News – November 2023

November 23, 2023

Amid tensions in the ongoing Israel-Hamas war, Check Point Research has been conducting active threat hunting in an effort to discover, attribute, and mitigate relevant regional threats. Among those, some new variants of the SysJoker malware, including one coded in Rust, recently caught our attention. Check Point assessment is that these were used in targeted attacks ...

November 23, 2023

Cisco has proactively shipped modified switches to Ukrenergo, the state-owned electricity grid operator in Ukraine, to bolster its defenses against Russian cyberattacks targeting energy infrastructure. These attacks have included the use of GPS-jamming tactics, which disrupt the high-voltage energy subsystems crucial for power distribution and damage assessment. The reliance of Ukraine’s substations on GPS for time ...

November 22, 2023

The United States is trying to catch up with global data privacy laws passed in recent years. While the European Union (EU) passed the General Data Protection Regulation (GDPR) which went into effect in 2018, the U.S. has not been able to pass its version called the American Data Privacy and Protection Act (ADPPA) into ...

November 22, 2023

In the course of our routine investigation, we discovered a DLL file, identified as hrserv.dll, which is a previously unknown web shell exhibiting sophisticated features such as custom encoding methods for client communication and in-memory execution. Kaspersky analysis of the sample led to the discovery of related variants compiled in 2021, indicating a potential correlation between ...

November 22, 2023

Microsoft Threat Intelligence has uncovered a supply chain attack by the North Korea-based threat actor Diamond Sleet (ZINC) involving a malicious variant of an application developed by CyberLink Corp., a software company that develops multimedia software products. This malicious file is a legitimate CyberLink application installer that has been modified to include malicious code that downloads, ...

November 22, 2023

Türkiye’s National Intelligence Organization (MIT) saved Omar A. from possible death or abduction in an international operation and offered him protection as the renowned Palestinian hacker was targeted by Mossad in Türkiye and Malaysia. The young man credited with hacking into Israel’s notorious Iron Dome air defense system was sought by Israel for a long time. ...

November 21, 2023

Ransomware attacks and cybersecurity threats against schools are multiplying and have led to some dramatic consequences. Last year, the Los Angeles Unified School District was hit by a ransomware attack that resulted in hackers posting 500 gigabytes of stolen data online, after the district’s superintendent refused to pay the ransom. The attack compromised about 2,000 student ...

November 21, 2023

In the dynamic realm of cryptocurrency, recent events have highlighted the ever-present threat of Rug Pulls—deceptive maneuvers that leave investors empty-handed. Threat Intel Blockchain system, developed by Check Point, recently sounded the alarm on a sophisticated scheme that managed to pilfer nearly $1 million. Let’s delve into the details of this elaborate crypto con and understand ...

November 21, 2023

Scammers are abusing an Apple feature that allows websites to create push notifications that look like they’re coming from macOS, or apps. The notifications try to scare users into clicking a link with fake virus alerts or messages saying their account has been hacked. Years ago Malwarebytes Labs warned our readers about the introduction of browser ...

November 21, 2023

The British Library has confirmed that a cyber attack in October has led to a leak of employee data. The attack, which took place on 31 October, has also resulted in the library’s website being down for almost a month. The Rhysida ransomware group claim to be behind the attack, and say they will auction off ...