October 18, 2023 at 12:15PM North Korea’s Kimsuky cyber threat group has been found to be using Remote Desktop Protocol (RDP) and other tools to remotely take over targeted systems. The group has also been leveraging open source software such as TightVNC and Chrome Remote Desktop. Kimsuky continues to use spear phishing as its initial … Read more
October 18, 2023 at 08:15AM Attackers in the cybersecurity landscape are constantly searching for vulnerabilities and exploit combinations within organizational environments. Security tools often fail to prioritize threats effectively and provide context on how issues can be leveraged by attackers. Real-life attack path scenarios reveal that 75% of critical assets can be compromised in their … Read more
October 18, 2023 at 07:00AM A critical vulnerability (CVE-2023-4966) in Citrix NetScaler ADC and Gateway has been exploited as a zero-day since August, according to Google’s Mandiant cybersecurity unit. The flaw allows attackers to leak sensitive information without authentication. Citrix released patches on October 10 and updated their advisory to warn customers of the observed … Read more
October 18, 2023 at 12:09AM D-Link, a Taiwanese networking equipment manufacturer, confirmed a data breach that exposed “low-sensitivity and semi-public information.” The breach originated from an old D-View 6 system and did not contain user IDs or financial information. D-Link denied claims of millions of records being compromised and stated that approximately 700 outdated records … Read more
October 17, 2023 at 02:55PM Networking equipment manufacturer D-Link confirmed a data breach in which customer and employee information, including the CEO’s details, were stolen and put up for sale. The attacker claims to have also taken source code for D-Link’s software. The company shut down affected servers, disabled user accounts, and clarified that only … Read more
October 17, 2023 at 10:04AM Threat actors are constantly finding new ways to trick end-users into giving up their credentials, leading to a rise in credential theft. Cybercriminals target credentials because people often reuse the same login information across multiple sites, giving hackers access to sensitive accounts. They use social engineering tactics like tailgating, spear … Read more
October 17, 2023 at 10:03AM A tabletop exercise is a discussion-based practice that simulates a cybersecurity incident response. It is important to take a social approach during the exercise and include various participants from different teams. It is also crucial to vary the threat types used in the exercise to ensure preparedness. The scenario should … Read more
October 17, 2023 at 09:30AM Anonybit, a provider of biometric authentication and data protection solutions, has raised $3 million in a seed extension round, bringing its total funding to $8 million. The funding was led by Jam Fintop, with additional investment from Connecticut Innovations. Anonybit’s technology uses distributed storage and processing of biometrics to securely … Read more
October 17, 2023 at 09:30AM Weintek’s cMT HMI product has been found to have critical vulnerabilities that could be exploited by attackers. The vulnerabilities allow anonymous users to bypass authentication and execute arbitrary commands. If all vulnerabilities are combined, an attacker could gain full control of the HMI system. Weintek has released patches for affected … Read more
October 17, 2023 at 07:12AM The National Security Agency has released a repository called Elitewolf on GitHub, which contains intrusion detection signatures and analytics for hunting malicious activity in industrial control systems and operational technology environments. The release is in response to increased cyber activity targeting critical infrastructure and aims to help organizations implement continuous … Read more