Microsoft has disclosed details of a now-fixed security vulnerability dubbed Achilles (CVE-2022-42821, CVSS score: 5.5) in Apple macOS that could be exploited by threat actors to bypass the Gatekeeper security feature. The Apple Gatekeeper is designed to protect OS X users by performing a number of checks before allowing
Microsoft revised the severity rate for the CVE-2022-37958 flaw which was addressed with Patch Tuesday security updates for September 2022. Microsoft revised the severity rate for the CVE-2022-37958 vulnerability, the IT giant now rated it as “critical” because it discovered that threat actors can exploit the bug to achieve remote
The Russia-linked Gamaredon group attempted to unsuccessfully break into a large petroleum refining company within a NATO member state earlier this year amid the ongoing Russo-Ukrainian war. The attack, which took place on August 30, 2022, is just one of multiple attacks orchestrated by the advanced persistent threat (APT) that&
A compromised Ukrainian Ministry of Defense email account was found sending phishing emails and instant messages to users of the 'DELTA' situational awareness program to infect systems with information-stealing malware. The campaign was highlighted in a report today by CERT-UA (Computer Emergency Response Team of Ukraine), which warned
This year, various ransomware-as-a-service groups have developed versions of their ransomware in Rust, including Agenda. Agenda's Rust variant has targeted vital industries like its Go counterpart. In this blog, we will discuss how the Rust variant works. This year, ransomware-as-a-service (RaaS) groups like BlackCat, Hive, and RansomExx have
Ukrainian government entities were hacked in targeted attacks after their networks were first compromised via trojanized ISO files posing as legitimate Windows 10 installers. These malicious installers delivered malware capable of collecting data from compromised computers, deploying additional malicious tools, and exfiltrating stolen data to attacker-controlled servers. One of the
Researchers at Trustwave Holdings Inc.’s SpiderLabs detailed a new campaign that leverages Facebook infrastructure for phishing attacks and the theft of personally identifiable information. Users are advised to be extra careful when receiving false violation notifications and not to be fooled by the apparent legitimacy of the initial links.
Navigation system monitors have seen a recent uptick in interruptions since Ukraine began launching long-range drone attacks. EVERY DAY, BILLIONS of people use the GPS satellite system to find their way around the world—but GPS signals are vulnerable. Jamming and spoofing attacks can cripple GPS connections entirely or make
"Uber has suffered a new data breach after a threat actor leaked employee email addresses, corporate reports, and IT asset information stolen from a third-party vendor in a cybersecurity incident. Early Saturday morning, a threat actor named 'UberLeaks' began leaking data they claimed was stolen from Uber
Pro-Ukraine hacker group, Team OneFist reported on strategic cyber strike on construction site of a hydroelectric plant, Zagorskaya GAES-2 in Operation Gradient.
The US Department of Health and Human Services (HHS) is warning healthcare organizations of the threat posed by ongoing Royal ransomware attacks. Initially spotted in September 2022, the ransomware family is employed by a financially-motivated threat actor that also uses known tools for persistence, credential exfiltration, and lateral movement. “Royal
Az oroszbarát NoName057(16) hackercsoport december 8-i posztja szerint DDoS (Distributed Denial of Service ) támadást indított a védelmi minisztériumok ellen. Bár a posztban erre nem tértek ki, az érintett országok EU tagállamok. A támadásokat a szintén oroszbarát KillNet is támogatja, a kapcsolódó posztok a csoport Telegram csatornáján is megjelentek.
Az orosz-ukrán háborúhoz kapcsolódó hacker csoportok állapota a Cyberknow okt. 12-i frissítése szerint: * összesen 84 aktív csoport - az összlétszám a legutóbbi, szept. 7-i frissítéshez képest nem változott, az összetételben ugyanakkor történtek változások * 36 ukránbarát - ami eggyel több a szept. 7-i állapothoz képest * 42 oroszbarát - itt pedig eggyel
Hogy mire számíthatnak az informatikai vezetők 2023-ban a kiberfenyegetettségek területén? Választ legpontosabban inkább arra a kérdésre lehet adni, hogy mire biztosan nem. Ez pedig egy nyugodt, kiberfenyegetettség és -támadás mentes év. 2022 első felében 2,8 milliárd malware támadás és 236,1 millió ransomware támadás történt világszerte. 2022. év végéig
Microsoft and cybersecurity firm Volexity have traced a new version of AppleJeus malware to the hackers behind the Ronin exploit and numerous other online heists. Microsoft reports that a threat actor has been identified targeting cryptocurrency investment startups. A party Microsoft has dubbed DEV-0139 posed as a cryptocurrency investment company
The Russia-linked cyberespionage group known as Callisto (aka AG-53, COLDRIVER, SEABORGIUM) has been observed targeting multiple entities that provide war support for Ukraine, including private companies in the US and Europe. Active since at least 2017, the advanced persistent threat (APT) actor is also tracked as Blue Callisto, Coldriver, Seaborgium,
