"SAP Applications Increasingly in Attacker Crosshairs, Report Shows"

"SAP Applications Increasingly in Attacker Crosshairs, Report Shows"

According to a new report from Onapsis and Flashpoint, malicious hackers are increasingly interested in compromising organizations' SAP applications and data. This interest is suspected to be fueled by SAP application migrations to the cloud, as well as adversaries' increased ability to target misconfigurations and missing security patches in both cloud and on-premises deployments. Ransomware attacks against SAP systems have increased 400 percent over the past few years. On hacker forums, talks about SAP flaws and exploits increased by 490 percent, while discu

Submitted by Gregory Rigby on

"'MadMxShell' Leverages Google Ads to Deploy Malware via Windows Backdoor"

"'MadMxShell' Leverages Google Ads to Deploy Malware via Windows Backdoor"

A threat actor has been using a cluster of domains posing as legitimate IP scanner software sites to distribute malware through a Windows backdoor dubbed "MadMxShell." According to Zscaler ThreatLabz, the threat actor registered multiple look-alike domains using a typosquatting technique. Then they used Google Ads to push the fraudulent domains to the top of search engine results for specific search keywords, luring potential victims to these IP scanner websites.

Submitted by Gregory Rigby on

"Evil XDR: Researcher Turns Palo Alto Software Into Perfect Malware"

"Evil XDR: Researcher Turns Palo Alto Software Into Perfect Malware"

An exploit of Palo Alto Networks' Extended Detection and Response (XDR) software could have enabled attackers to manipulate it as a malicious multitool. Shmuel Cohen, a security researcher at SafeBreach, explained how he reverse-engineered and cracked the company's Cortex product. He used it to deploy a reverse shell and ransomware.

Submitted by Gregory Rigby on

"Akira Ransomware Gang Made $42 Million From 250 Attacks Since March 2023: FBI"

"Akira Ransomware Gang Made $42 Million From 250 Attacks Since March 2023: FBI"

The Akira ransomware gang has targeted over 250 organizations in the last year and continues to affect various businesses and critical infrastructure entities in North America, Europe, and Australia, according to recent warnings from the Federal Bureau of Investigation (FBI) and European law enforcement.

Submitted by Gregory Rigby on

"Frontier Communications Shuts Down Systems Following Cyberattack"

"Frontier Communications Shuts Down Systems Following Cyberattack"

Telecommunications giant Frontier Communications recently informed the Securities and Exchange Commission (SEC) that certain systems were shut down following a cyberattack. The incident was identified on April 14, when a third party “gained unauthorized access to portions of its information technology environment.” According to Frontier, the attack was likely the work of a cybercrime group that gained access to various types of data, including personally identifiable information. The company has notified proper authorities, and an investigation into the incident is still ongoing.

Submitted by Adam Ekwall on

"Alarming Decline in Cybersecurity Job Postings in the US"

"Alarming Decline in Cybersecurity Job Postings in the US"

Security researchers at CyberSN warn that the overall number of cybersecurity job postings in the US decreased by 22% from 2022 to 2023. The researchers said this decline is alarming and could impact national security, as some of these roles are essential for maintaining organizational and national cyber defenses. The most significant decline is in research roles, which saw a general 69% drop year-on-year between 2022 and 2023. According to the researchers this suggests a move away from proactive threat analysis and mitigation.

Submitted by Adam Ekwall on

"CyLab Researchers to Present at ACM CHI 2024"

"CyLab Researchers to Present at ACM CHI 2024"

CyLab Security and Privacy Institute researchers will present ten papers and participate in one special interest group at the ACM Conference on Human Factors in Computing Systems (CHI 2024). One of the papers is titled "Interdisciplinary Approaches to Cybervulnerability Impact Assessment for Energy Critical Infrastructure." The researchers interviewed 18 experts in the field of energy critical infrastructure to compare what information they believe is necessary to assess the impact of computer vulnerabilities contained by energy operational technology.

Submitted by Gregory Rigby on

"Cheap Ransomware for Sale on Dark Web Marketplaces Is Changing the Way Hackers Operate"

"Cheap Ransomware for Sale on Dark Web Marketplaces Is Changing the Way Hackers Operate"

Sophos X-Ops has found 19 "cheap, independently produced, and crudely constructed" junk gun ransomware variants on the dark web. These junk gun variants aim to disrupt the affiliate-based Ransomware-as-a-Service (RaaS) model that has dominated the ransomware market. Instead of selling or buying ransomware to or as an affiliate, attackers develop and sell simple variants for a one-time fee. Other threat actors can use such variants to attack small and medium-sized businesses (SMBs) as well as individuals.

Submitted by Gregory Rigby on

ACM CHI Conference on Human Factors in Computing Systems

"The conference embraces the theme of Surfing the World – reflecting the focus on pushing forth the wave of cutting-edge technology and riding the tide of new developments in human-computer interaction. The conference serves as a platform for researchers, practitioners, and industry leaders to share their latest work and ideas and to foster collaboration and innovation in the field.

Subscribe to