FBI Director Christopher Wray this week delivered what might be the starkest warning yet on the threat that China-backed hackers pose to US national and economic security. In remarks at a Vanderbilt University-hosted summit on modern conflict and emerging threats, Wray described Chinese hackers as outnumbering FBI personnel by at least 50 to 1 and…
“Software supply chain attacks are at the top of all CISOs’ minds,” says ReliaQuest CISO Jeff Music. Music attributes the popularity of software supply chain attacks to the fact that these attacks are relatively easy to conduct and have a significant payoff for the attacker. “This is especially the case if the vulnerable hardware or…
The holy month of Ramadan is a period where Middle East-based companies step up cybersecurity with extra vigilance and outsourced support amid shortened working hours and increased e-commerce activity. The ninth month of the Muslim calendar is observed around the world as followers take the time to reflect and practice fasting, and cybersecurity teams often…
Japan held cyber defense exercises with five Pacific island nations last month in an effort to shore up cybersecurity defenses in the region. The cybersecurity exercise event, held in Guam in mid-February, was a first for Japan. Japan’s Ministry of Internal Affairs and Communications led the event, which included government officials and network providers from…
Globally, cybersecurity threats continue to accelerate in pace and scale with rising malware and deepfake attacks. Over a third of organizations worldwide suffered a material cyber incident from malicious actors in the past year, while 73% were affected by ransomware attacks in 2023. With these cyberattacks come serious financial costs — global damages total an…
A dangerous vulnerability in Apple Shortcuts has surfaced, which could give attackers access to sensitive data across the device without the user being asked to grant permissions. Apple’s Shortcuts application, designed for macOS and iOS, is aimed at automating tasks. For businesses, it allows users to create macros for executing specific tasks on their devices,…
Global law-enforcement authorities including the FBI have disrupted the activities of the formidable LockBit ransomware gang, taking control of its platform and seizing data associated with its global ransomware-as-a-service (RaaS) operation. Information obtained by the operation — called Operation Cronos — includes source code, details of ransomware victims, stolen data, decryption keys, and the amount…
Advanced persistent threats (APTs) aligned with China, Iran, North Korea, and Russia are all using large language models (LLMs) to enhance their operations. New blog posts from OpenAI and Microsoft reveal that five major threat actors have been using OpenAI software for research, fraud, and other malicious purposes. After identifying them, OpenAI shuttered all their…
Researchers have discovered a new backdoor targeting macOS that appears to have ties to an infamous ransomware family that historically targets Windows systems. Researchers at Bitdefender say the so-called Trojan.MAC.RustDoor is likely linked to BlackCat/ALPHV. The newly discovered backdoor is written in Rust coding language and impersonates an update for Visual Studio code editor. Bitdefender…
Researchers have discovered a novel banking Trojan they dubbed “Coyote,” which is hunting for credentials for 61 different online banking applications. “Coyote,” detailed by Kaspersky in an analysis today, is notable both for its broad targeting of banking-sector apps (the majority, for now, in Brazil), and its sophisticated interweaving of different rudimentary and advanced components:…