- Japan: JMSDF set to establish a new “Fleet Information Warfare” command
September 9, 2024
The move would strengthen the JMSDF’s response capabilities to integrated information warfare, especially in the cognitive dimension. Most notably, the new reorganization process will abolish the current Fleet Intelligence Command (艦隊情報群), the only specialized intelligence unit in the JMSDF. The move came as part of a major organizational restructuring of the JMSDF. As Naval News reported ...
- Thousands of Avis car rental customers had personal data stolen in cyberattack
September 9, 2024
Car rental giant Avis is notifying hundreds of thousands of people that their personal information and driver’s license numbers were stolen in an August cyberattack. The New Jersey-headquartered company said in a data breach notice filed with several U.S. attorneys general over the past week that it discovered intruders in one of its business applications on ...
- Loki: a new private agent for the popular Mythic framework
September 9, 2024
In July 2024, Kaspersky researchers discovered the previously unknown Loki backdoor, which was used in a series of targeted attacks. By analyzing the malicious file and open sources, we determined that Loki is a private version of an agent for the open-source Mythic framework. The newly discovered Loki agent is a Mythic-compatible version of the agent for ...
- Israel: IDF investigates forged Hamas documents leaked to foreign media
September 8, 2024
An IDF investigation found that documents forged by the Hamas terrorist organization were leaked to foreign media outlets that would negatively shape public opinion on Israel, according to a Sunday report by Ynet. The investigation was launched to find out who was manipulating the use of classified Hamas documents seized in Gaza or those that were ...
- Disneyland, Disney Cruise guests and employees personal info leaked
September 7, 2024
Over the summer, Disney’s internal communications channels suffered a data breach. We now know that as a result of this breach, guests and employees were affected, with personal information being stolen by hackers. Earlier this summer, a hacker group called “NullBulge” gained access to over 1TB of sensitive data from Disney after infiltrating the company’s internal ...
- US sanctions fail to deter Predator spyware utilization
September 6, 2024
Intellexa Group’s Predator spyware has experienced a resurgence in activity following a decline spurred by sanctions imposed by the Biden administration, reports The Record, a news site by cybersecurity firm Recorded Future. Angola and the Democratic Republic of Congo, which is a new Intellexa client, may have leveraged new Predator infrastructure to enable spyware staging and ...
- TIDRONE Targets Military and Satellite Industries in Taiwan
September 6, 2024
Since the beginning of 2024, Trend Micro have been receiving incident response cases from Taiwan. Trend Micro researchers track this unidentified threat cluster as TIDRONE. Their research reveals that the threat actors have shown significant interest in military-related industry chains, particularly in the manufacturers of drones. Furthermore, telemetry from VirusTotal indicates that the targeted countries are ...
- Chinese APT Abuses VSCode to Target Government in Asia
September 6, 2024
Unit 42 researchers recently found that Stately Taurus abused the popular Visual Studio Code software in espionage operations targeting government entities in Southeast Asia. Stately Taurus is a Chinese advanced persistent threat (APT) group that carries out cyberespionage attacks. This threat actor used Visual Studio Code’s embedded reverse shell feature to gain a foothold in target ...
- Serve your country through cyber, White House says
September 6, 2024
Earlier this week, the United States White House unveiled a new initiative, called Service for America. This initiative, created together with the Office of Management and Budget (OMB) and Office of Personnel Management (OPM), aims to get more people interested in cybersecurity, and thus help bolster the overall cybersecurity posture in both public, and private ...
- CVE-2024-23119: Critical SQL Injection Vulnerability in Centreon
September 6, 2024
The SonicWall Capture Labs threat research team became aware of the threat CVE-2024-23119, assessed its impact and developed mitigation measures for this vulnerability. CVE-2024-23119 is a high-severity SQL Injection vulnerability in Centreon, impacting Centreon Web versions prior to 22.10.17, 23.04.13, and 23.10.5. Centreon is a widely used network, system and application monitoring tool. This issue resides ...
- UK: TfL still affected by ‘ongoing cyber incident’
September 6, 2024
Transport for London (TfL) has restricted its online services as its computer systems continue to be affected by a cyber attack. The organisation said it took action including limiting access to some live travel information services via apps and its website, and preventing passengers from viewing their journey history for trips paid for by contactless cards. ...