Recent Security News

  • North Korean Hackers Exploiting Recent TeamCity Vulnerability

    October 19, 2023 at 07:06AM Multiple North Korean threat actors, including Diamond Sleet and Onyx Sleet, have been targeting vulnerable TeamCity servers using the CVE-2023-42793 vulnerability, which allows remote code execution and admin-level access. Microsoft warns that these threat actors have a history of conducting software supply chain attacks and poses a high risk to…

    Read More

  • Iran-Linked OilRig Targets Middle East Governments in 8-Month Cyber Campaign

    October 19, 2023 at 06:39AM Between February and September 2023, the Iran-linked threat actor, OilRig, conducted an eight-month cyber espionage campaign against an unnamed Middle East government. The attack involved the theft of files and passwords, as well as the deployment of a PowerShell backdoor called PowerExchange. Additional malware used included Tokel, Dirps, and Clipog.…

    Read More

  • Microsoft Warns of North Korean Attacks Exploiting TeamCity Flaw

    October 19, 2023 at 03:21AM North Korean threat actors are exploiting a security flaw in JetBrains TeamCity to breach vulnerable servers. The attacks are attributed to Diamond Sleet and Onyx Sleet, both part of the Lazarus Group. The attacks involve compromising TeamCity servers and deploying known implants or malicious DLLs. Microsoft observed the use of…

    Read More

  • Google TAG Detects State-Backed Threat Actors Exploiting WinRAR Flaw

    October 19, 2023 at 12:33AM State-backed threat actors from Russia and China are exploiting a security flaw in the WinRAR archiver tool for Windows. The vulnerability (CVE-2023-38831) allows attackers to execute code when a user tries to view a benign file in a ZIP archive. The attackers include FROZENBARENTS (Sandworm), FROZENLAKE (APT28), and ISLANDDREAMS (APT40).…

    Read More

  • The Trifecta of Consumer Data Privacy: Education, Advocacy & Accountability

    October 19, 2023 at 12:01AM In today’s digital world, personal privacy is frequently compromised due to the exchange of personal information. The public often feels powerless against data brokers and overwhelmed by information overload. A consumer survey revealed the need for better privacy tools and understanding. With data breaches becoming more common, a collaborative effort…

    Read More