China Accuses U.S. of Fabricating Volt Typhoon to Hide Its Own Hacking Campaigns

October 15, 2024 at 04:54AM China’s CVERC claims the Volt Typhoon cyber threat is a U.S. fabrication, alleging U.S. cyber espionage against multiple countries. They assert there’s strong evidence of U.S. false flag operations and misuse of technology to mislead investigations. The report calls for international collaboration on cybersecurity and counter-threat technology. **Meeting Takeaways:** 1. … Read more

Fortifying the Weakest Link: How to Safeguard Against Supply Chain Cyberattacks

September 26, 2024 at 07:55AM Cybercriminals are exploiting vulnerabilities in widely-used IT and security tools, leading to major security incidents. Recent examples include attacks on Ivanti enterprise VPNs, TeamCity, and Fortra GoAnywhere MFT. These incidents underscore the importance of safeguarding against supply chain cyberattacks. Strategies to mitigate these risks include advanced supplier risk management, securing … Read more

WordPress Mandates Two-Factor Authentication for Plugin and Theme Developers

September 12, 2024 at 01:12AM WordPress.org is set to make two-factor authentication mandatory for accounts with the ability to update plugins and themes, aiming to enhance security and prevent unauthorized access. In addition to 2FA, the platform is introducing SVN passwords to further secure code commit access. These measures are a response to ongoing security … Read more

New PIXHELL Attack Exploits Screen Noise to Exfiltrates Data from Air-Gapped Computers

September 10, 2024 at 07:39AM PIXHELL, a new side-channel attack, targets air-gapped computers by exploiting the “audio gap” to exfiltrate sensitive data using the noise generated by the screen pixels. The attack doesn’t require specialized audio hardware and could bypass air-gapping security measures. Countermeasures include acoustic jammers and monitoring for unusual signals. From the meeting … Read more

FBI: North Korea Aggressively Hacking Cryptocurrency Firms

September 4, 2024 at 09:48AM The FBI warns that North Korean hackers are aggressively targeting the cryptocurrency industry using sophisticated social engineering techniques. They aim to deploy malware and steal virtual assets. The attackers conduct extensive research on potential victims and engage in prolonged conversations to establish trust before delivering malware. Organizations and individuals in … Read more

Improved Software Supply Chain Resilience Equals Increased Security

September 3, 2024 at 10:07AM Summary: Software supply chain attacks pose significant challenges to the DevSecOps community, emphasizing the need for improved resilience. Key components include visibility, governance, and continuous deployment. Organizations should focus on understanding their environments in real-time, implementing good governance, and continuously testing and monitoring for vulnerabilities to strengthen their security posture. … Read more

Startup Spotlight: RAD Security Brings Behavioral Profiling to Cloud

August 6, 2024 at 08:48PM RAD Security aims to address cloud-native platform challenges by citing statistics and offering a behavioral cloud detection and response solution. The company’s “behavioral workload fingerprinting” approach detects anomalous activity and drift events, and it is being positioned as the standard for cloud security detection and response. As a Black Hat … Read more

Is GhostEmperor Back? Sygnia Finds Clues in Recent Cyber Incident

July 24, 2024 at 12:06PM The GhostEmperor threat group, initially identified by Kaspersky in 2021, saw a potential resurgence in a 2023 compromise investigated by Sygnia. They associated the new compromise with similarities in infection chains and the use of the Demodex rootkit. However, uncertainty remains whether this represents the return of GhostEmperor or a … Read more

Poyfill.io claims reveal new cracks in supply chain, but how deep do they go?

July 1, 2024 at 06:42AM Code libraries are essential for adding standardized functionality to a project, but they can also be vulnerable to supply chain attacks. Polyfill.io, a JavaScript enhancement service, was accused of distributing malware, raising concerns about the security of third-party libraries and the potential impact on user security. The incident highlights the … Read more

Vietnamese Members of FIN9 Hacking Group Charged in US

June 24, 2024 at 09:57AM The US Department of Justice has filed charges against four Vietnamese individuals for cyberattacks that resulted in over $71 million in damages to US companies. The defendants, believed to be part of the cybercrime group FIN9, utilized phishing and other methods to compromise victim networks and steal private information and … Read more