Recent Security News
-
MATA malware framework exploits EDR in attacks on defense firms
October 18, 2023 at 12:28PM The MATA backdoor framework has been observed in attacks targeting oil and gas firms and the defense industry in Eastern Europe between August 2022 and May 2023. The attacks used spear-phishing emails to trick victims into downloading malicious executables that exploit a vulnerability in Internet Explorer. The updated MATA framework…
-
North Korea’s Kimsuky Doubles Down on Remote Desktop Control
October 18, 2023 at 12:15PM North Korea’s Kimsuky cyber threat group has been found to be using Remote Desktop Protocol (RDP) and other tools to remotely take over targeted systems. The group has also been leveraging open source software such as TightVNC and Chrome Remote Desktop. Kimsuky continues to use spear phishing as its initial…
-
Google links WinRAR exploitation to multiple state hacking groups
October 18, 2023 at 11:16AM State-backed hacking groups, including Sandworm, APT28, and APT40, are exploiting a vulnerability in WinRAR to execute arbitrary code on targeted systems. The bug, known as CVE-2023-38831, has been exploited since April 2023, enabling threat actors to deliver various malware payloads. Despite a patch being available, many users remain vulnerable. Google…
-
Single Sign On and the Cybercrime Ecosystem
October 18, 2023 at 11:16AM Cybercrime, specifically data extortion ransomware attacks, is increasing dramatically. Stealer logs, which are logs containing stolen credentials and session cookies, are being distributed through Telegram channels and pose a significant threat. Single sign-on (SSO) applications used by enterprises are being compromised, exposing sensitive information and making social engineering tactics easier.…
-
Lazarus Group Targeting Defense Experts with Fake Interviews via Trojanized VNC Apps
October 18, 2023 at 11:03AM The Lazarus Group, a North Korea-linked hacking organization, has been using trojanized versions of Virtual Network Computing (VNC) apps to target the defense industry and nuclear engineers. They trick job seekers on social media into opening malicious apps for fake job interviews. The malware operates discreetly to avoid detection and…