- How fiends abuse an out-of-date Microsoft Windows driver to infect victims
April 24, 2023
Ransomware spreaders have built a handy tool that abuses an out-of-date Microsoft Windows driver to disable security defenses before dropping malware into the targeted systems. This detection evasion utility, which Sophos X-Ops researchers are calling AuKill, is the latest example in a growing trend where miscreants either abuse a legitimate driver to disable, silence or otherwise ...
- The international Tech Conference ICT Spring is back in Luxembourg on 29 & 30 June 2023
April 24, 2023
On June 29 & 30, 5000+ professionals (springers) will gather to attend a new edition of ICT Spring, the renowned Tech conference hosted in Luxembourg and where business innovation makes a difference. Organized since 2010, the event will take place at LuxExpo The Box and feature an exhibition area of over 100 companies including some ...
- Decoy Dog malware toolkit found after analyzing 70 billion DNS queries
April 23, 2023
A new enterprise-targeting malware toolkit called ‘Decoy Dog’ has been discovered after inspecting anomalous DNS traffic that is distinctive from regular internet activity. Decoy Dog helps threat actors evade standard detection methods through strategic domain aging and DNS query dribbling, aiming to establish a good reputation with security vendors before switching to facilitating cybercrime operations. Read more… Source: ...
- European air traffic control confirms website ‘under attack’ by pro-Russia hackers
April 22, 2023
Europe’s air-traffic agency appears to be the latest target in pro-Russian miscreants’ attempts to disrupt air travel. Eurocontrol confirmed on Friday its website has been “under attack” since April 19, and said “pro-Russian hackers” had claimed responsibility for the disruption. Read more… Source: The Register
- X_Trader Supply Chain Attack Affects Critical Infrastructure Organizations in U.S. and Europe
April 21, 2023
The X_Trader software supply chain attack affected more organizations than 3CX. Initial investigation by Symantec’s Threat Hunter Team has, to date, found that among the victims are two critical infrastructure organizations in the energy sector, one in the U.S. and the other in Europe. In addition to this, two other organizations involved in financial trading ...
- Cyber Defenders: NCI Agency experts participate in exercise Locked Shields
April 21, 2023
The exercise was organized by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn, Estonia from 18-21 April 2023. Nearly 20 NCI Agency experts participated in Locked Shields alongside on a team co-led by Denmark and the United Kingdom’s Ministries of Defence. The team joined the exercise on-site from the Defence Cyber Academy in ...
- CISA Releases Malware Analysis Report on ICONICSTEALER
April 20, 2023
CISA has released a new Malware Analysis Report (MAR) on an infostealer known as ICONICSTEALER. This trojan has been identified as a variant of malware used in the supply chain attack against 3CX’s Desktop App. CISA recommends users and administrators to review the following resources for more information, and hunt for the listed indicators of compromise ...
- Bank of America at odds with Lloyd’s over state-backed cyberattack exemption
April 20, 2023
Bank of America has reportedly raised concerns with Lloyd’s of London about a move to exempt “state-backed” cyberattacks from standard insurance policies. Bank of America highlighted its concerns with the policy in a series of meetings between Lloyd’s and its biggest clients, the Financial Times reported. Read more… Source: MSN News
- Ransomware Attack Hits Marinette Marine Shipyard, Results in Short-Term Delay of Frigate, Freedom LCS Construction
April 20, 2023
The Wisconsin shipyard that builds the U.S. Navy’s Freedom-class Littoral Combat Ship and the Constellation-class guided-missile frigate suffered a ransomware attack last week that delayed production across the shipyard, USNI News has learned. Fincantieri Marinette Marine experienced the attack in the early morning hours of April 12, when large chunks of data on the shipyard’s network ...
- Medusa ransomware crew brags about spreading Bing, Cortana source code
April 20, 2023
The Medusa ransomware gang has put online what it claims is a massive leak of internal Microsoft materials, including Bing and Cortana source code. “This leak is of more interest to programmers, since it contains the source codes of the following Bing products, Bing Maps and Cortana,” the crew wrote on its website, which was screenshotted ...
- CISA and Partners Release Cybersecurity Best Practices for Smart Cities
April 19, 2023
Today, CISA, NSA, FBI, NCSC-UK, ACSC, CCCS and NCSC-NZ released a joint guide: Cybersecurity Best Practices for Smart Cities. Smart cities may create safer, more efficient, resilient communities through technological innovation and data-driven decision making. However, this opportunity also introduces potential vulnerabilities and weaknesses that—if exploited—could impact national security, economic security, public health and safety, and ...