November 27, 2024 at 12:07PM ESET has identified a prototype UEFI bootkit, named Bootkitty, targeting specific Ubuntu Linux configurations, marking a shift from Windows-exclusive attacks. While still in development, Bootkitty aims to disable kernel signature verification, allowing unsigned modules to load. A related module, BCDropper, exhibits rootkit-like behavior. **Meeting Takeaways:** 1. **Discovery of UEFI Bootkit:** … Read more
November 26, 2024 at 06:28AM The Russian-based RomCom cybercrime group exploited two zero-day vulnerabilities targeting Firefox and Tor Browser users, allowing remote code execution without user interaction. Their attacks, focusing on organizations in Ukraine, Europe, and North America, utilized a malicious website to deploy the RomCom backdoor, indicating sophisticated capabilities and targeted espionage motives. ### … Read more
November 22, 2024 at 12:17PM A China-linked group, TAG-112, compromised Tibetan media and university websites, delivering the Cobalt Strike toolkit via malicious JavaScript. Visitors were tricked into downloading disguised malware, highlighting ongoing cyber-espionage targeting Tibet. Although linked to a more advanced group (TAG-102), TAG-112 exhibits less sophistication in its attacks. ### Meeting Takeaways – Nov … Read more
September 16, 2024 at 10:39AM Germany’s CDU party is still grappling with restoring member data months after a cyberattack. The hacking has caused concerns about the party’s ability to select representatives for the upcoming federal election. Although the details have not been fully disclosed, the attack has raised concerns about cybersecurity and potential international involvement. … Read more
September 8, 2024 at 01:10AM A new variant of sextortion email scams is targeting spouses, claiming their partner is cheating, and including links to alleged proof. This scheme aims to exploit fear and uncertainty in relationships. It’s important for individuals to be cautious and verify the authenticity of such claims before taking action. Based on … Read more
July 30, 2024 at 03:08PM Trend Micro’s research reveals the rapid evolution of AI-powered hacking services, posing increased threats to cybersecurity. The availability and sophistication of deepfake technology in the cybercrime underground are growing, providing opportunities for mass exploitation. Additionally, defunct criminal services are re-emerging with new functionalities, emphasizing the need for proactive cybersecurity measures. … Read more
July 9, 2024 at 02:56AM Cybersecurity agencies from multiple countries issued a joint advisory about APT40, a China-linked cyber espionage group known for quickly exploiting security flaws and targeting organizations worldwide. Operating since 2013, APT40 has been affiliated with China’s Ministry of State Security and has conducted various cyber attacks to steal sensitive information. It’s … Read more
July 6, 2024 at 06:46PM Russian disinformation campaigns targeting France, directed from within Russia, have intensified leading up to France’s legislative elections and the Paris Olympics. Russian efforts have included fake recruitment drives, vandalism, and online disinformation. The campaigns aim to undermine French institutions, sow social discord, and erode faith in democratic governments, particularly boosting … Read more
July 5, 2024 at 07:52AM This week’s cybersecurity news roundup includes an Australian man charged for creating ‘evil twin’ Wi-Fi networks, dozens of vulnerabilities found in Sharp and Toshiba printers, a data breach at the Egyptian Health Department, and hacking of smart grills. Also covered are a Pakistan-linked Android spyware targeting gamers and weapons enthusiasts, … Read more
June 5, 2024 at 03:09AM TikTok acknowledged a zero-click account takeover campaign by threat actors, impacting high-profile accounts on the platform. The company has taken preventive measures and is working with affected users. Previous security issues were also highlighted, including a flaw enabling data extraction and a one-click exploit. Concerns about TikTok’s Chinese roots further … Read more