Russia Lays the Smackdown on REvil Ransomware Gang
Members of the hacker group, also known as Sodinokibi, have been charged with crimes in Russia, and its infrastructure has “been liquidated,” the public relations arm of Moscow’s FSB security agency told Russia’s Interfax news agency. The special operation, conducted by Russian authorities, was reportedly at the request of the United States. “The FSB of…
Apache Foundation Calls Out Open-Source Leechers
“[The] community is defined by those who show up and do the work. Companies that build open source into their products rarely participate in their continued maintenance,” the ASF said in a position paper published ahead of a high-level White House meeting on open-source software security. “Only a tiny percentage of downstream companies (reusing the…
Attackers Hitting VMWare Horizon Servers With Log4j Exploits
The warning comes almost exactly one month after the first disclosure of a Log4j remote code execution vulnerability that threatens major damage on the internet and heightens the urgency for enterprise defenders to find and fix the issue. According to an advisory from NHS Digital, attackers are exploiting the critical vulnerability in the Apache Tomcat…
Anti-Bot Fraud Detection Firm HUMAN Snags $100M Investment
The latest financing was led by WestCap, with additional investment from Dave DeWalt’s NightDragon. It comes exactly one year after the company (previously known White Ops) was acquired by the Goldman Sachs merchant banking division. HUMAN Security sells technology capable of differentiating between bots and human transactions on the internet, protecting enterprises from fraudulent e-commerce…
Citizen Lab Exposes Cytrox as Vendor Behind ‘Predator’ iPhone Spyware
Citizen Lab teamed up with the threat-intel team at Facebook parent company Meta to expose Cytrox alongside a handful of PSOAs (private sector offensive actors) in the murky surveillance-for-hire industry. In a detailed technical report published late Thursday, Citizen Lab said Cytrox is responsible for a piece of iPhone eavesdropping malware that was planted on…
Trend Micro Spots Chinese Hackers Targeting Transportation Sector
Also known as Earth Centaur and KeyBoy, the advanced persistent threat (APT) has been around since 2011, conducting espionage campaigns against organizations in government, healthcare, high-tech, and transportation sectors in Hong Kong, the Philippines, and Taiwan. As part of the attacks conducted over the past year and a half, Trend Micro warned that the group…
Thousands of Industrial Systems Targeted With New ‘PseudoManuscrypt’ Spyware
The attacks targeted 35,000 devices in 195 countries between January and November 2021, including devices housed by high-profile organizations. Roughly seven percent of the targets were ICS, with the engineering and building automation sectors being most impacted. Attacks were also aimed at military industrial enterprises and research laboratories. In many cases, the attackers targeted engineering…
Microsoft Patches 67 Security Flaws, Including Zero-Day Exploited by Emotet
In the final Patch Tuesday release for 2021, the Redmond, Wash. software giant called special attention to CVE-2021-43890, a spoofing vulnerability in the Microsoft Windows AppX installer and warned that the bug is being exploited in the wild by the Emotet malware operation. “Microsoft is aware of attacks that attempt to exploit this vulnerability by…
‘Moobot’ Botnet Targets Hikvision Devices via Recent Vulnerability
Tracked as CVE-2021-36260 and affecting over 70 cameras and NVRs from Hikvision, the critical-severity bug can be exploited to gain root access and completely take over vulnerable devices, without any form of user interaction. Hikvision released patches for the vulnerability on September 18 and, shortly after, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) alerted…
QNAP Warns of New Crypto-Mining Malware Targeting NAS Devices
The Taiwan-based company, which is well known for its NAS and professional network video recorder (NVR) solutions, on Tuesday urged users to take immediate action to keep their devices protected against the new threat. QNAP says it is currently investigating reports where attackers infect NAS appliances with a Bitcoin miner that can be identified by…
