- Mystery database containing sensitive info on 762,000 car-owners discovered by researchers
September 6, 2024
In early August, cybersecurity researchers from Cybernews discovered an unprotected database containing sensitive information on hundreds of thousands of Chinese individuals. To this day, they haven’t figured out who the database belongs to, or why it was generated and left open in the first place. Using Elasticsearch, a search engine for databases, the team of researchers ...
- Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure
September 5, 2024
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm ...
- Tropic Trooper spies on government entities in the Middle East
September 5, 2024
Tropic Trooper (also known as KeyBoy and Pirate Panda) is an APT group active since 2011. This group has traditionally targeted sectors such as government, healthcare, transportation and high-tech industries in Taiwan, the Philippines and Hong Kong. Kaspersky recent investigation has revealed that in 2024 they conducted persistent campaigns targeting a government entity in the Middle ...
- Victoria: Simmering anger from firies over cyber attack details
September 5, 2024
Two years on from a cyber attack firefighters say their systems are not fully restored and they still do not know if their information was leaked. Victoria’s fire service says it continues to update the workforce about a cyber attack, but the firefighting union is fuming, saying it is still in the dark over the incident ...
- Zyxel Releases Multiple Security Advisories
September 4, 2024
Zyxel has released 3 security advisories to address vulnerabilities in Zyxel firewalls, Access Points (APs), extenders, and security router devices. In the first security advisory, Zyxel describes seven vulnerabilities found in their ATP and USG FLEX firewall product lines. Two vulnerabilities could allow an attacker to create a denial-of-service (DoS) condition, four vulnerabilities could allow an ...
- Mallox ransomware: in-depth analysis and evolution
September 4, 2024
Mallox is a sophisticated and dangerous family of malicious software that has been causing significant damage to organizations worldwide. In 2023, this ransomware strain demonstrated an uptick in attacks, the overall number of discovered Mallox samples exceeding 700. In the first half of 2024, the malware was still being actively developed, with new versions being released ...
- Planned Parenthood confirms cyber-attack as RansomHub threatens to leak data
September 4, 2024
Planned Parenthood of Montana’s chief exec says the org is responding to a cyber-attack on its systems, and has drafted in federal law enforcement and infosec professionals to help investigate and rebuild its IT environment. This comes as ransomware crew RansomHub boasted it had broken into the nonprofit, and stolen its data, which it is threatening ...
- How Effective Is Your Insider Risk Program?
September 3, 2024
Insider threats continue to increase and make headlines. So, it is no surprise that many CISOs consider it a high priority to proactively identify and prevent these types of threats. In fact, research for the 2024 Voice of the CISO report from Proofpoint found that a third of CISOs globally see insider threats as their biggest ...
- North Korea Aggressively Targeting Crypto Industry with Well-Disguised Social Engineering Attacks
September 3, 2024
The Democratic People’s Republic of Korea (“DPRK” aka North Korea) is conducting highly tailored, difficult-to-detect social engineering campaigns against employees of decentralized finance (“DeFi”), cryptocurrency, and similar businesses to deploy malware and steal company cryptocurrency. North Korean social engineering schemes are complex and elaborate, often compromising victims with sophisticated technical acumen. Given the scale and persistence ...
- Decoding the Puzzle: Cicada3301 Ransomware Threat Analysis
September 3, 2024
Cicada3301 ransomware, written in Rust, was first reported less than two months ago. Despite its recent emergence, Morphisec threat researchers have already identified striking similarities between Cicada3301 and the infamous BlackCat ransomware. Like its namesake, the Cicada puzzle, which has long been associated with complex, cyber-related problem-solving, the true identity of the Cicada3301 ransomware developers remains ...