Cyber Security

Feb 19, 2023Ravie LakshmananNetwork Security / Firewall Fortinet has released security updates to address 40 vulnerabilities in its software lineup, including FortiWeb, FortiOS, FortiNAS, and FortiProxy, among others. Two of the 40 flaws are rated Critical, 15 are rated High, 22 are rated Medium, and one is rated Low in severity. Top of the list

Feb 17, 2023Ravie LakshmananCyber Threat / Surveillanceware Entities in Armenia have come under a cyber attack using an updated version of a backdoor called OxtaRAT that allows remote access and desktop surveillance. “The tool capabilities include searching for and exfiltrating files from the infected machine, recording the video from the web camera and desktop, remotely

Feb 18, 2023Ravie LakshmananServer Security / Malware Web hosting services provider GoDaddy on Friday disclosed a multi-year security breach that enabled unknown threat actors to install malware and siphon source code related to some of its services. The company attributed the campaign to a “sophisticated and organized group targeting hosting services.” GoDaddy said in December

Feb 18, 2023Ravie LakshmananAuthentication / Online Security Twitter has announced that it’s limiting the use of SMS-based two-factor authentication (2FA) to its Blue subscribers. “While historically a popular form of 2FA, unfortunately we have seen phone-number based 2FA be used – and abused – by bad actors,” the company said. “We will no longer allow

Hey 👋 there, cyber friends! Welcome to this week’s cybersecurity newsletter, where we aim to keep you informed and empowered in the ever-changing world of cyber threats. In today’s edition, we will cover some interesting developments in the cybersecurity landscape and share some insightful analysis of each to help you protect yourself against potential attacks.

Feb 17, 2023Ravie LakshmananMobile Security / Cyber Threat Suspected North Korean nation-state actors targeted a journalist in South Korea with a malware-laced Android app as part of a social engineering campaign. The findings come from South Korea-based non-profit Interlab, which coined the new malware RambleOn. The malicious functionalities include the “ability to read and leak

Feb 17, 2023Ravie LakshmananIoT Security / Cyber Attack A new variant of the notorious Mirai botnet has been found leveraging several security vulnerabilities to propagate itself to Linux and IoT devices. Observed during the second half of 2022, the new version has been dubbed V3G4 by Palo Alto Networks Unit 42, which identified three different

Feb 16, 2023Ravie LakshmananAdvanced Persistent Threat The prolific SideWinder group has been attributed as the nation-state actor behind attempted attacks against 61 entities in Afghanistan, Bhutan, Myanmar, Nepal, and Sri Lanka between June and November 2021. Targets included government, military, law enforcement, banks, and other organizations, according to an exhaustive report published by Group-IB, which

Feb 16, 2023Ravie LakshmananSupply Chain / Software Security A popular npm package with more than 3.5 million weekly downloads has been found vulnerable to an account takeover attack. “The package can be taken over by recovering an expired domain name for one of its maintainers and resetting the password,” software supply chain security company Illustria

Feb 15, 2023Ravie LakshmananCryptocurrency / Ransomware A new financially motivated campaign that commenced in December 2022 has seen the unidentified threat actor behind it deploying a novel ransomware strain dubbed MortalKombat and a clipper malware known as Laplas. Cisco Talos said it “observed the actor scanning the internet for victim machines with an exposed remote

Feb 15, 2023The Hacker NewsCybersecurity Webinar Bad actors love to deliver threats in files. Persistent and persuasive messages convince unsuspecting victims to accept and open files from unknown sources, executing the first step in a cyber attack. This continues to happen whether the file is an EXE or a Microsoft Excel document. Far too often,

Feb 15, 2023Ravie LakshmananThreat Intelligence / Malware The North Korea-linked threat actor tracked as APT37 has been linked to a piece of new malware dubbed M2RAT in attacks targeting its southern counterpart, suggesting continued evolution of the group’s features and tactics. APT37, also tracked under the monikers Reaper, RedEyes, Ricochet Chollima, and ScarCruft, is linked

Feb 15, 2023The Hacker NewsSecOps / DevOps In an ideal world, security and development teams would be working together in perfect harmony. But we live in a world of competing priorities, where DevOps and security departments often butt heads with each other. Agility and security are often at odds with each other— if a new

Feb 14, 2023Ravie LakshmananCryptocurrency / Software Security Malicious actors have published more than 451 unique Python packages on the official Python Package Index (PyPI) repository in an attempt to infect developer systems with clipper malware. Software supply chain security company Phylum, which spotted the libraries, said the ongoing activity is a follow-up to a campaign

Feb 14, 2023Ravie LakshmananAd Fraud / Online Security The threat actors behind the black hat redirect malware campaign have scaled up their campaign to use more than 70 bogus domains mimicking URL shorteners and infected over 10,800 websites. “The main objective is still ad fraud by artificially increasing traffic to pages which contain the AdSense

One thing is clear. The “business value” of data continues to grow, making it an organization’s primary piece of intellectual property. From a cyber risk perspective, attacks on data are the most prominent threat to organizations. Regulators, cyber insurance firms, and auditors are paying much closer attention to the integrity, resilience, and recoverability of organization

There have been a number of reports of attacks on industrial control systems (ICS) in the past few years. Looking a bit closer, most of the attacks seem to have spilt over from traditional IT. That’s to be expected, as production systems are commonly connected to ordinary corporate networks at this point. Though our data

Feb 13, 2023Ravie LakshmananGame Hacking / Cyber Threat An unknown threat actor created malicious game modes for the Dota 2 multiplayer online battle arena (MOBA) video game that could have been exploited to establish backdoor access to players’ systems. The modes exploited a high-severity flaw in the V8 JavaScript engine tracked as CVE-2021-38003 (CVSS score: