Cybersecurity News
Oct 18th, 2024 - Hackread reports that Windows and macOS users have been targeted with a new ClickFix attack campaign impersonating Google Meet alerts to facilitate the deployment of information-stealing malware. Attacks involved the display of fraudulent Google Meet popup alerts, which would download the StealC or Rhadamanthys infostealers for Windows users and the AMOS Stealer payload for macOS users, according to a Sekoia analysis. Such intrusions are believed to have been conducted by the ... [Read More]
Source: msspalert.com
Oct 18th, 2024 - Within days of being hired by the unwitting company, the North Korean criminal had stolen the company's data and soon used it as collateral to demand a "hefty ransom". A company was hacked after it hired a North Korean cyber criminal posing as an IT contractor. The unnamed company fell victim to a new North Korean hacking tactic, according to cybersecurity company Secureworks, which investigated the incident. A North Korean cyber criminal posing as an IT contractor was hired for a fixed-term ... [Read More]
Source: news.sky.com
Oct 18th, 2024 - Numerous high-profile organizations, including government and military entities, financial companies, and telecommunications firms, across Asia and Africa have been subjected to expanded intrusions by suspected Indian state-backed advanced persistent threat operation SideWinder , also known as APT-C-17, Rattlesnake, and T-APT-04, according to The Hacker News Attacks by SideWinder begin with the delivery of spear-phishing emails with a malicious LNK file-containing ZIP file or Office ... [Read More]
Source: msspalert.com
Oct 18th, 2024 - Attackers have tried to deliver wiper malware to employees at organizations across Israel by impersonating cybersecurity company ESET via email. The phishing email The attack took the form of a phishing email ostensibly sent by the "Eset Advanced Threat Defense Team", warning that state-backed hackers have tried compromising the target's device(s). The phishing email (Source: A user of the ESET Security Forum) The email was posted on ESET Security Forum's on October 8 by a recipient asking for ... [Read More]
Source: helpnetsecurity.com
Oct 17th, 2024 - Ukraine's Computer Emergency Response Team has disclosed an attack campaign exploiting the country's newly launched Reserve+ app for military service-eligible men to distribute the MeduzaStealer malware, reports The Record , a news site by cybersecurity firm Recorded Future. Threat actors who are yet to be identified impersonated Reserve+ customer support on Telegram to lure targets into downloading a ZIP archive claiming to have instructions on appropriate data updating, ... [Read More]
Source: scmagazine.com
Oct 16th, 2024 - New Variants Steal PINs, Affect 13,000+ Users and Exploit Accessibility Features An new variant of an Android banking Trojan called TrickMo is tricking victims into providing their phone unlock code, enabling hackers to sustain operations, warn cybersecurity researchers. Zymperium researchers identified 40 TrickMo variants that contain features including one-time password interception, credential theft and automated permission exploitation. The research builds on earlier analysis by Cleafy that ... [Read More]
Source: cuinfosecurity.com
Oct 15th, 2024 - Attacks with the new FASTCash malware for Linux have been launched by North Korean hackers against financial organizations' Ubuntu 22.04 LTS-based payment switch systems to facilitate unauthorized ATM transactions, reports . After being installed on a payment switch server's running process through the 'ptrace' system call, FASTCash for Linux — which significantly resembled iterations of the malware for Windows and AIX — facilitates ISO8583 transaction message interception and ... [Read More]
Source: scmagazine.com
Oct 15th, 2024 - reports that Android PINs have been targeted for exfiltration by some of the 40 newly discovered TrickMo Android banking trojan variants, which have one-time password interception, data and credential theft, screen recording, accessibility service exploitation, and automated permission granting capabilities. Fake unlock screens have been utilized by the novel TrickMo variants to compromise Android users' unlock patterns or PINs, a Zimperium analysis showed. "When the user ... [Read More]
Source: scmagazine.com
Oct 14th, 2024 - Cybersecurity researchers have uncovered a new digital skimmer campaign that uses Unicode obscuring techniques to hide the Mongolian Skimmer. The malware uses Unicode characters in identifiers to conceal its malicious functionality. The main goal of the Mongolian Skimmer is to steal sensitive data entered on e-commerce checkout or admin pages, including financial information. The stolen data is then sent to a server controlled by the attacker. The skimmer usually appears as an inline script on ... [Read More]
Source: dmnews.com
Oct 14th, 2024 - Security authorities in the UK and US have published guidelines on how organizations can protect themselves. The British cyber security agency National Cyber Security Center (NCSC) warns that the Russian foreign intelligence service, Sluzhba Vneshney Razvedki (SVR), is conducting a global campaign exploiting known vulnerabilities to infiltrate networks. The goal of the campaign is believed to be to collect data that can be used for future cyber operations, including ... [Read More]
Source: csoonline.com
Oct 18th, 2024 - Hackread reports that Windows and macOS users have been targeted with a new ClickFix attack campaign impersonating Google Meet alerts to facilitate the deployment of information-stealing malware. Attacks involved the display of fraudulent Google Meet popup alerts, which would download the StealC or Rhadamanthys infostealers for Windows users and the AMOS Stealer payload for macOS users, according to a Sekoia analysis. Such intrusions are believed to have been conducted by the ... [Read More]
Source: msspalert.com
Oct 18th, 2024 - Within days of being hired by the unwitting company, the North Korean criminal had stolen the company's data and soon used it as collateral to demand a "hefty ransom". A company was hacked after it hired a North Korean cyber criminal posing as an IT contractor. The unnamed company fell victim to a new North Korean hacking tactic, according to cybersecurity company Secureworks, which investigated the incident. A North Korean cyber criminal posing as an IT contractor was hired for a fixed-term ... [Read More]
Source: news.sky.com
Oct 18th, 2024 - Numerous high-profile organizations, including government and military entities, financial companies, and telecommunications firms, across Asia and Africa have been subjected to expanded intrusions by suspected Indian state-backed advanced persistent threat operation SideWinder , also known as APT-C-17, Rattlesnake, and T-APT-04, according to The Hacker News Attacks by SideWinder begin with the delivery of spear-phishing emails with a malicious LNK file-containing ZIP file or Office ... [Read More]
Source: msspalert.com
Oct 18th, 2024 - Attackers have tried to deliver wiper malware to employees at organizations across Israel by impersonating cybersecurity company ESET via email. The phishing email The attack took the form of a phishing email ostensibly sent by the "Eset Advanced Threat Defense Team", warning that state-backed hackers have tried compromising the target's device(s). The phishing email (Source: A user of the ESET Security Forum) The email was posted on ESET Security Forum's on October 8 by a recipient asking for ... [Read More]
Source: helpnetsecurity.com
Oct 17th, 2024 - Ukraine's Computer Emergency Response Team has disclosed an attack campaign exploiting the country's newly launched Reserve+ app for military service-eligible men to distribute the MeduzaStealer malware, reports The Record , a news site by cybersecurity firm Recorded Future. Threat actors who are yet to be identified impersonated Reserve+ customer support on Telegram to lure targets into downloading a ZIP archive claiming to have instructions on appropriate data updating, ... [Read More]
Source: scmagazine.com
Oct 16th, 2024 - New Variants Steal PINs, Affect 13,000+ Users and Exploit Accessibility Features An new variant of an Android banking Trojan called TrickMo is tricking victims into providing their phone unlock code, enabling hackers to sustain operations, warn cybersecurity researchers. Zymperium researchers identified 40 TrickMo variants that contain features including one-time password interception, credential theft and automated permission exploitation. The research builds on earlier analysis by Cleafy that ... [Read More]
Source: cuinfosecurity.com
Oct 15th, 2024 - Attacks with the new FASTCash malware for Linux have been launched by North Korean hackers against financial organizations' Ubuntu 22.04 LTS-based payment switch systems to facilitate unauthorized ATM transactions, reports . After being installed on a payment switch server's running process through the 'ptrace' system call, FASTCash for Linux — which significantly resembled iterations of the malware for Windows and AIX — facilitates ISO8583 transaction message interception and ... [Read More]
Source: scmagazine.com
Oct 15th, 2024 - reports that Android PINs have been targeted for exfiltration by some of the 40 newly discovered TrickMo Android banking trojan variants, which have one-time password interception, data and credential theft, screen recording, accessibility service exploitation, and automated permission granting capabilities. Fake unlock screens have been utilized by the novel TrickMo variants to compromise Android users' unlock patterns or PINs, a Zimperium analysis showed. "When the user ... [Read More]
Source: scmagazine.com
Oct 14th, 2024 - Cybersecurity researchers have uncovered a new digital skimmer campaign that uses Unicode obscuring techniques to hide the Mongolian Skimmer. The malware uses Unicode characters in identifiers to conceal its malicious functionality. The main goal of the Mongolian Skimmer is to steal sensitive data entered on e-commerce checkout or admin pages, including financial information. The stolen data is then sent to a server controlled by the attacker. The skimmer usually appears as an inline script on ... [Read More]
Source: dmnews.com
Oct 14th, 2024 - Security authorities in the UK and US have published guidelines on how organizations can protect themselves. The British cyber security agency National Cyber Security Center (NCSC) warns that the Russian foreign intelligence service, Sluzhba Vneshney Razvedki (SVR), is conducting a global campaign exploiting known vulnerabilities to infiltrate networks. The goal of the campaign is believed to be to collect data that can be used for future cyber operations, including ... [Read More]
Source: csoonline.com
You May Also Like…
Enhancing Medical Device Security with MDS2 and TPRM
In today's interconnected healthcare landscape, the security of medical devices has become a paramount concern. With cyber threats evolving rapidly, healthcare organizations face unprecedented...
Lessons from the National Data Breach
In an era where data breaches have become alarmingly common, the National Public Data Breach stands out as a stark reminder of the vulnerabilities in our interconnected digital landscape. This...
The Snowflake Incident: Lessons for Third-Party Risk Management
The recent Snowflake incident has sent shockwaves through the cybersecurity community, highlighting the critical importance of robust third-party risk management. This high-profile data breach,...