featured

Malware & Threats

Issued by: DataBreach Today

A Chinese hacking group linked to state authorities in Beijing has upgraded its espionage capabilities to target companies with headquarters in the United States and East Asia, warned an alert from Japanese and American cyber agencies. The latest campaign from BlackTech has targeted networks of regional subsidiaries across government, industrial, technology and defense industrial base…

Malware & Threats

Issued by: Security Affairs

Securonix researchers recently uncovered a phishing campaign using a Pilot-in-Command (PIC) Drone manual document as a lure to deliver a toolkit dubbed Merlin. The campaign, codenamed STARK#VORTEX by Securonix, targets Ukrainian military entities and CERT-UA attributed it to a threat actor tracked as UAC-0154. The MerlinAgent is an open-source C2 toolkit written in Go, it…

Application Security

Issued by: Dark Reading

Application security posture management (ASPM) is a method of managing and improving the security of software applications. It encompasses the processes, tools, and practices designed to identify, classify, and mitigate security vulnerabilities across an application’s life cycle. It includes scanning for vulnerabilities, tracking identified vulnerabilities, managing patch processes, and implementing continuous monitoring and improvement procedures….

News

Issued by: DataBreach Today

A recent, brief disruption at Canadian airports is a reminder that Russia-aligned hacking groups’ bark remains worse than their bite. The problems began Sunday afternoon at multiple airports including Montreal-Trudeau International Airport, which reported that there had been “a national system failure of the automated kiosks” that was “causing a slowdown at border control.” As…

Malware & Threats

Issued by: Dark Reading

In a new twist on the cybercrime penchant for trojanizing things, a threat actor recently pounced upon a “hot” vulnerability disclosure to create a fake proof of concept (PoC) exploit that concealed the VenomRAT malware. According to research from Palo Alto Networks, the cyberattacker, who goes by “whalersplonk,” took advantage of a very real remote…

Network Security

Issued by: Dark Reading

Nearly three-quarters (73%) of cybersecurity industry leaders have experienced burnout in the last 12 months — and who can blame them? The shift to remote and hybrid work models has increased organizations’ reliance on cloud services, limiting security teams’ visibility into employee network and endpoint environments. But reduced visibility places company data at greater risk…

Network Security

Issued by: Dark Reading

Rail remains one of the most popular modes of transportation. In a typical year, US freight railroads move around 1.6 billion tons across nearly 140,000 miles of track. US citizens traveled more than 12.5 billion kilometers by rail in 2021. Thousands of railways — from national and regional networks to intra-city light rails — have…

Malware & Threats

Issued by: DataBreach Today

Stopping the ransomware epidemic is less about tackling individual crypto-locking malware variants and more about combating the entire ecosystem of bad actors underpinning digital extortion, the British government said Monday. Behind any infection from name-brand ransomware such as LockBit or BlackCat lies a loose network of affiliates, initial access brokers and other actors, warned the…

Mobile Security

Issued by: Dark Reading

Dangerous spyware masquerading as a set of legitimate Telegram “mods” inside the official Google Play app store has been downloaded tens of thousands of times — and its existence poses serious ramifications for business users. Modified applications (“mods”) for the popular messaging client are a well-known part of the Telegram ecosystem. Mods are apps that…