"City of Dallas Details Ransomware Attack Impact, Costs"

"City of Dallas Details Ransomware Attack Impact, Costs"

The City of Dallas has recently announced that an $8.5 million budget has been approved to support the restoration of its systems following a ransomware attack that happened in May 2023.  The attack was identified on May 3, when the cybercrime gang named Royal started deploying file-encrypting ransomware on multiple systems.  The investigation launched into the matter has revealed that the attackers had access to the city’s network for roughly a month before that.

Submitted by Adam Ekwall on

"5G Cellular Security Research"

"5G Cellular Security Research"

A team of researchers from the University of Colorado (CU) Boulder is leading a project for 5G wireless security. The National Science Foundation's (NSF) Convergence Accelerator program awarded CU Boulder $5 million for the "GHOST: 5G Hidden Operations through Securing Traffic" project. The work aims to ensure American soldiers, businesses, and non-governmental organizations (NGOs) can use 5G cellular networks in foreign countries without untrusted or potentially malicious network operators being able to extract user information.

Submitted by Gregory Rigby on

"Metaverse Poses Serious Privacy Risks for Users, Report Warns"

"Metaverse Poses Serious Privacy Risks for Users, Report Warns"

According to a new report from New York University (NYU), the immersive Internet experience known as the metaverse will erode users' privacy unless significant measures are taken to improve and regulate how the technology collects and stores personal data. The metaverse relies on Extended Reality (XR) technologies, encompassing Augmented Reality (AR), Virtual Reality (VR), and Mixed Reality (MR).

Submitted by Gregory Rigby on

"KEV Catalog Reaches 1,000, What Does That Mean and What Have We Learned"

"KEV Catalog Reaches 1,000, What Does That Mean and What Have We Learned"

The US Cybersecurity and Infrastructure Security Agency (CISA) launched the Known Exploited Vulnerabilities (KEV) catalog in November 2021 to provide an authoritative source of vulnerabilities that have been exploited "in the wild." Recently, the catalog has expanded to include over 1,000 vulnerabilities. As part of a vulnerability management program that facilitates prioritization based on organizational attributes, such as how a vulnerable product is being used and the exploitability of the relevant system, every organization should prioritize the mitigation of KEVs.

Submitted by Gregory Rigby on

"APT36 State Hackers Infect Android Devices Using YouTube App Clones"

"APT36 State Hackers Infect Android Devices Using YouTube App Clones"

The APT36 hacking group, also known as Transparent Tribe, has been using at least three YouTube-mimicking Android apps to infect devices with their signature Remote Access Trojan (RAT) called CapraRAT. Once the malware has been installed on a victim's device, it can extract data, record audio and video, and access sensitive communication information, functioning as a spyware tool. APT36 is a Pakistan-aligned threat actor notorious for using malicious Android apps to target Indian defense and government entities, those dealing with Kashmir region affairs, and human rights activists.

Submitted by Gregory Rigby on

"CISA Sponsors Hack the Building 2.0 Hospital Competition"

"CISA Sponsors Hack the Building 2.0 Hospital Competition"

The US Cybersecurity and Infrastructure Security Agency (CISA) and the National Centers of Academic Excellence in Cybersecurity (NCAE-C) have sponsored the Hack the Building 2.0: Hospital Edition competition at the Maryland Innovation and Security Institute (MISI) in Columbia, Maryland. The National Security Agency (NSA) manages the NCAE-C program in collaboration with CISA and the Federal Bureau of Investigation (FBI).

Submitted by Gregory Rigby on

"Earth Lusca's New SprySOCKS Linux Backdoor Targets Government Entities"

"Earth Lusca's New SprySOCKS Linux Backdoor Targets Government Entities"

Earth Lusca, a threat actor with ties to China, has been observed targeting government organizations with a new Linux backdoor called SprySOCKS. Trend Micro first documented Earth Lusca in January 2022, detailing the adversary's attacks against public and private sector entities in Asia, Australia, Europe, and North America. Since 2021, the group has used spear-phishing and watering hole attacks to execute its cyber espionage schemes. Some of the group's activities overlap with another threat cluster tracked by Recorded Future as RedHotel.

Submitted by Gregory Rigby on

"Companies Still Don't Know How to Handle Generative AI Risks"

"Companies Still Don't Know How to Handle Generative AI Risks"

According to the Information Services Group (ISG), companies are actively pursuing practical applications of generative Artificial Intelligence (AI) technology while staying mindful of its risks. Eighty-five percent of companies surveyed by ISG believe investments in generative AI within the next two years are either important or critical. Rather than adopting a "blank slate" strategy, companies are requesting that their service providers apply generative AI to existing services, such as call center operations.

Submitted by Gregory Rigby on

"'ShroudedSnooper' Backdoors Use Ultra-Stealth in Mideast Telecom Attacks"

"'ShroudedSnooper' Backdoors Use Ultra-Stealth in Mideast Telecom Attacks"

Two Middle Eastern telecommunications organizations were recently compromised by a potentially novel threat actor using two backdoors with new methods for covertly loading malicious shellcode onto a target system. Cisco Talos dubbed the intrusion set "ShroudedSnooper" because it could not link the activity to previously identified groups. ShroudedSnooper uses two backdoors, "HTTPSnoop" and "PipeSnoop," with advanced anti-detection mechanisms, such as masquerading as popular software products and infecting low-level Windows server components.

Submitted by Gregory Rigby on

"Unhooking Phishing Threats - The Detection of Phishing Attempts in Communications Systems"

"Unhooking Phishing Threats - The Detection of Phishing Attempts in Communications Systems"

There is a new approach to combating phishing attacks to improve online security, reduce cybercrime against individuals and businesses, and prevent attacks against governments. Computer security systems are continuously challenged by the emergence of increasingly sophisticated phishing attacks, which may also use social engineering and malware. T.

Submitted by Gregory Rigby on
Subscribe to