Belarus state-linked hackers are targeting government and military entities in both Ukraine and Poland with spear-phishing campaigns that deliver remote access Trojans. Ukrainian authorities say the adversary is focusing on information stealing and remote control of targeted systems.
Rockwell Automation teamed-up with CISA to find two critical flaws that require immediate attention, citing a novel exploit capability attributed to advanced persistent threat actors known for targeting industrial systems and critical infrastructure.
Security appliance manufacturers SonicWall and Fortinet fixed multiple critically rated vulnerabilities in their network security products this week. The fixes include authentication bypass flaws that could result in exposure of sensitive information. Regulators urge users to patch soon.
TikTok executives were unable to answer Liberal senator and chair of the committee James Paterson when he questioned them on how many times Australian user data had been accessed by TikTok staff in China, but the executives admitted it had happened.
Apple is advising users to remove the software patch released on Monday aimed at fixing a zero-day vulnerability being exploited in the wild. The tech giant said the patch might prevent some websites from displaying properly and that it hopes to release a new patch soon.
The threat actor behind the remote access Trojan called RomCom and other pro-Russian groups are targeting Ukrainian agencies and allies ahead of the NATO Summit this week in Vilnius, Lithuania, using weaponized Microsoft documents and typosquatting techniques to deliver the malware.
For the third time since the discovery of the MOVEit Transfer application zero-day vulnerability, Progress Software has revealed a new critical SQL injection vulnerability that allows remote attackers to bypass authentication and execute arbitrary code.
A hacker suspected to be based in Mexico is targeting financial institutions using "relatively unsophisticated" tools but is achieving a high degree of success among banking customers, SentinelOne said. The threat actor also offers smishing as a service.
The United States is further fortifying its critical infrastructure security with a new Cybersecurity and Infrastructure Security Agency program that enhances the cyber resilience of participating partners leveraging the agency's advanced threat detection and monitoring capabilities.
The world's top chip manufacturer has dismissed the LockBit 3.0 ransomware gang's hack claim and $70 million ransom. TSMC said the data leak took place at a third-party supplier and contains only certain initial configuration files. It said customer information and operations were not affected.
The United Kingdom's national cybersecurity agency on Friday marked the 20th anniversary of its response to the first-ever cyberattack against the government by disclosing how government agencies responded. The incident paved way for the launch of the National Cyber Security Center in 2016.
The new ransomware group 8Base is fast becoming a big player in the underground market, amassing nearly 40 victims in June - second only to the notorious LockBit ransomware gang. The group's top targets include business services, finance, manufacturing and IT industries.
Cyberattackers have hit Ukraine's critical infrastructure over 3,000 times since the beginning of the Russian invasion in 2022, according to Ukraine's national incident response team, which warned that such attacks may continue for years even after the fighting on the ground is over.
Ukrainian cyber police raided and closed more than a dozen fraudulent call centers last week, saying the operations were running fake investment scams that involved stealing cryptocurrency and payment card details from European and Central Asian citizens.
Microsoft discovered hackers targeting internet-facing Linux systems and IoT devices to steal IT resources for cryptocurrency mining operations. The campaign begins by brute-forcing target systems and devices and then uses a backdoor to deploy open-source tools such as rootkits and an IRC bot.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
