December 15, 2023 at 08:18AM Ledger, a crypto hardware wallet maker, faced a security breach after former employee fell victim to a phishing attack, leading to theft of $600,000 in virtual assets. Malicious code from the compromised npm account was used to propagate crypto drainer malware to other applications. Ledger has since removed the malicious … Read more
December 13, 2023 at 06:32PM APT29, the Russian cyber threat group responsible for the SolarWinds hack, is actively exploiting a critical security vulnerability in JetBrains TeamCity. This presents a global threat, potentially enabling access to valuable data and the possibility of sabotaging software compilations and deployments. Patching alone won’t mitigate the danger, making active threat … Read more
November 30, 2023 at 05:18PM OFAC sanctioned the Kimsuky hacking group and eight North Korean agents for espionage and aiding DPRK’s WMD programs, responding to DPRK’s satellite launch. Kimsuky has expanded from South Korea to global targets, engaging in cyberattacks to support DPRK’s nuclear ambitions. Previous sanctions targeted DPRK groups for cyber theft funding the … Read more
November 21, 2023 at 04:32PM A proof-of-concept exploit (PoC) has been released for a critical zero-day vulnerability in Windows SmartScreen. The vulnerability, identified as CVE-2023-36025, allows attackers to bypass Windows Defender SmartScreen checks without triggering alerts. The exploit involves tricking users into clicking on a malicious internet shortcut or link. The vulnerability affects various Windows … Read more
November 17, 2023 at 08:40AM A report from Fastly reveals that organizations see generative AI as a significant cybersecurity threat. Data breaches, identity-based threats, and generative AI are viewed as the top cybersecurity threats in the next year. Although generative AI is seen as both positive and negative, concerns exist about new attack opportunities and … Read more
November 15, 2023 at 05:39AM Australia’s signals intelligence agency has warned that the country faces an ongoing threat from state-sponsored hackers, particularly from Russia and China. The agency highlighted the danger of cyberattacks on critical infrastructure, such as water supplies and electricity grids. The recently formed AUKUS defense pact with the UK and US could … Read more
November 14, 2023 at 01:45PM Britain’s cybersecurity agency has stated that artificial intelligence is a threat to the country’s next national election. The agency also highlighted the growing number of cyberattacks by hostile countries and their proxies, making it harder to track these attacks. The report emphasized the emergence of state-aligned actors as a new … Read more
November 10, 2023 at 03:42PM Microsoft has issued a warning about BlueNoroff, a North Korean hacking group, setting up new attack infrastructure on LinkedIn for upcoming social engineering campaigns. The financially motivated group, also known as Sapphire Sleet, has a history of targeting cryptocurrency companies and employees. They gain access to systems by deploying malware … Read more
November 2, 2023 at 11:04AM Microsoft has announced the ‘Secure Future Initiative’ to improve the security of its products and protect customers from cybersecurity threats. The initiative will focus on AI-based cyber defenses, software engineering advancements, and advocating for stronger international norms. Microsoft plans to prioritize secure defaults, implement a unified identity system, and enhance … Read more
November 1, 2023 at 11:41PM Boeing has confirmed a cyber incident in its parts and distribution business, following reports of a ransomware attack by LockBit. The company stated that flight safety was not affected, and it is working with authorities to investigate the incident. Boeing’s parts and distribution website is currently down. LockBit claimed responsibility … Read more