Avast anti-rootkit driver used to seize control of infected systems
A malicious campaign was recently observed that uses a legitimate, but outdated, Avast anti-rootkit driver and then manipulates it to terminate security processes, disable protective software, and seize control of an infected system. In a Nov. 20 blog post, Trellix researchers said instead of using a specially crafted driver to perform its malicious activities, the […]
Social engineering becomes lucrative business for North Korean hackers
Deployment of credential and cryptocurrency stealing malware has been conducted by Sapphire Sleet not only through the impersonation of venture capitalists luring targets to join an online meeting about a supposed investment but also via fraudulent LinkedIn accounts purporting to be recruiters for Goldman Sachs and other financial entities. Source link
Asia, Europe subjected to Russian cyberespionage campaign
TAG-110 leveraged vulnerable internet-exposed web apps and phishing emails to facilitate the delivery of the HATVIBE app loader that triggers that data exfiltrating CHERRYSPY backdoor. Source link
Ransomware and exploits surge: Urgent cyber threat insights and critical moves for 2025
Cybersecurity leaders face a high-stakes environment where the speed and sophistication of threats continue to rise, demanding more proactive and refined approaches. The latest data shows that, across sectors, threat actors are evolving their tactics, testing new avenues for attack and targeting industries with critical data assets. Organizations, in response, must stay informed and agile, […]
Neighboring Wi-Fi networks exploited in APT28 attack
Newly discovered nearest neighbor targeting, or the compromise of neighboring Wi-Fi networks, had been leveraged by Russian state-backed threat operation APT28 — also known as Fancy Bear, Sofacy, Forest Blizzard, and Gruesome Larch — to remotely infiltrate the enterprise Wi-Fi network of a U.S. organization working with Ukraine more than two years ago, reports BleepingComputer. After unsuccessfully exploiting […]
Five steps to better cyber risk assessments via autonomous pentesting
Traditional penetration testing (pentesting) has been a cornerstone of cybersecurity risk assessments for over a decade, providing organizations with valuable insights into vulnerabilities and systemic weaknesses. However, the increasing complexity of digital infrastructures and the sophistication of modern cyber threats have exposed significant limitations in these periodic, manual assessments. Traditional pentests are resource-intensive, costly, and […]
International Game Technology targeted by cyberattack
International Game Technology, a London-based multinational gambling and lottery company with more than 11,000 employees around the world, had some of its internal IT systems and apps disrupted following a cyberattack on Nov. 17. Source link
Data breach compromises Bojangles | SC Media
Threat actors who infiltrated Equinox’s systems on Apr. 29 were able to exfiltrate digital files containing individuals’ names, birthdates, addresses, Social Security numbers, passport numbers, driver’s license or other government identification numbers, health insurance information, financial account details, treatment and diagnosis data, and/or medication details. Source link
Hacktivists set sights on Andrew Tate’s online university
Online self-help platform The Real World, which is owned by social media personality Andrew Tate popular for pushing toxic masculinity, has been targeted by hacktivists, resulting in the exposure of information belonging to its users, according to Hackread. After infiltrating The Real World through the exploitation of a platform vulnerability, attackers proceeded to post pro-feminist and […]
Bipartisan Senate bill advances more robust healthcare cybersecurity
Increasing cybersecurity threats against the U.S. healthcare sector have prompted Senate Health, Education, Labor, and Pensions Committee members Bill Cassidy, R-La., John Cornyn, R-Texas, Maggie Hassan, D-N.H., and Mark Warner, D-Va., to introduce new legislation that would bolster not only the industry’s cybersecurity defenses but also healthcare data protections, reports CyberScoop. Aside from advancing better communications between the […]
© Copyright 2024 CNB Tel. All rights reserved