March 6, 2024 at 12:35PM FINTRAC, a Canadian financial intelligence agency, experienced a cyber incident, leading to the precautionary shutdown of corporate systems. The agency confirmed that its sensitive information and operational capabilities are secure. It is collaborating with federal partners to restore operations and prevent future incidents. This incident follows other high-profile cybersecurity challenges … Read more
March 6, 2024 at 11:27AM Cado Security warns of a cryptojacking campaign targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances with unique Golang payloads. Attackers use reverse shells, rootkits, and various scripts to exploit vulnerabilities. The extensive attack demonstrates the variety of techniques used to exploit cloud and Linux services, as well as keeping … Read more
March 6, 2024 at 11:27AM Claroty, a cyber-physical systems security company, has raised $100 million in strategic growth funding, making its total investment $735 million. Participants in the latest funding round include Delta-v Capital, AB Private Credit Investors, Standard Investments, Toshiba Digital Solutions, Rockwell Automation, and Silicon Valley Bank. Claroty plans to use the funding … Read more
March 6, 2024 at 10:39AM Sygnia’s prompt intervention prevented a potentially devastating ransomware attack on a company’s network by disconnecting it from the internet. The attackers, BlackCat, had penetrated the system through a compromised vendor. While some data was exfiltrated, encryption was thwarted, and the victim’s decisive action and Sygnia’s expertise proved pivotal in mitigating … Read more
March 6, 2024 at 08:31AM SecurityWeek will host the AI Risk Summit on June 25-26, 2024, at the Ritz-Carlton in Half Moon Bay, CA. The summit brings together industry experts to discuss the risks of deploying AI tools, adversarial use of AI technology, compliance and regulations, and cybersecurity. Registration is open with a discounted rate … Read more
March 6, 2024 at 08:03AM Southern Company undertook a project to create a software bill of materials (SBOM) for its Mississippi substation, involving inventorying hardware, software, and firmware, and gathering supply-chain information from 17 vendors. The process included challenges such as limited vendor cooperation and outdated SBOMs upon receipt. The project highlighted the importance of … Read more
March 6, 2024 at 07:15AM Hackers are using new Golang-based malware to target misconfigured servers running Apache Hadoop YARN, Docker, Confluence, or Redis. The campaign exploits configuration weaknesses and an old vulnerability in Atlassian Confluence. Researchers at Cado Security identified the attack, which involves novel Golang payloads and common Linux attack techniques to install a … Read more
March 6, 2024 at 06:54AM The Alphv/BlackCat gang has announced the shutdown of its ransomware operation and the sale of its source code. This follows a dispute over a $22 million ransom payment from Change Healthcare, with an affiliate claiming the gang refused to share the fee, prompting suspicions of an exit scam. The incident … Read more
March 6, 2024 at 03:15AM The U.S. Treasury’s OFAC sanctioned individuals and entities linked to Intellexa Alliance for distributing spyware targeting government officials and journalists. The group, including companies like Cytrox, developed the Predator spyware, similar to NSO Group’s Pegasus, enabling unauthorized data access. The sanctions aim to address misuse of commercial spyware and protect … Read more
March 6, 2024 at 01:03AM Apple has released security updates to fix actively exploited vulnerabilities, CVE-2024-23225 and CVE-2024-23296, in its iOS and iPadOS, addressing them with improved validation. The flaws can be exploited by attackers to bypass kernel memory protections. This development adds to a total of three zero-days that Apple has addressed since the … Read more