featured Archives - Page 19 of 75 - Cyber Security Minute

DPRK fund malicious cyber activities with ransomware attacks on critical Infrastructure

Issued by: Security Affairs

Ransomware attacks on critical infrastructure conducted by North Korea-linked hacker groups are used by the government of Pyongyang to fund its malicious cyber operations, U.S. and South Korean agencies warn. US CISA published a Cybersecurity Advisory (CSA) to provide information about the threat actors to network defenders. The joint CSA about ongoing ransomware activity against…

Application Security, Network Security

Are We Doomed? Not If We Focus on Cyber Resilience

Issued by: DataBreach Today

Here’s how to doom a cybersecurity program: Think of cybersecurity as a war against an attacker that must be fought to the finish, invest in threat tracking technology for threats your organization has no capabilities to defend against, and let the sunk cost effect determine how you spend your security budget. In reality, cybersecurity is…

Malware & Threats

Notorious Finnish Hacker ‘Zeekill’ Busted by French Police

Issued by: DataBreach Today

French police arrested a notorious hacker who’s suspected of forming part of an extortion scheme that targeted a Finnish psychotherapy practice and its patients. Aleksanteri Tomminpoika Kivimäki, 25, is the focus of a European arrest warrant issued last October in Finland. He’s been charged with participating in the hack of Vastaamo Psychotherapy Center. The now-defunct…

Vulnerabilities

QNAP addresses a critical flaw impacting its NAS devices

Issued by: Security Affairs

QNAP released QTS and QuTS firmware updates to address a critical vulnerability, tracked as CVE-2022-27596 (CVSS v3 score: 9.8), that affects QNAP NAS devices. A remote attacker can exploit the vulnerability to inject malicious code on QNAP NAS devices. The flaw is easy to exploit without user interaction or privileges on the vulnerable device. The…

Malware & Threats

Hacker accused of having stolen personal data of all Austrians and more

Issued by: Security Affairs

At the end of November 2022, the Amsterdam police arrested a 25-year-old man from Almere who is suspected of having stolen or traded the personal data of tens of millions of people around the world. The investigation into the activity of the man was launched by the Austrian Federal Criminal Investigation Service which spotted the…

Malware & Threats

Chinese threat actor DragonSpark targets East Asian businesses

Issued by: CSO Online

Organizations in Taiwan, Hong Kong, Singapore, and China have been recently facing attacks from Chinese threat actor DragonSpark. The threat actor was observed using the open-source tool SparkRAT for its attacks, according to a report by SentinelOne. SparkRAT is multi-platform, feature-rich, and frequently updated with new features, making the remote access Trojan (RAT) attractive to…

Mobile Security

Apple backported patches for CVE-2022-42856 zero-day on older iPhones, iPads

Issued by: Security Affairs

On December 2022, Apple released security updates to address a new zero-day vulnerability, tracked as CVE-2022-42856, that is actively exploited in attacks against iPhones. The IT giant released security bulletins for iOS/iPadOS 15.7.2, Safari 16.2, tvOS 16.2, and macOS Ventura 13.1. Apple addressed the vulnerability with improved state handling for the iPhone 6s (all models),…

Malware & Threats

ISMG Editors: Why Is LockBit Ransomware Group So Prolific?

Issued by: DataBreach Today

In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity and privacy issues, including why being a CISO is like being the first family doctor in a small village, why you can’t trust ransomware gangs such as LockBit, and why cloud security vendor Netskope took on $401 million in debt…

Malware & Threats

Ransomware Remains Top Cyber Threat, Former NCSC Chief Says

Issued by: DataBreach Today

Ransomware continues to be the United Kingdom’s most prominent cybersecurity threat, and the country can expect to see a surge in destructive attacks in 2023, warns the former head of the U.K.’s national cybersecurity agency. Oxford University professor Ciaran Martin says that while overall ransomware activities across the world slumped in 2022, attacks are likely…

Malware & Threats

LockBit Tries to Distance Itself From Royal Mail Attack

Issued by: DataBreach Today

What’s the term for when a ransomware group blames a geopolitically awkward attack it appears to have carried out on someone – anyone – else, just not them? Let’s call it getting “Colonial Pipelined,” after the DarkSide group’s disastrous hit on that oil pipeline system led the crime group to kill its brand. Is the…