- PSNI data breach ‘wake-up call’ for UK forces, review says
December 11, 2023
A major data breach within the Police Service of Northern Ireland (PSNI) has been described as “a wake-up call” for forces across the UK. A report into the data leak has made 37 recommendations for improving information security within the PSNI. In August, the surnames and initials of all the PSNI’s 9,500 staff were released by ...
- China: Foreign geographic information software collects sensitive data, posing threat to national security
December 11, 2023
China’s national security agencies have discovered that foreign geographic information system software used in important industries in China has been collecting and transmitting geographic information data with some of the information collected involving state secrets, posing a serious threat to national security, China’s Ministry of State Security said on Monday, noting that national security agencies will ...
- No confirmation on rumored ALPHV/BlackCat site takedown by law enforcement
December 11, 2023
As the week started there was still no official confirmation from law enforcement that the notorious ALPV/BlackCat site had been taken down. Late last week, various research groups and news organizations reported, and RedSense on Dec. 8 confirmed, that law enforcement took down the ransomware group’s site, but short of official confirmation from the FBI or ...
- Insights into your unpatched vulnerabilities
December 11, 2023
In the 100 most prevalent unpatched vulnerabilities, the majority (93 out of the 100) are found in software by Adobe, Zoom, and Mozilla. No vulnerability listed as critical made it into the top 100 most prevalent vulnerabilities. But one critical vulnerability was close: CVE-2020-9633 in Adobe Flash Player. The vulnerable version of Flash is still in ...
- The Names of Thousands of Neo-Nazi Music Fans Just Got Leaked
December 11, 2023
For years if a white supremacist wanted to get their hands on select neo-Nazi music one of their likely stops would be Midgård, a Scandinavian online shop specializing in racist tunes. While the site offered a wide range of neo-Nazi music, clothing, and paraphernalia, its customers learned last week one thing they didn’t offer was infosec. ...
- Analyzing AsyncRAT’s code injection into aspnet_compiler.exe across multiple incident response cases
December 11, 2023
During their recent investigations, the Trend Micro Managed XDR (MxDR) team handled various cases involving AsyncRAT, a Remote Access Tool (RAT) with multiple capabilities, such as keylogging and remote desktop control, that make it a substantial threat to victims. This blog entry delves into MxDR’s unraveling of the AsyncRAT infection chain across multiple cases, shedding light ...
- Europol warning on the criminal use of Bluetooth trackers for geolocalisation
December 11, 2023
For the past several years, Europol has been observing a growing crime phenomenon: the use of Bluetooth trackers in organised crime. Bluetooth trackers are small devices designed to help people find personal objects, such as keys and bags, as well as vehicles at risk of theft. They can be attached to an item one does not ...
- U.S., South Korea, Japan to step up actions on North Korea cyber threats
December 9, 2023
The United States, South Korea and Japan agreed new initiatives on Saturday to respond to North Korea’s threats in cyberspace, including cryptocurrency abuses and space launches, White House National Security Adviser Jake Sullivan said. The three countries’ national security advisers met in Seoul as Pyongyang warned that it would deploy more spy satellites. Read more… Source: MSN News
- Russian FSB cyber actor Star Blizzard continues worldwide spear-phishing campaigns
December 8, 2023
The Russia-based actor Star Blizzard (formerly known as SEABORGIUM, also known as Callisto Group/TA446/COLDRIVER/TAG-53/BlueCharlie) continues to successfully use spear-phishing attacks against targeted organisations and individuals in the UK, and other geographical areas of interest, for information-gathering activity. The UK National Cyber Security Centre (NCSC), the US Cybersecurity and Infrastructure Security Agency (CISA), the US Federal Bureau ...
- INTERPOL operation reveals further insights into ‘globalization’ of cyber scam centres
December 8, 2023
LYON, France – The first INTERPOL operation specifically targeting the phenomenon of human trafficking-fuelled fraud has revealed further evidence that the crime trend is expanding beyond Southeast Asia. Following five months of investigative coordination, law enforcement from participating countries carried out more than 270,000 inspections and police checks at 450 human trafficking and migrant smuggling hotspots ...
- NATO: The NCI Agency’s new data science and AI tool receives security accreditation
December 8, 2023
Scientists, artificial intelligence (AI) and cyber security experts from the NATO Communications and Information Agency (NCI Agency) celebrated a new milestone at the NCI Agency’s campus in The Hague, Netherlands, after the security accreditation of a high performance computing environment for data science and AI. The Data Science and AI Sandbox, also known as SANDI, provides ...