News
-
"NSA joins Australian Signals Directorate and Others in Promoting Six Principles of Operational Technology (OT) Cybersecurity"The National Security Agency (NSA), together with the Australian Signals Directorate's Australian Cyber Security Centre (ASD ACSC) and others, released a new Cybersecurity Information Sheet (CSI) titled "Principles of Operational Technology Cyber
-
"Fake Browser Updates Spread Updated WarmCookie Malware"The new "FakeUpdate" campaign targeting users in France involves compromised websites that display fake browser and app updates, which deliver a new version of the WarmCookie backdoor.
-
"Sellafield Fined for Cybersecurity Failures at Nuclear Site"Sellafield Ltd was recently fined $437,440 for cybersecurity failings running the Sellafield nuclear facility in Cumbria, North-West England. The fine was issued by Westminster Magistrates Court.
-
"New MedusaLocker Ransomware Variant Deployed by Threat Actor"According to security researchers at Cisco Talos, a financially-motivated threat actor has been observed targeting organizations globally with a MedusaLocker ransomware variant.
-
"LockBit Ransomware and Evil Corp Members Arrested and Sanctioned in Joint Global Effort"New international law enforcement actions have resulted in four arrests and the takedown of nine servers linked to the "LockBit" ransomware operation.
-
"Private US Companies Targeted by Stonefly APT"Symantec threat analysts warns that the North Korean Advanced Persistent Threat (APT) group "Stonefly," also known as "APT45," continues to target US companies despite an indictment.
-
"Linux Malware '"Perfctl'" Behind Years-Long Cryptomining Campaign"For at least three years, the Linux malware named "perfctl" has targeted Linux servers and workstations, evading detection with rootkits.
-
"MITRE Adds Mitigations to EMB3D Threat Model"MITRE has announced the full release of the "EMB3D Threat Model," which now maps essential mitigations to security controls outlined in the Industrial Automation and Control Systems standard.
-
"Email Phishing Attacks Surge as Attackers Bypass Security Controls"According to Egress, email phishing attacks increased 28 percent in the second quarter of 2024 compared to the first quarter, with attackers using effective methods to defeat defenses.
-
"Microsoft and US Government Disrupt Russian Star Blizzard Operations"Microsoft and the US government have seized more than 100 websites used by the Russian nation-state threat actor "Star Blizzard." A US court authorized Microsoft's Digital Crimes Unit (DCU) to disrupt 66 unique domains used by Star Blizzard to at
-
"Adobe Commerce Flaw Exploited to Compromise Thousands of Sites"Sansec reports that multiple threat actors compromised over 4,000 online stores through the exploitation of a critical Adobe Commerce vulnerability named "CosmicSting." The vulnerability is an improper restriction of XML external entity reference
-
"Pig Butchering Trading Apps Found on Google Play, App Store"Security researchers at Group-IB have discovered fake trading apps on Google Play and Apple's App Store that lure victims into "pig butchering" scams.