February 8, 2024 at 08:11AM Telemetry data reveals the heightened risks of IoT and OT networks due to sophisticated attacks and a surge in vulnerabilities. Nozomi Networks’ analysis of 2023 data highlights a spike in threats, signaling a shift towards more sophisticated cyberattack methods. However, cyberattacks on IoT devices saw a 12% decrease. The increase … Read more
February 7, 2024 at 04:18PM Flare, a leading CTEM provider, has released a report analyzing the threat landscape and risks to NATO countries posed by initial access brokers (IABs) on Russian hacking forums. The report identified recent IAB activity in 21 out of 31 NATO countries, focusing on targeting critical infrastructure sectors and the US … Read more
February 7, 2024 at 01:23PM A reported story about 3 million electric toothbrushes being hacked to conduct DDoS attacks is likely a hypothetical scenario rather than an actual attack. The absence of evidence and lack of response from Fortinet, the alleged source, suggest the story is disputable. However, it serves as a reminder to secure … Read more
February 7, 2024 at 11:39AM Microsoft’s Threat Analysis Center (MTAC) warned that Iran may utilize advanced techniques in cyber operations leading up to the 2024 US Presidential elections, echoing its 2020 interference. The increase in pro-Iran groups engaging in cyberattacks and influence operations poses a complex and interconnected threat environment. Iran’s effective influence campaigns and … Read more
February 6, 2024 at 03:13PM The text advocates for a consolidated and interconnected approach to cybersecurity, specifically emphasizing the benefits of Trend Micro’s platform, Trend Vision One™ – Cloud Security. It highlights the platform’s capabilities, such as faster threat detection, risk assessment prioritization, centralized policy enforcement, and collaboration facilitation. It also provides questions to consider … Read more
February 6, 2024 at 07:36AM Rob Dyke, currently director of platform engineering at Enable, discusses the ethical aspects of hacking and the impact of corporate legal bullying on good faith researchers. He emphasizes the importance of understanding how things work to improve them, rather than for personal gain. Dyke challenges stereotypes of hackers and highlights … Read more
February 5, 2024 at 09:54PM Britain and France are hosting a conference in London with 35 nations and technology leaders to address the market for cyberattack tools and “hackers for hire.” The participants will discuss the threat to international security and human rights posed by these tools. An international agreement, the Pall Mall process, has … Read more
February 4, 2024 at 12:19PM Russian state-sponsored APT28 group has been actively conducting NTLM v2 hash relay attacks since April 2022, targeting various industries worldwide. Managed by Russia’s GRU military intelligence, the group employs multiple aliases and has a history of spear-phishing and using router vulnerabilities to carry out attacks. Their tactics continue to evolve … Read more
February 4, 2024 at 12:19PM CERT-UA has warned of over 2,000 computers in Ukraine infected with DirtyMoe malware, attributed to threat actor UAC-0027. The malware conducts cryptojacking and DDoS attacks, and is propagated through Purple Fox and fake software installers. Another campaign known as STEADY#URSA targets Ukrainian military personnel with a PowerShell backdoor. Gamaredon is … Read more
February 4, 2024 at 12:19PM A new cryptojacking campaign, Commando Cat, targets exposed Docker API endpoints with multiple payloads, including XMRig cryptocurrency miner. The sophisticated campaign utilizes Docker as an initial access vector, deploys benign containers, and runs various payloads. It also drops additional payloads from a command-and-control server, posing a multi-faceted threat. (Word count: … Read more