Monthly Archives: September 2024

Exposed Selenium Grid Servers Targeted for Crypto Mining and Proxyjacking

Internet-exposed Selenium Grid instances are being targeted by bad actors for illicit cryptocurrency mining and...

12
Sep
Building a Cybersecurity and Privacy Learning Program: NIST Publishes SP 800-50r1
September 12, 2024

NIST Special Publication (SP) 800-50r1 (Revision 1), Building a Cybersecurity and Privacy Learning Program, provides...

Top 3 Threat Report Insights for Q2 2024

Cato CTRL (Cyber Threats Research Lab) has released its Q2 2024 Cato CTRL SASE Threat...

12
Sep
Iranian Cyber Group OilRig Targets Iraqi Government in Sophisticated Malware Attack

Iraqi government networks have emerged as the target of an “elaborate” cyber attack campaign orchestrated...

12
Sep
Ireland’s Watchdog Launches Inquiry into Google’s AI Data Practices in Europe

The Irish Data Protection Commission (DPC) has announced that it has commenced a “Cross-Border statutory...

12
Sep
WordPress Mandates Two-Factor Authentication for Plugin and Theme Developers

WordPress.org has announced a new account security measure that will require accounts with capabilities to...

12
Sep
Quad7 Botnet Expands to Target SOHO Routers and VPN Appliances

The operators of the mysterious Quad7 botnet are actively evolving by compromising several brands of...

11
Sep
DragonRank Black Hat SEO Campaign Targeting IIS Servers Across Asia and Europe

A “simplified Chinese-speaking actor” has been linked to a new campaign that has targeted multiple...

11
Sep
Singapore Police Arrest Six Hackers Linked to Global Cybercrime Syndicate

The Singapore Police Force (SPF) has announced the arrest of five Chinese nationals and one...

11
Sep
Why Is It So Challenging to Go Passwordless?

Imagine a world where you never have to remember another password. Seems like a dream...

11
Sep
Developers Beware: Lazarus Group Uses Fake Coding Tests to Spread Malware

Cybersecurity researchers have uncovered a new set of malicious Python packages that target software developers...

11
Sep
SBOMs and the importance of inventory
September 11, 2024

Can a Software Bill of Materials (SBOM) provide organisations with better insight into their supply...

Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws

Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come...

11
Sep
Ivanti Releases Urgent Security Updates for Endpoint Manager Vulnerabilities

Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager (EPM), including...

11
Sep
CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub

The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom...

10
Sep
Experts Identify 3 Chinese-Linked Clusters Behind Cyberattacks in Southeast Asia

A trio of threat activity clusters linked to China has been observed compromising more government...

10
Sep
Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of...

10
Sep
New PIXHELL Attack Exploits Screen Noise to Exfiltrates Data from Air-Gapped Computers

A new side-channel attack dubbed PIXHELL could be abused to target air-gapped computers by breaching...

10
Sep
Mustang Panda Deploys Advanced Malware to Spy on Asia-Pacific Governments

The threat actor tracked as Mustang Panda has refined its malware arsenal to include new...

10
Sep
New RAMBO Attack Uses RAM Radio Signals to Steal Data from Air-Gapped Networks

A novel side-channel attack has been found to leverage radio signals emanated by a device’s...

09
Sep
One More Tool Will Do It? Reflecting on the CrowdStrike Fallout

The proliferation of cybersecurity tools has created an illusion of security. Organizations often believe that...

09
Sep
Blind Eagle Targets Colombian Insurance Sector with Customized Quasar RAT

The Colombian insurance sector is the target of a threat actor tracked as Blind Eagle...

09
Sep
Chinese Hackers Exploit Visual Studio Code in Southeast Asian Cyberattacks

The China-linked advanced persistent threat (APT) group known as Mustang Panda has been observed weaponizing...

09
Sep
Webinar: How to Protect Your Company from GenAI Data Leakage Without Losing It’s Productivity Benefits

GenAI has become a table stakes tool for employees, due to the productivity gains and...

09
Sep
Wing Security SaaS Pulse: Continuous Security & Actionable Insights — For Free

Designed to be more than a one-time assessment— Wing Security’s SaaS Pulse provides organizations with...

09
Sep
Progress Software Issues Patch for Vulnerability in LoadMaster and MT Hypervisor

Progress Software has released security updates for a maximum-severity flaw in LoadMaster and Multi-Tenant (MT)...

09
Sep
New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys

Android device users in South Korea have emerged as a target of a new mobile...

09
Sep
TIDRONE Espionage Group Targets Taiwan Drone Makers in Cyber Campaign

A previously undocumented threat actor with likely ties to Chinese-speaking groups has predominantly singled out...

09
Sep
U.S. Offers $10 Million for Info on Russian Cadet Blizzard Hackers Behind Major Attacks

The U.S. government and a coalition of international partners have officially attributed a Russian hacking...

09
Sep
North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams

Threat actors affiliated with North Korea have been observed leveraging LinkedIn as a way to...

07
Sep