Written by: Michael Raggi, Adam Aprahamian, Dan Kelly, Mathew Potaczek, Marcin Siedlarz, Austin Larsen
During the course of an intrusion investigation in late October 2023, Mandiant observed novel N-day exploitation …
Written by: Michael Raggi, Adam Aprahamian, Dan Kelly, Mathew Potaczek, Marcin Siedlarz, Austin Larsen
During the course of an intrusion investigation in late October 2023, Mandiant observed novel N-day exploitation …
Lynis is a comprehensive open-source security auditing tool for UNIX-based systems, including Linux, macOS, and BSD.
Hardening with LynisLynis conducts a thorough security examination of the system directly. Its …
ASX-listed cloud and cyber security provider AUCloud has announced it has entered into binding agreements to acquire Australian IT firms PCG Cyber, Venn IT and Arado.
Founded in 2019, Canberra-based PCG Cyber is a …
Summary: The interaction between web2 client-server architectures and web3 systems presents security challenges. Web3 systems often rely on classic centralized components, which can create unique attack surfaces. In this post, …
Fujitsu, the Japanese multinational technology giant, has revealed a data breach resulting from a malware infection within its corporate network. The company disclosed that sensitive files containing both personal and …
Within the obscured world of the Deep/Dark Web, where cybercrime flourishes amidst databases, initial access brokers, and a plethora of illegal activities, there exists a group known for leaking various …
Since early 2022, we have been monitoring an APT campaign that targets several government entities worldwide, with a strong focus in Southeast Asia, but also seen targeting Europe, America, and …
The Mobile Security Framework (MobSF) is an open-source research platform for mobile application security, encompassing Android, iOS, and Windows Mobile.
MobSF can be used for mobile app security assessment, penetration …
GhostSec, a significant member of The Five Families, has garnered substantial attention with the latest research, following their recent twin ransomware attack with Stormous –another Five Families affiliated threat group. Researchers and the …
Summary: Azure Deployment Scripts with User-Assigned Managed Identities can be exploited by attackers to gain unauthorized access and escalate privileges. The Deployment Scripts service allows users to run code in …
Driven by the promise of new lines of revenue and lower manufacturing costs, automobile manufacturers are enthusiastically turning vehicles into next-gen application platforms. Increasingly, organizations that run fleets or have …
You might have heard about the practice of pen test vendor rotation, or even tried it yourself. This is where organizations change their pen test providers annually to avoid complacency …
Mar 12, 2024The Hacker NewsCTEM / Vulnerability Management
In a world of ever-expanding jargon, adding another FLA (Four-Letter Acronym) to your glossary might seem like the last thing you’d want …
Security researchers have created a knowledge base repository for attack and defense techniques based on improperly setting up Microsoft’s Configuration Manager, which could allow an attacker to execute payloads or …
Microsoft has confirmed a new, significant intrusion by the persistent Russia-based hacking group Midnight Blizzard (NOBELIUM). The threat actors leveraged information exfiltrated during a January cyberattack to gain recent, unauthorized …
This post is also available in: 日本語 (Japanese)
Executive SummaryMuddled Libra stands at the intersection of devious social engineering and nimble technology adaptation. With an intimate knowledge of enterprise …
The fallout from the devastating hacker attack on IT provider Xplain continues as the Swiss National Cyber Security Centre (NCSC) publishes a detailed report on the leaked data. The report …
Japanese school uniform retailer Kanko Online Shop has disclosed a significant data breach affecting its “Kanko Online Shop Harajuku Select Square” e-commerce site. Up to 3,827 customers who made purchases …
Open-source tool that can legitimately be used to manage content in the cloud, but has been seen being abused by ransomware actors to exfiltrate data from victim machines. For an example …
PRESS RELEASE
SAN FRANCISCO, March 5, 2024 – Horizon3.ai, a pioneer in autonomous security solutions, today announced the availability of the Horizon3.ai Pentesting Services for Compliance. Horizon3.airecognizes that demand for pentesting expertise is at an …
With enterprise applications defaulting to cloud infrastructure, application security testing increasingly resembles penetration testing across an distributed attack surface area of the application — a similarity that is opening new …
Daikin Industries, a global leader in air conditioning systems, recently faced a challenging situation – a data breach compromising the personal data of its suppliers. The incident highlights the intricate …
The folder also contained an LNK file and a __MACOS folder with payload, this time timestamped Dec. 22, 2023.
Similar to the previously analyzed archive, several stages lead to this …
Published On : 2024-02-23
EXECUTIVE SUMMARYAt CYFIRMA, we are dedicated to providing current insights into prevalent threats and strategies utilized by malicious entities, targeting both organizations and individuals. This …
Sophos X-Ops is tracking a developing wave of vulnerability exploitation targeting unpatched ConnectWise ScreenConnect installations. This page provides advice and guidance for customers, researchers, investigators and incident responders. This information …
Creates, a popular online retailer of hair styling tools, has suffered a significant data breach that exposed credit card details, names, addresses, and possibly even more sensitive personal information belonging …
ReversingLabs researchers have observed a clear trend in which open-source platforms and code have become the stage for a growing and diverse range of malicious activity and campaigns. This trend …
Today’s attackers are taking advantage of changing business dynamics to target people everywhere they work. Staying current on the latest cybersecurity attack vectors and threats is an essential part of …
In a worrisome turn of events, messaging app giant Line Yahoo Corporation has revised the scope of its previously reported data breach. A deeper investigation uncovered additional compromises, significantly boosting …
Recent Insikt research analyzes ransomware and vulnerability trends spanning the past six years and offers insights into future expectations.
Ransomware groups exploit vulnerabilities in two distinct categories: those targeted by …
By Jungsoo An, Wayne Lee and Vanja Svajcer.
Cisco Talos discovered a new, stealthy espionage campaign that has likely persisted since at least March 2021. The observed activity affects an…The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state-sponsored cyber actors are seeking …
Welcome to the new edition of our report. As we bid farewell to the year 2023, let’s …
If you have anything to do with cyber security, you know it employs its own unique and ever-evolving language. Jargon and acronyms are the enemies of clear writing—and are beloved …
On February 2, 2024, AnyDesk, a popular remote desktop software provider, announced that it had fallen victim to a cyberattack that compromised its production systems. The breach, orchestrated by malicious …
AnyDesk, a widely used remote desktop software, recently announced a significant breach within its production environment. Despite the unsettling access gained by hackers, AnyDesk assured its user base that no …
Ofuji Fishing Tackles, a renowned fishing tackle wholesaler and manufacturer in Japan has recently faced a severe cyber threat. The company disclosed a potential data breach involving personal customer information, …
A colossal wave of stolen personal identifiable information (PII) from Thailand has crashed onto the shores of the dark web, marking a disturbing escalation in cybercriminal activities. This massive leak, …
In this article, we’re analyzing one of the most unusual crypters— PureCrypter, and a …
Published On : 2024-01-05
EXECUTIVE SUMMARYAt Cyfirma, we are committed to providing up-to-date information on the most prevalent threats and tactics used by malicious actors to target both organizations …
Ateam Inc., a developer of content for smartphones, disclosed that 935,779 personal data records stored in their cloud service were accessible over the Internet.
The company stated that they use …
Panasonic Avionics Corporation (PAC), revealed that they suffered a cyberattack at the end of 2022, which may have led to the leak of personal information related to employees.
According to …
As the world adorned its festive attire, the cybercriminal community in the shadowy realms of the Dark Web orchestrated their chilling celebration – “Leaksmas.” This event, coinciding with the Christmas …
Hackers use weaponized LNK files to exploit vulnerabilities in Windows operating systems. These files often contain malicious code that can be executed when the user clicks on the shortcut.
These …
The ransomware group Akira has declared responsibility for the recent cyberattack on the systems of Nissan in Australia and New Zealand. The hackers claim to have exfiltrated over 100 GB …
Known to be supported by North Korea, the Kimsuky threat group has been active since 2013. At first, they attacked North Korea-related research institutes in South Korea before attacking a …
French video game developer Ubisoft has once again fallen victim to a cyberattack. On the morning of December 22, 2023, a security research team shared screenshots allegedly from Ubisoft’s internal …
Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These …
Iranian espionage group Seedworm (aka Muddywater) has been targeting organizations operating in the telecommunications sector in Egypt, Sudan, and Tanzania.
Seedworm has been active since at least 2017, and has …