December 3, 2024 at 04:52AM North Korea-aligned Kimsuky is linked to phishing attacks using Russian sender addresses to steal credentials. These attacks, primarily targeting South Korean users, exploit email services and impersonate institutions like Naver. Kimsuky utilizes compromised servers and tools for spoofing to evade security, aiming for account hijacking and further attacks. ### Meeting … Read more
December 3, 2024 at 04:49AM Trend Micro Research reports that Gafgyt malware is now targeting misconfigured Docker Remote API servers, a shift from its traditional focus on IoT devices. This allows attackers to deploy DDoS attacks. Recommendations include strengthening access controls, monitoring activities, and ensuring adherence to container security best practices. ### Meeting Takeaways on … Read more
December 3, 2024 at 02:34AM A Russian court sentenced Hydra’s leader, Stanislav Moiseev, to life for running an online drug marketplace, alongside 15 co-conspirators receiving 8 to 23 years. The gang was charged with drug production and sales, with their operations disrupted in 2022 following an international police raid. Appeals are expected. Here are the … Read more
December 3, 2024 at 12:51AM A new malware campaign named Horns&Hooves targets users and businesses in Russia, infecting over 1,000 victims since March 2023. It delivers NetSupport RAT and BurnsRAT, utilizing deceptive email attachments to install additional malware. The threat is linked to group TA569, known for facilitating ransomware attacks and data theft. ### Meeting … Read more
December 2, 2024 at 11:09PM Taiwanese manufacturing, healthcare, and IT sectors are targeted by a campaign using SmokeLoader malware, which has advanced evasion techniques and modular capabilities. It primarily serves as a downloader but can execute attacks independently. The campaign starts with a phishing email exploiting old vulnerabilities to deploy SmokeLoader via Ande Loader. **Meeting … Read more
December 2, 2024 at 10:04PM A massive data breach linked to the MOVEit file transfer tool has exposed personal data of hundreds of thousands of employees from major corporations, including Xerox and Bank of America. The hacker “Nam3L3ss” leaked employee details such as names, contact information, and job titles, raising concerns over potential social engineering … Read more
December 2, 2024 at 08:58PM Trend Micro emphasizes the positive impact of AI, especially in cybersecurity and global cooperation. It highlights news from the Paris Peace Forum on responsible AI governance and upcoming partnerships to enhance secure AI implementation. The potential of agentic AI in healthcare is acknowledged, alongside ongoing developments from major AI companies … Read more
December 2, 2024 at 08:36PM Amazon Web Services (AWS) has launched a new incident response service, combining automation and human intervention, with a starting price of $7,000 per month. The service offers 24/7 support, threat analysis, and centralized tools for managing security incidents, available in 12 global regions. Pricing increases with AWS spending tiers. ### … Read more
December 2, 2024 at 05:41PM Mozilla is testing a new setup screen for Firefox that encourages users to set it as their default browser during installation. This approach, which includes default options for pinning to the taskbar and data import, aims to enhance user onboarding and increase adoption amid competition from Google and Microsoft. ### … Read more
December 2, 2024 at 05:41PM A new phishing campaign exploits Microsoft Word’s file recovery feature with corrupted document attachments, evading security measures. These emails, disguised as payroll communications, prompt users to scan a QR code leading to a credential-stealing site. Most antivirus solutions fail to detect these attachments, enhancing their effectiveness. ### Meeting Takeaways 1. … Read more