News – June 2024


  • Japan’s space agency was hit by multiple cyberattacks, but officials say no sensitive data was taken

    June 21, 2024

    Japan’s space agency has suffered a series of cyberattacks since last year, but sensitive information related to rockets and satellites was not affected and it is continuing to investigate and take preventive measures, officials said Friday. Chief Cabinet Secretary Yoshimasa Hayashi acknowledged that the Japan Aerospace Exploration Agency, or JAXA, has had “a number of” cyberattacks ...

  • Stolen test data and NHS numbers published by Qilin hackers

    June 21, 2024

    A gang of cyber criminals causing huge disruption to multiple London hospitals has published sensitive patient data stolen from an NHS blood testing company. Overnight on Thursday, Qilin shared almost 400GB of the private information on their darknet site. The gang has been trying to extort money from NHS provider Synnovis since they hacked the firm ...

  • Sustained Campaign Using Chinese Espionage Tools Targets Telcos

    June 20, 2024

    Attackers using tools associated with Chinese espionage groups have breached multiple telecom operators in a single Asian country in a long-running espionage campaign. The attackers placed backdoors on the networks of targeted companies and also attempted to steal credentials. The attacks have been underway since at least 2021, with evidence to suggest that some of this ...

  • Car Dealerships Across US Halt Services After Cyberattack

    June 20, 2024

    Thousands of car dealerships were ground to a halt during a normally busy holiday Wednesday by a cyber incident at CDK Global, a major software provider for dealers across the US. The company “shut all systems down and executed extensive testing and consulted with external third-party experts,” Tony Macrito, a CDK spokesman, said in an email. ...

  • ExCobalt: GoRed, the hidden-tunnel technique

    June 19, 2024

    While responding to an incident at one of their clients, the PT ESC CSIRT team discovered a previously unknown backdoor written in Go, which they attributed to a cybercrime gang dubbed ExCobalt. ExCobalt focuses on cyberespionage and includes several members active since at least 2016 and presumably once part of the notorious Cobalt gang. Cobalt attacked ...

  • LevelBlue Labs Discovers Highly Evasive, New Loader Targeting Chinese Organizations

    June 19, 2024

    LevelBlue Labs recently discovered a new highly evasive loader that is being delivered to specific targets through phishing attachments. A loader is a type of malware used to load second-stage payload malware onto a victim’s system. Due to the lack of previous samples observed in the wild, LevelBlue Labs has named this malware “SquidLoader,” given its ...

  • Fickle Stealer Distributed via Multiple Attack Chain

    June 19, 2024

    The past few years have seen a significant increase in the number of Rust developers. Rust is a programming language focused on performance and reliability. However, for an attacker, its complicated assembly code is a significant merit. In May 2024, FortiGuard Labs observed a Rust-based stealer. In addition to its intricate code, the stealer is distributed ...

  • Botswana Cyber Revolution Summit 2024 – Cybersecurity Innovations: Leading the Future of Protection – 9th August 2024

    June 19, 2024

    We TraiCon Events will be hosting Botswana’s premier cybersecurity event titled as “Cyber Revolution Summit” scheduled on 9th August 2024 in Gaborone, Botswana. This summit will feature keynote presentations and panel discussions with top security experts from various industries covering a range of topics, including cybersecurity innovations, data privacy & security, risk management, network security, threat ...

  • Void Arachne Targets Chinese-Speaking Users With the Winos 4.0 C&C Framework

    June 19, 2024

    In early April, Trend Micro researchers discovered that a new threat actor group (which they call Void Arachne) was targeting Chinese-speaking users. Void Arachne’s campaign involves the use of malicious MSI files that contain legitimate software installer files for artificial intelligence (AI) software as well as other popular software. The malicious Winos payloads are bundled alongside ...

  • Unmasking Mac malware – strategies for a growing threat

    June 18, 2024

    In recent years, cybercriminal groups have been ramping up their efforts to find vulnerabilities and create malware that will exploit the iOS or macOS. Jamf’s latest annual threat landscape research tracked 300 malware families designed for macOS, and 21 newly created families in 2023. It’s not just the number of malware families that has risen, but ...