That didn’t take long: replacement for SORBS spam blacklist arises … sort of

June 16, 2024 at 10:04PM The SORBS spam blocklist service has gone offline, prompting Data443 to offer a free alternative using its Cyren platform. However, Data443’s service is not a continuation of SORBS itself and does not involve the acquisition of its codebase. In other news, critical vulnerabilities have been identified in various tech devices, … Read more

Why Regulated Industries are Turning to Military-Grade Cyber Defenses

June 14, 2024 at 07:42AM Amid escalating cyber threats, regulated industries are increasingly turning to military-grade cyber defenses to protect sensitive data and assets. Collaboration with government agencies and cybersecurity experts, adoption of military strategies, and implementing robust internal security measures help organizations enhance their resilience against cyber threats, uphold regulatory compliance, and mitigate risks. … Read more

Know Your Adversary: Why Tuning Intelligence-Gathering to Your Sector Pays Dividends

June 14, 2024 at 03:00AM Critical national infrastructure (CNI) is a prime target for sophisticated threat actors due to its vital role in supporting various industries. Recent reports highlight concerns over vulnerabilities, with fears of espionage from Chinese repair ships and state-sponsored cyber-attacks on CNI networks. Protecting CNI is crucial for national security, economic stability, … Read more

AI Chatbot Fools Scammers & Scores Money-Laundering Intel

June 13, 2024 at 02:41PM Conversational AI has been used to engage with scammers, providing insight into cybercriminal operations and extracting information about their fraud methods and infrastructure. Netcraft’s ChatGPT-based chatbot was successful in collecting bank account details from fraudsters, demonstrating the potential of AI in countering cybercrime and creating a more proactive cyber defense. … Read more

Arid Viper Launches Mobile Espionage Campaign with AridSpy Malware

June 13, 2024 at 10:25AM The threat actor Arid Viper is behind a mobile espionage campaign using trojanized Android apps to distribute spyware called AridSpy. The campaign targets users in Palestine and Egypt through fake messaging and job opportunity apps. AridSpy is capable of downloading additional payloads and harvesting data from infected devices. From the … Read more

Pakistan-linked Malware Campaign Evolves to Target Windows, Android, and macOS

June 13, 2024 at 06:48AM Threat actors with ties to Pakistan are behind a long-running malware campaign named Operation Celestial Force, utilizing Android and Windows-based malware administered through a tool called GravityAdmin. The cybersecurity community attributes the intrusion to an adversary known as Cosmic Leopard, with indications that it targets users in the Indian subcontinent. … Read more

In Other News: TikTok Zero-Day, DMM Bitcoin Hack, Free VPN App Analysis

June 7, 2024 at 11:33AM SecurityWeek provides a weekly summary of cybersecurity developments, including the delay of SEC cyber disclosures, the exploitation of a TikTok zero-day vulnerability, a data breach impacting Shell through a third party, and the launch of an AI threat intelligence tool by OmniIndex. Other stories cover cyberattacks, leaked databases, mobile browser … Read more

Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks

June 6, 2024 at 10:24AM The Muhstik botnet, known for targeting IoT devices and Linux servers, has exploited a security flaw in Apache RocketMQ to expand its scale. It leverages vulnerabilities to execute remote code, persist on hosts, and evade detection, aiming to launch DDoS attacks and engage in cryptomining activities. Organizations are urged to … Read more

Exploitation of Recent Check Point VPN Zero-Day Soars

June 6, 2024 at 09:40AM Zero-day vulnerability in Check Point VPN products, CVE-2024-24919, is being exploited at an alarming rate since disclosure. GreyNoise reports exploitation allows access to sensitive data, lateral movement, and domain privileges. Over 10,000 exploitation attempts logged, with 781 unique IP addresses. Users are advised to apply available mitigations immediately. Key takeaways … Read more

Chinese State-Backed Cyber Espionage Targets Southeast Asian Government

June 5, 2024 at 07:54AM A high-profile government organization in Southeast Asia became the target of a lengthy Chinese state-sponsored cyber espionage campaign named Crimson Palace. The operation aimed to maintain network access for espionage, focusing on accessing critical systems, gathering sensitive information, and deploying various malware. The attackers utilized an array of tools and … Read more