Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw

April 27, 2024 at 08:54AM Cybersecurity researchers have detected a targeted cyber attack on Ukraine utilizing a seven-year-old vulnerability in Microsoft Office to deliver Cobalt Strike. The attack involves exploiting a PowerPoint file to execute remote code, leading to the injection of a malicious payload. The attack’s exact purpose and the responsible threat actor remain … Read more

Philippines Pummeled by Assortment of Cyberattacks & Misinformation Tied to China

April 26, 2024 at 03:13PM Cyberattacks on the Philippines are on the rise, with targets including government and educational institutions. These attacks aim to spread misinformation and sow discontent, attributed to Chinese-backed hackers. Increased tensions between the Philippines and China have led to alliances with the US and Japan for cyber threat-sharing. Recommendations include enhancing … Read more

The Biggest 2024 Elections Threat: Kitchen-Sink Attack Chains

April 25, 2024 at 05:11PM Cyber threats to elections are increasingly complex, with attackers combining tactics like DDoS attacks, fake news, and leaks. Mandiant’s report highlights how these combined attacks can magnify each other’s impact. Chained cyberattacks have disrupted elections in Ukraine and targeted US states’ voting-related websites. Not only state-sponsored actors, but also insiders, … Read more

Predictive Security Startup BforeAI Raises $15 Million

April 25, 2024 at 11:58AM French startup BforeAI secured $15 million in Series A funding, totaling over $19 million. SYN Ventures led the investment round, with involvement from Addendum Capital, Karista, Karma Ventures, and the Partnership Fund for New York City. The company, utilizing AI and ML, offers predictive attack intelligence and automated digital risk … Read more

Russia, Iran pose most aggressive threat to 2024 elections, say infoseccers

April 25, 2024 at 09:40AM Experts emphasize the threat of state-sponsored cybercriminals meddling in the upcoming US presidential election and the UK’s next general election. Mandiant’s report highlights the likely tactics, such as DDoS attacks, data theft, disinformation, and deepfakes, and identifies Russia, China, Iran, and North Korea as the primary adversaries. These nations have … Read more

ArcaneDoor hackers exploit Cisco zero-days to breach govt networks

April 24, 2024 at 01:10PM Cisco warns of state-backed hacking involving zero-day vulnerabilities in ASA and FTD firewalls used to infiltrate government networks globally. The cyber-espionage campaign, known as ArcaneDoor, targeted vulnerable edge devices since November 2023. Cisco discovered and fixed two zero-days – CVE-2024-20353 and CVE-2024-20359 – and urges customers to upgrade their devices … Read more

North Korea APT Triumvirate Spied on South Korean Defense Industry For Years

April 24, 2024 at 12:35PM North Korea’s APTs have been spying on South Korean defense contractors for at least a year and a half. Andariel, Kimsuky, and the broader Lazarus Group were involved in espionage campaigns, with details released by South Korean police. The announcement came after North Korea conducted its first-ever nuclear counterattack drill. … Read more

CoralRaider attacks use CDN cache to push info-stealer malware

April 23, 2024 at 05:34PM A financially motivated threat actor, known as CoralRaider, is conducting an ongoing malware campaign targeting systems in the U.S., U.K., Germany, and Japan. The group uses a content delivery network cache to distribute malware, including info stealers LummaC2, Rhadamanthys, and Cryptbot. The attacks start with malicious Windows shortcut files delivered … Read more

The Battle Continues: Mandiant Report Shows Improved Detection But Persistent Adversarial Success

April 23, 2024 at 10:13AM Mandiant’s M-Trends 2024 report indicates improved defenses, but attackers still hold the advantage, despite enhanced detection capabilities. This is highlighted in SecurityWeek’s article “The Battle Continues: Mandiant Report Shows Improved Detection But Persistent Adversarial Success.” Based on the meeting notes, the key takeaway is that Mandiant’s M-Trends 2024 report indicates … Read more

UnitedHealth admits breach could ‘cover substantial proportion of people in America’

April 23, 2024 at 08:38AM UnitedHealth Group, the parent company of Change Healthcare, reported finding protected health information and personally identifiable information following a ransomware attack in February. The attack impacted hospitals and pharmacies using UnitedHealth’s services. It could take several months to complete the analysis of the data and identify affected individuals. The attack … Read more