#DigitalSecurity

Chinese Hackers Target Tibetan Websites in Malware Attack, Cybersecurity Group Says

by

November 13, 2024 at 07:21AM A Chinese state-sponsored hacking group has compromised two Tibetan community websites to install malware on users’ computers, according to a cybersecurity group. The attack highlights ongoing cybersecurity threats targeting specific communities. ### Meeting Notes Takeaways: 1. **Incident Overview**: – A hacking group, suspected to be state-sponsored by China, has compromised … Read more

Mystery Hackers Target Texas Oilfield Supplier in Ransomware Attack

by

November 8, 2024 at 05:05PM Newpark Resources reported a ransomware attack, disrupting access to its information systems but allowing continued manufacturing operations. The company is investigating the breach and has activated its security response plan. Experts emphasize the need for industrial organizations to balance security with operational connectivity to prevent significant downtime impacts. ### Meeting … Read more

US Prison Sentences for Nigerian Cybercriminals Surge in Recent Months

by

November 8, 2024 at 07:27AM Recently, numerous Nigerian cybercriminals have been imprisoned in the United States, with several receiving lengthy sentences for their offenses. This uptick in prison sentences highlights the ongoing efforts to combat cybercrime originating from Nigeria. **Meeting Takeaways:** 1. A notable increase in the number of Nigerian cybercriminals sentenced to prison in … Read more

South Korea Fines Meta $15.67M for Illegally Sharing Sensitive User Data with Advertisers

by

November 6, 2024 at 02:36AM Meta has been fined $15.67 million by South Korea’s data privacy agency for illegally collecting sensitive data from about 980,000 Facebook users and sharing it with advertisers without consent. The watchdog cited failures in user consent and security measures, and will continue monitoring Meta’s compliance with regulations. ### Meeting Takeaways … Read more

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Oct 28 – Nov 03)

by

November 4, 2024 at 07:39AM This week in cybersecurity, numerous hacking incidents occurred, including North Korean collaborations on ransomware and exploits targeting browsers and cloud services. Highlights include vulnerabilities in PTZ cameras and OpenText software, a fraudulent scheme manipulating online shops, and security updates from various companies. Stay informed and proactive in safeguarding digital assets. … Read more

New Phishing Kit Xiū gǒu Targets Users Across Five Countries With 2,000 Fake Sites

by

November 1, 2024 at 12:57AM Cybersecurity researchers have revealed the Xiū gǒu phishing kit, used in campaigns targeting multiple countries since September 2024. Over 2,000 phishing sites have been identified, exploiting RCS messages for scams. Google is enhancing protections against such attacks, while Cisco Talos reports ongoing phishing efforts targeting businesses, including OpenAI impersonation scams. … Read more

When Cybersecurity Tools Backfire

by

October 30, 2024 at 10:05AM The text discusses the paradox of cybersecurity tools, which, while essential for protection, can cause major disruptions when mishandled. High-profile outages from CrowdStrike and Verizon highlight the need for careful management and testing of updates, resilience planning, and continuous vigilance to mitigate risks and minimize impact during failures. ### Meeting … Read more

Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services

by

October 28, 2024 at 01:45PM Evasive Panda, a China-linked cyber espionage group, launched a new toolset, CloudScout, targeting Taiwanese government and religious organizations. This .NET-based malware extracts data from cloud services by hijacking authenticated sessions using stolen cookies. ESET noted the malware’s modular design includes specific functions for accessing Google Drive, Gmail, and Outlook. ### … Read more

New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection

by

October 23, 2024 at 02:00PM New variants of Grandoreiro banking malware are evolving to evade anti-fraud measures, employing tactics like domain generation algorithms and mouse tracking. Despite some arrests, operators continue to develop new features and target users across 45 countries, primarily through phishing. The malware adapts continuously, posing a significant threat to banking security. … Read more

IBM Boosts Guardium Platform to Address Shadow AI, Quantum Cryptography

by

October 23, 2024 at 07:42AM IBM is enhancing its Guardium platform to address security challenges related to AI models and quantum safety. This upgrade aims to tackle issues associated with Shadow AI and improve quantum cryptography measures. **Meeting Takeaways:** 1. **Platform Update**: IBM is enhancing its Guardium platform. 2. **Focus Areas**: The upgrade aims to … Read more