Apr 19, 2023Ravie LakshmananNetwork Security / Cyber Espionage U.K. and U.S. cybersecurity and intelligence agencies have warned of Russian nation-state actors exploiting now-patched flaws in networking equipment from Cisco to conduct reconnaissance and deploy malware against targets. The intrusions, per the authorities, took place in 2021 and targeted a small number of … [Read more...] about U.S. and U.K. Warn of Russian Hackers Exploiting Cisco Router Flaws for Espionage
cyber security news today
Iranian Hackers Using SimpleHelp Remote Support Software for Persistent Access
Apr 18, 2023Ravie LakshmananCyber Threat / Malware The Iranian threat actor known as MuddyWater is continuing its time-tested tradition of relying on legitimate remote administration tools to commandeer targeted systems. While the nation-state group has previously employed ScreenConnect, RemoteUtilities, and Syncro, a new analysis from Group-IB has revealed the adversary's … [Read more...] about Iranian Hackers Using SimpleHelp Remote Support Software for Persistent Access
Vice Society Ransomware Using Stealthy PowerShell Tool for Data Exfiltration
Apr 17, 2023Ravie LakshmananRansomware / Cyber Attack Threat actors associated with the Vice Society ransomware gang have been observed using a bespoke PowerShell-based tool to fly under the radar and automate the process of exfiltrating data from compromised networks. "Threat actors (TAs) using built-in data exfiltration methods like [living off the land binaries and … [Read more...] about Vice Society Ransomware Using Stealthy PowerShell Tool for Data Exfiltration
Google Releases Urgent Chrome Update to Fix Actively Exploited Zero-Day Vulnerability
Apr 15, 2023Ravie LakshmananZero-Day / Browser Security Google on Friday released out-of-band updates to resolve an actively exploited zero-day flaw in its Chrome web browser, making it the first such bug to be addressed since the start of the year. Tracked as CVE-2023-2033, the high-severity vulnerability has been described as a type confusion issue in the V8 JavaScript … [Read more...] about Google Releases Urgent Chrome Update to Fix Actively Exploited Zero-Day Vulnerability
Russia-Linked Hackers Launches Espionage Attacks on Foreign Diplomatic Entities
Apr 14, 2023Ravie LakshmananUnited States The Russia-linked APT29 (aka Cozy Bear) threat actor has been attributed to an ongoing cyber espionage campaign targeting foreign ministries and diplomatic entities located in NATO member states, the European Union, and Africa. According to Poland's Military Counterintelligence Service and the CERT Polska team, the observed activity … [Read more...] about Russia-Linked Hackers Launches Espionage Attacks on Foreign Diplomatic Entities
Severe Android and Novi Survey Vulnerabilities Under Active Exploitation
Apr 14, 2023Ravie LakshmananMobile Security / Cyber Threat The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The two flaws are listed below - CVE-2023-20963 (CVSS score: 7.8) - Android Framework Privilege Escalation … [Read more...] about Severe Android and Novi Survey Vulnerabilities Under Active Exploitation
Pakistan-based Transparent Tribe Hackers Targeting Indian Educational Institutions
Apr 13, 2023Ravie LakshmananMalware / Cyber Attack The Transparent Tribe threat actor has been linked to a set of weaponized Microsoft Office documents in attacks targeting the Indian education sector using a continuously maintained piece of malware called Crimson RAT. While the suspected Pakistan-based threat group is known to target military and government entities in the … [Read more...] about Pakistan-based Transparent Tribe Hackers Targeting Indian Educational Institutions
Microsoft Issues Patches for 97 Flaws, Including Active Ransomware Exploit
Apr 12, 2023Ravie LakshmananPatch Tuesday / Software Updates It's the second Tuesday of the month, and Microsoft has released another set of security updates to fix a total of 97 flaws impacting its software, one of which has been actively exploited in ransomware attacks in the wild. Seven of the 97 bugs are rated Critical and 90 are rated Important in severity. … [Read more...] about Microsoft Issues Patches for 97 Flaws, Including Active Ransomware Exploit
Cryptocurrency Stealer Malware Distributed via 13 NuGet Packages
Apr 11, 2023Ravie LakshmananSoftware Security / Cryptocurrency Cybersecurity researchers have detailed the inner workings of the cryptocurrency stealer malware that was distributed via 13 malicious NuGet packages as part of a supply chain attack targeting .NET developers. The sophisticated typosquatting campaign, which was detailed by JFrog late last month, impersonated … [Read more...] about Cryptocurrency Stealer Malware Distributed via 13 NuGet Packages
Over 1 Million WordPress Sites Infected by Balada Injector Malware Campaign
Apr 10, 2023Ravie LakshmananWeb Security / Malware Over one million WordPress websites are estimated to have been infected by an ongoing campaign to deploy malware called Balada Injector since 2017. The massive campaign, per GoDaddy's Sucuri, "leverages all known and recently discovered theme and plugin vulnerabilities" to breach WordPress sites. The attacks are known to play … [Read more...] about Over 1 Million WordPress Sites Infected by Balada Injector Malware Campaign