Author: Admin
Addressing cyber threats before they have a chance to strike or cause serious damage is by far the best security approach any company can take. Achieving this requires a lot of research and active threat hunting. The problem here is that it’s easy to get stuck in endless arrays of data and not get relevant information. To avoid this, use these five battle-tested techniques that are sure to improve your company’s threat awareness and overall security. Search for threats targeting organizations in your region The most basic, but very effective, way to learn about the current threat to your company…
December 17, 2024Hacker newsWebinar / Risk management Even the best companies can still be hacked with the most advanced tools. This is an unpleasant reality: you’ve invested in the right solutions, trained your team, and strengthened your defenses. But violations still happen. So what’s going wrong? The truth is that attackers are constantly finding new ways to slip through loopholes that often go unnoticed – even in well-prepared organizations. Good news? These cracks can be found and repaired if you know where to look. Join John Paul Cunningham, CISO at Silverfort for a must-attend event webinar that reveals why breaches…
December 17, 2024Ravi LakshmananCyber espionage / malware An alleged South Asian cyber espionage group known as Bitter in November 2024, a Turkish defense sector organization was targeted to deliver two C++ malware families tracked as WmRAT and MiyaRAT. “The attack chain used alternate data streams in the RAR archive to deliver a shortcut (LNK) file that created a scheduled task on the target machine to release further payloads,” Proofpoint researchers Nick Atfield, Constantin Klinger, Pim Truerbach, and David Galazin said in a report shared with The Hacker News. The security company is tracking the threat under the name TA397. The…
Fake software updates are used by threat actors to deliver new stealing malware called CoinLurker. “Written in Go, CoinLurker uses advanced obfuscation and anti-analysis techniques, making it a very effective tool in today’s cyberattacks,” – Morphisec researcher Nadau Lorber said in a technical report published on Monday. Attacks use fake update alerts that use a variety of deceptive entry points, such as software update notifications on compromised WordPress sites, malicious redirects, phishing emails with links to fake update pages, fake CAPTCHA verification requestsdirect downloads from fake or infected sites, and links shared through social networks and messaging apps. Regardless of…
December 17, 2024Ravi LakshmananNetwork Security / IoT Security The US Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws of its known vulnerabilities (KEV) catalog with reference to evidence of active exploitation in the wild. The list of disadvantages is given below – CVE-2024-20767 (CVSS Score: 7.4) – Adobe ColdFusion contains an improper access control vulnerability that could allow an attacker to access or modify restricted files via an admin panel exposed to the Internet (patched by Adobe in March 2024) CVE-2024-35250 (CVSS Score: 7.8) – The Microsoft Windows kernel mode driver contains an untrusted pointer dereferencing…
December 17, 2024Ravi LakshmananCyber Espionage / Mobile Security A little-known cyber espionage actor known as Mask has been linked to a new set of attacks targeting an unnamed organization in Latin America twice in 2019 and 2022. “The Mask APT is a legendary threat that has been carrying out highly sophisticated attacks since at least 2007,” Kaspersky researchers Georgy Kucherin and Mark Rivera said in an analysis published last week. “Their targets are usually high-profile organizations such as governments, diplomatic missions and research institutions.” Also known as Careto, the threat actor was previously documented by a Russian cyber security company…
Cybersecurity researchers have discovered a new PHP-based backdoor named Gluttony which has been used in cyberattacks against China, the United States, Cambodia, Pakistan, and South Africa. QiAnXin XLab, which discovered the malware in late April 2024, attributed the previously unknown malware to the prolific Chinese state-owned group Winnti (aka APT41) with moderate confidence. “Interestingly, our investigation revealed that the creators of Glutton deliberately targeted systems in the cybercrime market,” the company said in a statement. said. “With poisoning operations, they sought to turn cybercriminals’ tools against themselves — a classic ‘no honor among thieves’ scenario.” Glutton is designed to collect…
DeceptionAds delivers over 1 million impressions daily across 3,000 sites, fake CAPTCHA pages
December 16, 2024Ravi LakshmananMalware / Threat Intelligence Cybersecurity researchers have shed light on a previously undocumented aspect of ClickFix-style attacks that involve taking advantage of a single ad network service in an ad-driven phishing campaign. Cheat ads. “This campaign, based entirely on a single ad network for distribution, demonstrates the basic mechanisms of malicious advertising – delivering over 1 million daily ‘ad impressions’ (over the last ten days) and causing thousands of daily victims to lose their accounts and money through a network of 3,000 + content sites that drive traffic” – Nati Tal, Head of Guardio Labs, said in…
NoviSpy spyware is installed on the journalist’s phone after unlocking it with the Cellebrite Tool
December 16, 2024Ravi LakshmananSpy Software / Surveillance The Serbian journalist’s phone was first unlocked by the Cellebrite tool and then hacked by a previously undocumented spyware codenamed NoviSpysays a new report published by Amnesty International. “NoviSpy allows you to capture sensitive personal data from a target device’s phone after infection and provides the ability to remotely turn on the phone’s microphone or camera,” the company said in a statement. said in an 87-page technical report. An analysis of forensic evidence indicates that spyware was installed when freelance journalist Slavisa Milanov’s phone was in the hands of Serbian police during his…
As modern software development has evolved, managing CI/CD pipelines has become critical to maintaining agility and compliance. As we enter the age of artificial intelligence (AI), the importance of reliable pipeline management only increases. With that said, we’ll explore the concept of CI/CD pipeline management and why it’s vital, especially as artificial intelligence becomes more prevalent in our software pipelines. What is CI/CD Pipeline Management? CI/CD pipeline management refers to the framework of policies, practices, and controls that oversee the entire software delivery process. This ensures that every step, from code generation to production deployment, meets organizational standards, security protocols,…