Tag: Cybersecurity
New Android malware, MMRat, can unlock phones – August 31st
In today's roundup; a Chinese cyberespionage group deploys malware, new Android malware, MMRat, unlocks phones, and DreamBus malware targets RocketMS servers.
Sextortion scams soar by 178%
Security researchers, ESTET reports a 178% increase in sextortion emails between the first half of 2022 and the first six months of 2023, marking the category out as a top email threat. The company ranks sextortion emails third among all email threats in H1 2023.
Lazarus Group arises with new malware strategy – August 25th
A new malware strain that gives the location of an infected device has been identified. The Hacker News explains that the malware has one operation: 'Every minute it triangulates the infected systems' positions by scanning nearby Wi-Fi Access points as a data point for Google's geolocation API.' Cyber experts aren't yet clear 'who or what' is interested in the location of an infected device or the motives behind why this specific form of malware was produced.
Syrian group behind RAT malware – August 24th
The malicious threat actor behind CypherRAT and CraxsRAT malware has been unmasked as the Syrian threat actor, EVLF. These RATS allow an attacker to control a victim's device's location, camera, and microphone.
New XLoader threat and an OfficeNote impersonator – August 23rd
In today's roundup; XLoader, OfficeNote copycat hides malicious code, hosting firm refuses to pay ransom, and Cybersmart announces $15 million series B funding.
US space industry vulnerable to supply-chain attacks
US intelligence agencies and the US Air Force issued a joint advisory warning space innovation and assets are now prime targets for cyber-espionage.
Cyber slowdown and major companies announce layoffs – August 17th
According to the Wall Street Journal, a trio of major cyber companies announced layoffs, further highlighting a slowdown in the sector, which though resilient, is starting to feel the impact of a wider downturn. Rapid 7, a Boston-based company, announced layoffs affecting 400 people, while Atlanta’s Secureworks cut 300, and Dragos let go of 50.
Companies slow to take the fight to cybercriminals
According to a study conducted in June, “Threat intelligence: Eyes on the enemy,” by threat intelligence firm Cyber Risk Analytics (CRA), vulnerability priority is the chief use of threat intelligence for 70 percent of the study’s respondents; 65 percent of those respondents also stated that they are starting to use threat intelligence to aid them with reactive incident response. By contrast, proactive measures still rank low on the list of primary uses for threat intelligence where most organizations are concerned, with 50 percent of respondents using threat intelligence for threat hunting and 46 percent, fewer than half, using actionable threat intelligence providing advanced warning against future attacks.
LinkedIn accounts suffer ongoing attack – August 16th
The attack allowed bad actors to lock LinkedIn users out of their accounts and resulted in ransom demands to allow users to access their accounts again. The ongoing attacks caused LinkedIn account inquiries to spike by 5000%. The full report is available on Cyberint’s website.
Barracuda again the target of malware attack – August 14th
Barracuda Email Security Gateway devices have again been violated, this time through a novel backdoor malware named 'Whirlpool.' The US Cybersecurity and Infrastructure Security Agency (CISA) has identified the breach to be the work of a pro-China group of hackers. The threat actors have targeted a zero-day remote command injection vulnerability through the malware. Reports say this vulnerability was used to plant malware payloads of Seapsy and Whirlpool backdoors on compromised devices.
August vacations pose QR code nightmare
A new summer craze is hitting the world of cybercrime – weaponized Quick Response (QR) codes. According to cybersecurity firm Darktrace, last month saw a marked increase in “Quishing” attacks.
UK Foreign Office hack reveals major security weaknesses
The UK Foreign Office's culture of secrecy kept the details of the extent of a 2021 breach that endangered its staff and allies until now.