Commercial Spyware Vendors Have a Copycat in Top Russian APT

Russia's Midnight Blizzard infected Mongolian government websites to try to compromise the devices of visitors, using watering-hole tactics.

'Voldemort' Malware Curses Orgs Using Global Tax Authorities

The global malware campaign (that must not be named?) is targeting organizations by impersonating tax authorities, and using custom tools like Google Sheets for command and control.

Brazilian Ad Fraud Network 'Camu' Hits 2B+ Daily Bid Requests

The global Internet helps just about everything to scale more easily, including piracy and ad fraud.

SANS Institute Unveils Critical Infrastructure Strategy Guide for 2024

Exploited: CISA Highlights Apache OFBiz Flaw After PoC Emerges

The vulnerability carries nearly the highest score possible on the CVSS scale, at 9.8, impacting a system used by major companies around the world.

South Korean APT Exploits 1-Click WPS Office Bug, Nabs Chinese Intel

The most popular office software suite in China actually has two critical vulnerabilities, which allowed hackers the opportunity for remote code execution. Time to patch.

BlackByte Targets ESXi Bug With Ransomware to Access Virtual Assets

The pivot is one of several changes the groups using the malware have used in recent attacks.

Attackers Exploit Critical Atlassian Confluence Flaw for Cryptojacking

Novel attack vectors leverage the CVE-2023-22527 RCE flaw discovered in January, which is still under active attack, to turn targeted cloud environments into cryptomining networks.

Zimbabwe Trains Government Officials in Cybersecurity Skills

African nation's proactive approach to cybersecurity comes amid a rise in painful cyberattacks including the breach of a major bank.

77% of Educational Institutions Spotted a Cyberattack Within the Last 12 Months

PoC Exploit for Zero-Click Vulnerability Made Available to the Masses

The exploit can be accessed on GitHub and makes it easier for the flaw to be exploited by threat actors.

Microsoft's Sway Serves as Launchpad for 'Quishing' Campaign

The attack is a mashup of QR codes and phishing that gets users to click on links to malicious Web pages.

Microsoft to Host Windows Security Summit in CrowdStrike Outage Aftermath

The tech giant seeks to work with endpoint security partners, including CrowdStrike, on how to prevent an outage event of such gravity from happening again.

Cybercriminals Tap Greasy Opal to Create 750M Fake Microsoft Accounts

Such cyberattack enablement services let attackers breach security measures, establish new fake accounts, and brute-force servers.

Seattle-Tacoma Airport Suffers System Outages Due to Possible Cyberattack

As the entire Port of Seattle struggles to become fully operational once more, the airport recommends that those who are traveling take extra precautions.

Aggressively Monitoring for Changes Is a Key Aspect of Cybersecurity

Employees and management must fully support change detection and file integrity monitoring, allowing a proactive approach with definitive security controls to be implemented against threat actors.

India's Critical Infrastructure Suffers Spike in Cyberattacks

The financial and government sectors have come under increasing attacks in India, with the Reserve Bank of India (RBI) warning banks to double down on cybersecurity.

NIST Hands Off Post-Quantum Cryptography Work to Cyber Teams

The release of new NIST quantum-proof cryptography standards signals it's time for cybersecurity teams to get serious about preparing for the rise of quantum threats.

Patch Now: Second SolarWinds Critical Bug in Web Help Desk

The disclosure of CVE-2024-28987 means that, in two weeks, there have been two critical bugs and corresponding patches for SolarWinds' less-often-discussed IT help desk software.

Liverpool Fans Take English Premier League Title for Ticket Scams

Ticket scams are costing football fans close to £200 a season, on average, according to a report.

NFC Traffic Stealer Targets Android Users & Their Banking Info

The malware builds on a near-field communication tool in combination with phishing and social engineering to steal cash.

NSA Issues Tips for Better Logging, Threat Detection in LotL Incidents

The guidance is part of a coordinated, global effort to eradicate living-off-the-land techniques used against critical infrastructure.

Infostealers Waltz Through macOS to Grab Crypto Wallets, Browser Creds

Ironically, Macs' lower risk profile may make them more susceptible to any given threat than the average Windows or Linux system.

Google Chrome Update Fixes Flaw Exploited in the Wild

New Chrome release set to roll out over the next few days addresses 38 security issues in the browser.

Malicious Links, AI-Enabled Tools, and Attacks on SMBs Among Top Cybersecurity Threats in H1 Mimecast Global Threat Intelligence Report

'Styx Stealer' Blows Its Own Cover With Sloppy OpSec Mistake

An individual in Turkey is behind a new information stealer that researchers have recently observed in multiple attacks.

Taiwan University Under Fire From Unique DLL Backdoor

It's unclear who the "Msupedge" threat actors were or what the motive for the attack was.

Azure Kubernetes Bug Lays Open Cluster Secrets

Vulnerability gave attackers with access to a pod a way to obtain credentials and other secrets.

Toyota Customer, Employee Data Leaks in Confirmed Data Breach

The company has released little information on the breach, but claims it's been in contact with the individuals affected.

Name That Toon: Security Games

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

Multiple Microsoft Apps for macOS Vulnerable to Library Injection Attacks

Outlook, Teams, PowerPoint, OneNote, Excel, and Word undermine macOS's strict user permission-based privacy and security protections.

IBM SkillsBuild Cybersecurity and Data Analytics Certificates to be Deployed in Community College Systems

Every Google Pixel Phone Has a Verizon App that Doubles As a Backdoor

What is a Verizon Wireless demo store app doing on non-Verizon phones, and why is it a vehicle to an attacker?

National Public Data Confirms Massive Breach

Cyber incidents like this highlight the need for tougher action on companies that fail to adequately protect consumer data.

Assume Breach When Building AI Apps

AI jailbreaks are not vulnerabilities; they are expected behavior.

Human Nature Is Causing Our Cybersecurity Problem

By moving beyond guidelines and enforcing accountability, encouraging innovation, and prioritizing the safety and well-being of our communities in the digital age, we can build a more secure software future.

A Critical Look at the State Department's Risk Management Profile

The US needs to seize this moment to set a global standard for responsible and ethical AI, ensuring that technological progress upholds and advances human rights.

Iran Reportedly Grapples With Major Cyberattack on Banking Systems

The last known cyberattack waged against Iranian infrastructure took place last December with the blame placed on Israel and the US.

Are 2024 US Political Campaigns Prepared for the Coming Cyber Threats?

When it comes to this year's candidates and political campaigns fending off major cyberattacks, a lot has changed since the 2016 election cycle.

CISA, FBI Assure American Voters of Cyber Safe Electoral Process

Though it is possible for cyber disruptions to occur, CISA and the FBI say that ransomware will not impact casting or counting ballots.

DARPA Announces AI Cyber Challenge Finalists

Teams designed AI systems to secure open-source infrastructure software to be used in industry sectors such as financial services, utilities, and healthcare. Each finalist was awarded a $2 million prize.

Unfixed Microsoft Entra ID Authentication Bypass Threatens Hybrid IDs

The attack affects organizations that have synced multiple on-premises Active Directory domains to a single Azure tenant.

SolarWinds: Critical RCE Bug Requires Urgent Patch

The vulnerability was given a high-severity CVSS score, indicating that customers should act swiftly to mitigate the flaw.

Google: Iran's Charming Kitten Targets US Presidential Elections, Israeli Military

The threat group tracked as APT42 remains on the warpath with various phishing and other social engineering campaigns, as tensions with Israel rise.

Experian Acquires Behavioral Analytics Company NeuroID

GitHub Attack Vector Cracks Open Google, Microsoft, AWS Projects

Cloud services and thus millions of end users who access them could have been affected by the poisoning of artifacts in the development workflow of open source projects.

Critical Ivanti vTM Bug Allows Unauthorized Admin Access

The CVSS 9.8 authentication bypass in Ivanti's traffic manager admin panel already has a proof-of-concept (PoC) exploit lurking in the wild.

Microsoft Azure AI Health Bot Infected With Critical Vulnerabilities

Privilege escalation flaws in the healthcare chatbot platform could have allowed unauthorized cross-tenant access and management of other customers’ resources.

FBI Shuts Down Dozens of Radar/Dispossessor Ransomware Servers

Computer infrastructure in the US, UK, and Germany associated with the cybercriminal group, which targeted SMBs using double extortion, is officially out of commission.

APT41 Spinoff Expands Chinese Actor's Scope Beyond Asia

Earth Baku, yet another subgroup of the highly active and increasingly sophisticated collective, is moving into EMEA with new malware and living-off-the-land (LOL) tactics.

UN Approves Cybercrime Treaty Despite Major Tech, Privacy Concerns

The treaty would allow any country to request technology firms to aid in cybercrime investigations and preserve data about their users — potentially imperiling penetration testers and security researchers, among others.

AMD Issues Updates for Silicon-Level 'SinkClose' Processor Flaw

The vulnerability has been around for nearly 20 years and gives sophisticated attackers a way to bury virtually undetectable bootkits on devices with EPYC and Ryzen microprocessors.

CLFS Bug Crashes Even Updated Windows 10, 11 Systems

A quick and easy exploit for crashing Windows computers has no fix yet nor really any way to mitigate its effects.

A Lesson From the CrowdStrike Incident

The recent outage highlights the critical importance of adhering to established processes and governance frameworks.

Tennessee Man Helped DPRK Workers Get Jobs at US Orgs, Fund WMDs

US citizens play middleman between US companies and the North Korean government agents they unwittingly hire.

Media & Victims Find Common Ground Against Hackers

In a panel at Black Hat 2024, journalists and investigators explain their differing goals when a victim organization is breached.

Rubrik Partners With Mandiant for Cyber Resilience and Accelerated Incident Response Recovery

CrowdStrike's Legal Pressures Mount, Could Blaze Path to Liability

Following the July 19 outages caused by a bad update, the cybersecurity firm faces shareholder lawsuits and pressure to pay damages for at least one major customer, by Delta Airlines. Will software liability follow?

How to Weaponize Microsoft Copilot for Cyberattackers

At Black Hat USA, security researcher Michael Bargury released a "LOLCopilot" ethical hacking module to demonstrate how attackers can exploit Microsoft Copilot — and offered advice for defensive tooling.

Microsoft on CISOs: Thriving Community Means Stronger Security

Microsoft execs detailed the company's reaction to the CrowdStrike incident and emphasized the value of a collective identity.

'0.0.0.0 Day' Flaw Puts Chrome, Firefox, Mozilla Browsers at RCE Risk

Attackers can use a seemingly innocuous IP address to exploit localhost APIs to conduct a range of malicious activity, including unauthorized access to user data and the delivery of malware.

CrowdStrike Will Give Customers Control Over Falcon Sensor Updates

The security vendor has also implemented several changes to protect against the kind of snafu that crashed 8.5 million Windows computers worldwide last month.

Knostic Wins 2024 Black Hat Startup Spotlight Competition

During a "Shark Tank"-like final, each startup's representative spent five minutes detailing their company and product, with an additional five minutes to take questions from eight judges from Omdia, investment firms, and top companies in cyber.

Creating Insecure AI Assistants With Microsoft Copilot Studio Is Easy

Microsoft claims 50,000 organizations are using its new Copilot Creation tool, but researcher Michael Bargury demonstrated at Black Hat USA ways it could unleash insecure chatbots.

Chameleon Banking Trojan Makes a Comeback Cloaked as CRM App

The evolving malware is targeting hospitality and other B2C workers in Canada and Europe with capabilities that can evade Android 13 security restrictions.

Startup Spotlight: RAD Security Brings Behavioral Profiling to Cloud

Cybersecurity startup RAD Security, a finalist in this year's Black Hat USA Startup Spotlight competition, looks for "drift events," or events that vary from the baseline.

Attackers Use Multiple Techniques to Bypass Reputation-Based Security

Protections like Windows Smart App Control are useful but susceptible to attacks that allow threat actors initial access to an environment without triggering any alerts.

Cyberattack Strikes the Grand Palais RMN; Impact Appears Limited

Everyone expected some kind of cyberattack during the Olympics. If this is the best they've got, the bad guys don't deserve a spot on the podium.

Russia's Priorities in Prisoner Swap Suggest Cyber Focus

At least two Russian nationals serving prison sentences for cybercrime offenses, Vladislav Klyushin and Roman Seleznev, were released as part of the landmark prisoner swap.

China's Evasive Panda Attacks ISP to Send Malicious Software Updates

The APT used DNS poisoning to install the Macma backdoor on targeted networks and then deliver malware to steal data via post-exploitation activity.

Startup Spotlight: LeakSignal Helps Plug Leaky Data in Organizations

Cybersecurity startup LeakSignal, a finalists in this year's Black Hat USA Startup Spotlight competition, helps organizations see where data is leaking within their environment.

Protect Data Differently for a Different World

Adopting a military mindset toward cybersecurity means the industry moves beyond the current network protection strategies and toward a data-centric security approach.

How Regional Regulations Shape Global Cybersecurity Culture

Ultimately, a more cyber-secure world requires a global governing body to regulate and campaign for cybersecurity, with consistent regulatory requirements in the various regions around the world.

Russia's 'Fighting Ursa' APT Uses Car Ads to Install HeadLace Malware

The scheme, from the group also known as APT28, involves targeting Eastern European diplomats in need of personal transportation, tempting them with a purported good deal on a Audi Q7 Quattro SUV.

Fortune 50 Co. Pays Record-Breaking $75M Ransomware Demand

The runaway success of an upstart ransomware outfit called "Dark Angels" may well influence the cyberattack landscape for years to come.

China's APT41 Targets Taiwan Research Institute for Cyber Espionage

The state-sponsored Chinese threat actor gained access to three systems and stole at least some research data around computing and related technologies.

Twilio Users Kicked Out of Desktop App, Forced to Switch to Mobile

Now that the Authy Desktop app has reached EOL and is no longer accessible, users are hoping their 2FA tokens synced correctly with their mobile devices.

'Sitting Ducks' Attacks Create Hijacking Threat for Domain Name Owners

Researchers say the attacks are easy to perform, difficult to contact, nearly unrecognizable, and "entirely preventable."

Meta Agrees to $1.4B Settlement With Texas Over Biometric Privacy

The process took two years, but this is the first successful settlement obtained under Texas' Capture or Use of Biometric Identifier Act, which forbids the capture of biometric data without users' explicit consent.