- China revises Counter-Espionage Law, defining cyber-attacks against state organs as spy activities
April 26, 2023
The 14th National People’s Congress (NPC) Standing Committee passed an amendment to the Counter-Espionage Law on Wednesday. The revised law refines the definition of espionage activities, explicitly categorizing “collaborating with spy organizations and their agents” and “conducting cyber-attacks against state organs, confidential-related units, or critical information infrastructure and etc.” as espionage activities. The revised law will ...
- Cyber Chiefs Forge Partnerships With Physical Security Units As Combined Threats Grow
April 26, 2023
Cyberattacks are blurring the lines between physical and digital risks, forcing cybersecurity and physical security chiefs to work closely together to combat threats, executives say. Cyber-physical threats, where an attack on computer systems might cause damage to property or people, or vice versa, have long been a concern for companies in the defense-industrial base, power and ...
- Cisco discloses XSS zero-day flaw in server management tool
April 26, 2023
Cisco disclosed today a zero-day vulnerability in the company’s Prime Collaboration Deployment (PCD) software that can be exploited for cross-site scripting attacks. This server management utility enables admins to perform migration or upgrade tasks on servers in their organization’s inventory. Read more… Source: Bleeping Computer
- Chinese Alloy Taurus Updates PingPull Malware
April 26, 2023
Unit 42 researchers recently identified a new variant of PingPull malware used by Alloy Taurus actors designed to target Linux systems. While following the infrastructure leveraged by the actor for this PingPull variant, we also identified their use of another backdoor we track as Sword2033. The first samples of PingPull malware date back to September 2021. ...
- Energy giant warns of ‘catastrophic damage’ if government bans payment of cyber ransoms
April 26, 2023
A government-imposed ban on companies paying cyber ransoms to hackers could cause “catastrophic damage” and even lead to the loss of Australian lives, the nation’s biggest energy producer has warned. AGL Energy, whose board was recently reshuffled by Atlassian billionaire Mike Cannon-Brookes, described ransom bans as a dangerous double-edged sword. Read more… Source: 9News
- Irrigation Systems in Israel Hit With Cyber Attack That Temporarily Disabled Farm Equipment
April 25, 2023
A cyber attack that targeted irrigation systems in Israel is thought to be part of an annual “hacktivist” campaign that takes place every April, and this year’s attempt at least managed to cause a nuisance for some farms in the Jordan Valley. The hackers targeted both farms and wastewater treatment plants. They seemingly had little success ...
- Abuse of the Service Location Protocol May Lead to DoS Attacks
April 25, 2023
The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated remote attacker to register arbitrary services. This could allow an attacker to use spoofed UDP traffic to conduct a denial-of-service (DoS) attack with a significant amplification factor. Researchers from Bitsight and Curesec have discovered a way to abuse SLP—identified as CVE-2023-29552—to conduct high amplification factor DoS ...
- U.S. deploys more cyber forces abroad to help fight hackers
April 25, 2023
The United States is sending more of its cyber forces abroad to help foreign governments fight hackers, a top U.S. military official said at the RSA cybersecurity conference in San Francisco. In the last three years, the U.S. military’s Cyber National Mission Force (CNMF) has conducted 47 such “hunt forward” defensive operations across 20 countries at ...
- Intel CPUs vulnerable to new transient execution side-channel attack
April 24, 2023
A new side-channel attack impacting multiple generations of Intel CPUs has been discovered, allowing data to be leaked through the EFLAGS register. The new attack was discovered by researchers at Tsinghua University, the University of Maryland, and a computer lab (BUPT) run by the Chinese Ministry of Education and is different than most other side-channel attacks. Read ...
- Cyber Thieves Are Getting More Creative
April 24, 2023
Cybercriminals pull off many of their crimes by combining lots of real information with just a tiny bit of misinformation, which can be financially devastating for both companies and individuals. This article describes some recent examples of this technique, which include exploiting wire transfers, stealing paychecks, and tricking employees into helping “the boss.” It’s important to ...
- Tomiris called, they want their Turla malware back
April 24, 2023
Kaspersky introduced Tomiris to the world in September 2021, following their investigation of a DNS-hijack against a government organization in the Commonwealth of Independent States (CIS). Kaspersky researchers initial report described links between a Tomiris Golang implant and SUNSHUTTLE (which has been associated to NOBELIUM/APT29/TheDukes) as well as Kazuar (which has been associated to Turla); ...