Jul 04, 2024NewsroomVulnerability / Critical Infrastructure Microsoft has revealed two security flaws in Rockwell Automation PanelView Plus that could be weaponized by remote, unauthenticated attackers to execute arbitrary code and trigger a denial-of-service (DoS) condition. "The [remote code execution] vulnerability in PanelView Plus involves two custom classes that can be … [Read more...] about Microsoft Uncovers Critical Flaws in Rockwell Automation PanelView Plus
Uncovers
Bitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal Proceeds
May 01, 2024NewsroomFinancial Crime / Forensic Analysis A forensic analysis of a graph dataset containing transactions on the Bitcoin blockchain has revealed clusters associated with illicit activity and money laundering, including detecting criminal proceeds sent to a crypto exchange and previously unknown wallets belonging to a Russian darknet market. The findings come from … [Read more...] about Bitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal Proceeds
CERT-UA Uncovers New Malware Wave Distributing OCEANMAP, MASEPIE, STEELHOOK
Dec 29, 2023NewsroomEmail Security / Malware The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign orchestrated by the Russia-linked APT28 group to deploy previously undocumented malware such as OCEANMAP, MASEPIE, and STEELHOOK to harvest sensitive information. The activity, which was detected by the agency between December 15 and 25, … [Read more...] about CERT-UA Uncovers New Malware Wave Distributing OCEANMAP, MASEPIE, STEELHOOK
New Survey Uncovers How Companies Are Confronting Data Security Challenges Head-On
Data security is in the headlines often, and it's almost never for a positive reason. Major breaches, new ways to hack into an organization's supposedly secure data, and other threats make the news because well, it's scary — and expensive. Data breaches, ransomware and malware attacks, and other cybercrime might be pricey to prevent, but they are even more costly when they … [Read more...] about New Survey Uncovers How Companies Are Confronting Data Security Challenges Head-On
CrowdStrike Uncovers I2Pminer MacOS Mineware Variant
CrowdStrike analyzed an I2Pminer variant that targets macOS The mineware utilizes I2P to hide XMRig network traffic The CrowdStrike Falcon® platform provides continuous protection against mineware threats by offering real-time visibility across workloads CrowdStrike recently analyzed a macOS-targeted mineware campaign that utilized malicious application bundles to deliver open … [Read more...] about CrowdStrike Uncovers I2Pminer MacOS Mineware Variant
Researcher Uncovers Potential Wiretapping Bugs in Google Home Smart Speakers
Dec 30, 2022Ravie LakshmananBug Bounty / Privacy A security researcher was awarded a bug bounty of $107,500 for identifying security issues in Google Home smart speakers that could be exploited to install backdoors and turn them into wiretapping devices. The flaws "allowed an attacker within wireless proximity to install a 'backdoor' account on the device, enabling them to … [Read more...] about Researcher Uncovers Potential Wiretapping Bugs in Google Home Smart Speakers
Google Uncovers Tool Used by Iranian Hackers to Steal Data from Email Accounts
The Iranian government-backed actor known as Charming Kitten has added a new tool to its malware arsenal that allows it to retrieve user data from Gmail, Yahoo!, and Microsoft Outlook accounts. Dubbed HYPERSCRAPE by Google Threat Analysis Group (TAG), the actively in-development malicious software is said to have been used against less than two dozen accounts in Iran, with the … [Read more...] about Google Uncovers Tool Used by Iranian Hackers to Steal Data from Email Accounts
OverWatch Uncovers Ongoing NIGHT SPIDER Zloader Campaign
Over recent months, the CrowdStrike Falcon OverWatch™ team has tracked an ongoing, widespread intrusion campaign leveraging bundled .msi installers to trick victims into downloading malicious payloads alongside legitimate software. These payloads and scripts were used to perform reconnaissance and ultimately download and execute NIGHT SPIDER’s Zloader trojan, as detailed in … [Read more...] about OverWatch Uncovers Ongoing NIGHT SPIDER Zloader Campaign
Google Uncovers ‘Initial Access Broker’ Working with Conti Ransomware Gang
Google's Threat Analysis Group (TAG) took the wraps off a new initial access broker that it said is closely affiliated to a Russian cyber crime gang notorious for its Conti and Diavol ransomware operations. Dubbed Exotic Lily, the financially motivated threat actor has been observed exploiting a now-patched critical flaw in the Microsoft Windows MSHTML platform (CVE-2021-40444) … [Read more...] about Google Uncovers ‘Initial Access Broker’ Working with Conti Ransomware Gang
Microsoft Uncovers New Details of Russian Hacking Campaign Targeting Ukraine
Microsoft on Friday shared more of the tactics, techniques, and procedures (TTPs) adopted by the Russia-based Gamaredon hacking group to facilitate a barrage of cyber espionage attacks aimed at several entities in Ukraine over the past six months. The attacks are said to have singled out government, military, non-government organizations (NGO), judiciary, law enforcement, and … [Read more...] about Microsoft Uncovers New Details of Russian Hacking Campaign Targeting Ukraine