Oct 13, 2023NewsroomEndpoint Security / Cyber Attack European Union military personnel and political leaders working on gender equality initiatives have emerged as the target of a new campaign that delivers an updated version of RomCom RAT called PEAPOD. Cybersecurity firm Trend Micro attributed the attacks to a threat actor it tracks under the name Void Rabisu, which is also … [Read more...] about New PEAPOD Cyberattack Campaign Targeting Women Political Leaders
cyberattack
Debunking Myths About Cyberattack Complexity in 2022
Stoking fears about the threat landscape is a popular approach, and one that I don’t particularly care for. Many will tell you that the threat landscape is constantly changing, that threats are getting more complex, and that actors are getting more sophisticated. “The whole world is getting more difficult and scarier, so buy our stuff!”There’s a ton of media sensationalism too, … [Read more...] about Debunking Myths About Cyberattack Complexity in 2022
U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania
The U.S. Treasury Department on Friday announced sanctions against Iran's Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence, Esmaeil Khatib, for engaging in cyber-enabled activities against the nation and its allies. "Since at least 2007, the MOIS and its cyber actor proxies have conducted malicious cyber operations targeting a range of government … [Read more...] about U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania
U.S. Proposes $1 Million Fine on Colonial Pipeline for Safety Violations After Cyberattack
The U.S. Department of Transportation's Pipeline and Hazardous Materials Safety Administration (PHMSA) has proposed a penalty of nearly $1 million to Colonial Pipeline for violating federal safety regulations, worsening the impact of the ransomware attack last year. The $986,400 penalty is the result of an inspection conducted by the regulator of the pipeline operator's control … [Read more...] about U.S. Proposes $1 Million Fine on Colonial Pipeline for Safety Violations After Cyberattack
Russian Wiper Malware Likely Behind Recent Cyberattack on Viasat KA-SAT Modems
The cyberattack aimed at Viasat that temporarily knocked KA-SAT modems offline on February 24, 2022, the same day Russian military forces invaded Ukraine, is believed to have been the consequence of wiper malware, according to the latest research from SentinelOne. The findings come as the U.S. telecom company disclosed that it was the target of a multifaceted and deliberate" … [Read more...] about Russian Wiper Malware Likely Behind Recent Cyberattack on Viasat KA-SAT Modems
1.6 Million WordPress Sites Under Cyberattack From Over 16,000 IP Addresses
As many as 1.6 million WordPress sites have been targeted by an active large-scale attack campaign originating from 16,000 IP addresses by exploiting weaknesses in four plugins and 15 Epsilon Framework themes. WordPress security company Wordfence, which disclosed details of the attacks, said Thursday it had detected and blocked more than 13.7 million attacks aimed at the … [Read more...] about 1.6 Million WordPress Sites Under Cyberattack From Over 16,000 IP Addresses
How To Update Your Security Infrastructure and Recover from a Cyberattack
Manufacturing company Megablok was experiencing frequent network outages that were halting business productivity and forcing employees to work from home. Like most, it blamed its current network and decided to recheck all network cables and expand its broadband to help resolve the issue. Frustratingly, the outages continued to happen. The company learned shortly after that the … [Read more...] about How To Update Your Security Infrastructure and Recover from a Cyberattack
Atlassian Confluence RCE Flaw Abused in Multiple Cyberattack Campaigns
Opportunistic threat actors have been found actively exploiting a recently disclosed critical security flaw in Atlassian Confluence deployments across Windows and Linux to deploy web shells that result in the execution of crypto miners on compromised systems. Tracked as CVE-2021-26084 (CVSS score: 9.8), the vulnerability concerns an OGNL (Object-Graph Navigation Language) … [Read more...] about Atlassian Confluence RCE Flaw Abused in Multiple Cyberattack Campaigns
Watch Out! Zyxel Firewalls and VPNs Under Active Cyberattack
Taiwanese networking equipment company Zyxel is warning customers of an ongoing attack targeting a "small subset" of its security products such as firewall and VPN servers. Attributing the attacks to a "sophisticated threat actor," the firm noted that the attacks single out appliances that have remote management or SSL VPN enabled, namely in the USG/ZyWALL, USG FLEX, ATP, and … [Read more...] about Watch Out! Zyxel Firewalls and VPNs Under Active Cyberattack
Chinese Hackers Believed to be Behind Second Cyberattack on Air India
Even as a massive data breach affecting Air India came to light the previous month, India's flag carrier airline appears to have suffered a separate cyber assault that lasted for a period of at least two months and 26 days, new research has revealed, which attributed the incident with moderate confidence to a Chinese nation-state threat actor called APT41. Group-IB dubbed the … [Read more...] about Chinese Hackers Believed to be Behind Second Cyberattack on Air India