UK government transport website caught showing porn

A UK Department for Transport (DfT) website was caught serving porn earlier today. The particular DfT subdomain behind the mishap, on most days, provides vital DfT statistics for the public and the department’s business plan. Racy traffic ahead The UK Read More …

North Korean cyberspies target govt officials with custom malware

A state-sponsored North Korean threat actor tracked as TA406 was recently observed deploying custom info-stealing malware in espionage campaigns. The particular actor is attributed as one of several groups known as Kimsuky (aka Thallium). TA406 has left traces of low-volume Read More …

Philippines gov takes down passport application website amid privacy leak fears

The Philippines’ Department of Foreign Affairs (DFA) has disabled its online passport application tracker, citing a “data privacy issue” and hinting that information could have leaked. “The DFA’s IT Unit is currently investigating the circumstances surrounding this issue and is Read More …

CISA Binding Operational Directive 22-01 – Reducing the Significant Risk of Known Exploited Vulnerabilities

A binding operational directive is a compulsory direction to federal, executive branch, departments and agencies for purposes of safeguarding federal information and information systems. Section 3553(b)(2) of title 44, U.S. Code, authorizes the Secretary of the Department of Homeland Security Read More …

Meet Balikbayan Foxes: a threat group impersonating the Philippine gov’t

Proofpoint has uncovered a new, “highly active” threat group that is impersonating the Philippine government and businesses to spread Trojan malware. On Wednesday, researchers Selena Larson and Joe Wise said the threat actors, dubbed “Balikbayan Foxes” and tracked as TA2722, Read More …

FBI: Ranzy Locker ransomware hit at least 30 US companies this year

The FBI said on Monday that Ranzy Locker ransomware operators had compromised at least 30 US companies this year from various industry sectors. “Unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July Read More …

Hacker sells the data for millions of Moscow drivers for $800

Hackers are selling a stolen database containing 50 million records of Moscow driver data on an underground forum for only $800. According to Russian media outlets that purchased the database, the data appears to be valid and contains records collected Read More …

Russia and China left out of global anti-ransomware meetings

The White House National Security Council facilitates virtual meetings this week with senior officials and ministers from more than 30 countries in a virtual international counter-ransomware event to rally allies in the fight against the ransomware threat. Publicly disclosed ransomware Read More …

MysterySnail attacks IT companies, defence contractors and diplomatic entities with Windows zero-day

In late August and early September 2021, Kaspersky technologies detected attacks with the use of an elevation of privilege exploit on multiple Microsoft Windows servers. The exploit had numerous debug strings from an older, publicly known exploit for vulnerability CVE-2016-3309, Read More …