News
-
"Wiper, Disguised as Fake Ransomware, Targets Russian Orgs"CryWiper is a new malicious program that functions similarly to crypto-ransomware. It overwrites and renames files before dropping a text file containing a ransom note and a Bitcoin address. However, the program deletes the contents of a victim's files.…
-
"Hackers Hijack Linux Devices Using PRoot Isolated File Systems"In Bring Your Own File System (BYOF) attacks, hackers are abusing the open-source Linux PRoot utility to provide a consistent repository of malicious tools that work across multiple Linux distributions. A BYOF attack occurs when threat actors create a…
-
"New BMC Supply Chain Vulnerabilities Pose Threat to Server, Cloud Computing Ecosystem"Researchers discovered three different security flaws in American Megatrends Inc. (AMI) MegaRAC Baseboard Management Controller (BMC) software, posing a threat to technology supply chains and major Information Technology (IT) hardware brands that support…
-
"Open-Source Ransomware Toolkit Cryptonite Turns Into Accidental Wiper Malware"Due to its poor architecture and programming, an open-source ransomware toolkit called Cryptonite has been observed in the wild with wiper capabilities. Cryptonite, unlike other ransomware strains, is not for sale on the cybercriminal underground and was…
-
"Darknet Markets Generate Millions in Revenue Selling Stolen Personal Data, Supply Chain Study Finds"According to a study conducted by researchers from the University of South Florida and Georgia State University, stolen data products, like most legal commodities, pass through a supply chain that includes producers, wholesalers, and consumers. However,…
-
"Binance Freezes $3 Million Worth of Crypto Stolen in Ankr Hack"After Ankr, the hacking of the Web3 infrastructure provider, Binance, one of the last remaining cryptocurrency giants, froze nearly $3 million in cryptocurrency. Ankr stated that $5 million in Binance coin was stolen from the platform. The provider plans…
-
"GAO Calls for Action to Improve Critical Infrastructure IoT and OT Cybersecurity"According to the Government Accountability Office (GAO), federal agencies in charge of critical infrastructure cybersecurity have not conducted risk assessments for Operational Technology (OT) and Internet of Things (IoT) systems and devices. Electronic…
-
"Black Proxies Enable Threat Actors to Conduct Malicious Activity"Security researchers at DomainTools have discovered that threat actors are using criminal proxy networks to obfuscate their illegal activities by hiding behind hijacked IP addresses and using the same to create an appearance of legitimacy. The…
-
"Weak Connected Medical Device Security Increases Cyberattack Threats"Medical device security remains a concern for healthcare organizations as the threat of cyberattacks continues to grow in the industry. The medical Internet of Things (IoT) has improved healthcare by making it more convenient, efficient, and patient-…
-
"Integration, Legacy Tech and Lack of Skills Prevent Implementation of Security Solutions"According to a study for BlackFog, conducted by Sapio Research, 50 percent of over 400 Information Technology (IT) security decision-makers in the US and UK have been prevented from adopting a new cybersecurity solution because of integration issues or…
-
"Google Patches Ninth Chrome Zero-Day of 2022"Google recently announced an emergency Chrome 108 update to patch a zero-day vulnerability in the browser, the ninth to be fixed this year. The high-severity security bug is tracked as CVE-2022-4262 and is described as a type confusion in the browser’s…
-
"Report Finds Software Supply Chain Attacks Show No Sign of Slowing Down"According to a new report from Reversing Labs, software supply chain attacks show no signs of slowing or decreasing nearly two years after the SolarWinds hack. The report highlights that attacks leveraging malicious open-source modules have continued to…