News – November 2023


  • Ducktail fashion week

    November 10, 2023

    Ducktail is a malware family that has been active since the second half of 2021 and aims to steal Facebook business accounts. Kaspersky Daily Iran, WithSecure, and GridinSoft have all covered Ducktail attacks: the infostealer spread under the guise of documents relating to well-known companies’ and brands’ projects and products. The group behind the Ducktail attacks presumably ...

  • CVE-2023-5950 Rapid7 Velociraptor Reflected XSS

    November 10, 2023

    This advisory covers a specific issue identified in Velociraptor and disclosed by a security code review. CVSS · HIGH · 8.6/10 · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L Scoring scenario: GENERAL AattackVector: NETWORK AttackComplexity: LOW PrivilegesRequired: NONE Read more… Source: Rapid7  

  • U.S. arm of China mega-lender ICBC hit by ransomware attack

    November 10, 2023

    The U.S. arm of China’s largest bank said Thursday that it was hit by a ransomware attack, forcing clients to reroute trades and disrupting the U.S. Treasury market. Ransomware attacks typically access vulnerable computer systems and encrypt or steal data, before sending a ransom note demanding payment in exchange for decrypting the data or not releasing ...

  • Optus loses court bid to keep report into cause of cyber-attack secret

    November 10, 2023

    Optus has lost a bid in the federal court to keep secret a report on the cause of the 2022 cyber-attack – which resulted in the personal information of about 10 million customers being exposed – after a judge rejected the telco’s legal privilege claim. After the hack, the company announced in October last year that ...

  • Modern Asian APT groups’ tactics, techniques and procedures (TTPs)

    November 9, 2023

    This report consists of six main sections – Incidents involving Asian APT groups in various regions of the planet Information on five unique incidents that Kaspersky researchers detected in different parts of the world. Each incident is a unique case within a specific country and industry, and they provide a description of the actions and TTPs ...

  • Secretary General: Through NATO, we can build a secure cyberspace for all

    November 9, 2023

    The Secretary General emphasized that cyber is driving strategic competition and that authoritarian regimes, including China and Russia, are: “challenging our interests, our values and our security.” He said they are: “determined to shape the future of cyberspace in own image with little transparency and no regard for human rights.” At the Vilnius Summit this ...

  • CVE-2023-47246: SysAid Zero-Day Vulnerability Exploited By Lace Tempest

    November 9, 2023

    On November 8, 2023, IT service management company SysAid disclosed CVE-2023-47426, a zero-day path traversal vulnerability affecting on-premise SysAid servers. According to Microsoft’s threat intelligence team, it has been exploited in the wild by DEV-0950 (Lace Tempest) in “limited attacks.” In a social media thread published the evening of November 8, Microsoft emphasized that Lace Tempest ...

  • Threat Predictions for 2024: Chained AI and CaaS Operations Give Attackers More “Easy” Buttons Than Ever

    November 9, 2023

    With the growth of Cybercrime-as-a-Service (CaaS) operations and the advent of generative AI, threat actors have more “easy” buttons at their fingertips to assist with carrying out attacks than ever before. By relying on the growing capabilities in their respective toolboxes, adversaries will increase the sophistication of their activities. They’ll launch more targeted and stealthier hacks ...

  • Thailand: Trio arrested for alleged involvement in major data breach

    November 9, 2023

    A trio, consisting of an insurance broker, a programmer, and a Facebook page administrator, has been apprehended for their alleged involvement in a significant data breach operation. They stand accused of compromising and subsequently selling the personal data of over 15 million individuals to illicit businesses.  The engineer is accused of trading the personal information of ...

  • Judge rules it’s fine for car makers to intercept your text messages

    November 9, 2023

    A federal judge has refused to bring back a class action lawsuit that alleged four car manufacturers had violated Washington state’s privacy laws by using vehicles’ on-board infotainment systems to record customers’ text messages and mobile phone call logs. Car manufacturers Honda, Toyota, Volkswagen, and General Motors were facing five related privacy class action suits. One ...