January 26, 2024 at 04:04PM The threat actor remained undetected for over five years due to a sophisticated backdoor delivered through invisible adversary-in-the-middle attacks. It sounds like the meeting covered the discovery of a threat actor who went undetected for more than five years due to a sophisticated backdoor delivered through invisible adversary-in-the-middle attacks. This … Read more
January 25, 2024 at 11:38AM Cybersecurity researchers have uncovered details about the SystemBC malware, noting its availability on underground markets and its capability to control compromised hosts, deliver various payloads, and use SOCKS5 proxies to mask network traffic. There is also insight into an updated version of the DarkGate remote access trojan, showcasing weaknesses in … Read more
January 24, 2024 at 10:13AM The nation is experiencing unprecedented challenges, particularly in cybersecurity. Nation-state-backed hackers pose more sophisticated and indiscriminate threats than ever before, requiring collaboration between public and private sectors. The shortage of cybersecurity professionals further exacerbates the issue, making veterans with their adaptable, problem-solving, and technical skills, coupled with security clearances, valuable … Read more
January 23, 2024 at 10:49AM Retailers in the Middle East and Africa are increasingly targeted by web-skimming attacks, with a recent discovery of such an attack on the Khaadi clothing retail site. Despite the region accounting for a small portion of consumer victims, the threat persists. As web-skimming attacks become more sophisticated, enhanced security measures … Read more
January 23, 2024 at 10:46AM Fortra warns of a critical authentication bypass vulnerability in GoAnywhere MFT, affecting versions prior to 7.4.1. Exploitation allows unauthorized creation of admin accounts and could lead to data breaches and malware introduction. The flaw was fixed in version 7.4.1, and users are advised to update immediately. Notably, past incidents suggest … Read more
January 23, 2024 at 06:57AM Southern Water suffered a cyberattack leading to data theft, including personal information of customers and employees. The Black Basta ransomware group claimed responsibility, threatening to expose more data if a ransom isn’t paid. The UK government, regulators, and the Information Commissioner’s Office have been informed. The water industry faces increasing … Read more
January 23, 2024 at 06:54AM Subway is investigating a claim by the LockBit ransomware group that it hacked into the company’s systems and stole extensive amounts of data, including financial information and employee salaries. The hackers have given Subway until February 2 to pay a ransom. LockBit has been a prolific ransomware group, targeting numerous … Read more
January 22, 2024 at 09:08AM Generative AI (GenAI) gained attention in 2023, with 2024 seeing a move towards practical applications. It holds promise for human augmentation, productivity, and creativity, but raises cybersecurity concerns. A survey by Omdia highlights the symbiotic relationship between GenAI and cybersecurity, showing growing interest and evolving cybersecurity strategies. Vendors face the … Read more
January 20, 2024 at 10:16AM The 3AM ransomware operation is found to have connections with infamous groups like the Conti syndicate and the Royal ransomware gang. They are using new tactics such as sharing data leaks with victims’ social media followers and using bots to reply to high-ranking accounts on X. 3AM also tested a … Read more