Diamond Sleet supply chain compromise distributes a modified CyberLink installer

Microsoft Threat Intelligence has uncovered a supply chain attack by the North Korea-based threat actor Diamond Sleet (ZINC) involving a malicious variant of an application developed by CyberLink Corp., a software company that develops multimedia software products. This malicious file Read More …

Türkiye’s MIT saves Palestinian Iron Dome hacker from Mossad hit

Türkiye’s National Intelligence Organization (MIT) saved Omar A. from possible death or abduction in an international operation and offered him protection as the renowned Palestinian hacker was targeted by Mossad in Türkiye and Malaysia. The young man credited with hacking Read More …

FCC wants to improve cyber protections for schools, libraries

Ransomware attacks and cybersecurity threats against schools are multiplying and have led to some dramatic consequences. Last year, the Los Angeles Unified School District was hit by a ransomware attack that resulted in hackers posting 500 gigabytes of stolen data Read More …

The Rug Pull: A Million-Dollar Scam With A Fake Token Factory

In the dynamic realm of cryptocurrency, recent events have highlighted the ever-present threat of Rug Pulls—deceptive maneuvers that leave investors empty-handed. Threat Intel Blockchain system, developed by Check Point, recently sounded the alarm on a sophisticated scheme that managed to Read More …

British Library Employee data leaked in cyber attack

The British Library has confirmed that a cyber attack in October has led to a leak of employee data. The attack, which took place on 31 October, has also resulted in the library’s website being down for almost a month. Read More …

Hacking Employers and Seeking Employment: Two Job-Related Campaigns Bear Hallmarks of North Korean Threat Actors

Unit 42 researchers recently discovered two separate campaigns targeting job-seeking activities linked to state-sponsored threat actors associated with the Democratic People’s Republic of Korea (DPRK), commonly known as North Korea. The research team call the first campaign “Contagious Interview,” where Read More …

U.S. DOD strategy warns emerging tech is ‘at the forefront’ of information threats

The Pentagon publicly released its strategy for operating in the information environment – which covers both physical and digital sources of information – on Friday, outlining how the agency plans to modernize its collecting, processing and sharing of data to Read More …

SysAid path traversal vulnerability

SonicWall Capture Labs Threat Research Team became aware of the SysAid path traversal vulnerability, assessed its impact and developed mitigation measures for the vulnerability. On November 8, 2023, SysAid, an IT service management company, disclosed CVE-2023-47426, which is a zero-day Read More …

#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Multi-State Information Sharing & Analysis Center (MS-ISAC), and Australian Signals Directorate’s Australian Cyber Security Center (ASD’s ACSC) are releasing this joint Cybersecurity Advisory (CSA) to disseminate IOCs, TTPs, Read More …