 macOS Monterey 12.6.7 Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

June 22, 2023

Cryptojacking, the illicit use of computing resources to mine cryptocurrency, has become increasingly prevalent in recent years, with attackers building a cybercriminal economy around attack tools, infrastructure, and services to generate revenue from targeting a wide range of vulnerable systems, including Internet of Things (IoT) devices. Microsoft researchers have recently discovered an attack leveraging custom and ...

June 21, 2023

Zscaler ThreatLabz has discovered a new malware variant, RedEnergy stealer (not to be confused with the australian company Red Energy) that fits into the hybrid Stealer-as-a-Ransomware threat category. RedEnergy stealer uses a fake update campaign to target multiple industry verticals and possesses the ability to steal information from various browsers, enabling the exfiltration of sensitive ...

June 21, 2023

The Flea (aka APT15, Nickel) advanced persistent threat (APT) group continued to focus on foreign ministries in a recent attack campaign that ran from late 2022 into early 2023 in which it leveraged a new backdoor called Backdoor.Graphican. This campaign was primarily focused on foreign affairs ministries in the Americas, although the group also targeted a ...

June 21, 2023

Over the years, there have been multiple cases when iOS devices were infected with targeted spyware such as Pegasus, Predator, Reign and others. Often, the process of infecting a device involves launching a chain of different exploits. Due to this granularity, discovering one exploit in the chain often does not result in retrieving the rest ...