AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Cyber threats

The truth behind cyber threats: propaganda or reality?The limits and hidden truths about the cyberwar between Russia and UkraineCyberwar is often exaggerated in the media. Studies by ETH Zurich show that cyber attacks do not have the strategic effectiveness often attributed to them. The media narrative tends to overestimate the impact of these attacks, often without concrete and objective evidence.

Apple raises alarm about new cyber threats: the challenge of mercenary spywareHow Apple addresses new digital threats: tools, collaborations and measures to protect user privacy in an increasingly interconnected worldApple has warned about mercenary spyware, malicious software sold to governments to spy on. He stressed the importance of updating devices and collaborating at the technology and government levels to protect user privacy.

Discovery of an AiTM attack campaign on Microsoft 365A detailed exploration of AiTM attack techniques and mitigation strategies to protect Microsoft 365 from advanced compromisesIn July 2024, the Field Effect security team discovered “Adversary-in-the-Middle” (AiTM) attacks against Microsoft 365, using Axios to steal user credentials, including MFA codes, via phishing. Monitoring, credential rotation and anti-phishing training are recommended.

Apple ID security: prevent phishing attacks with two-factor authenticationLearn how cybercriminals exploit phishing and learn how to defend your Apple ID with simple but effective security measuresApple ID users are being hacked via phishing emails and SMS that appear legitimate. Hackers steal credentials to lock out accounts and access funds. Enabling two-factor authentication (2FA) is vital to protecting yourself by avoiding clicking on suspicious links.

Operation Morpheus: Europol hits cybercrime hardA vast network of illegal servers discovered and neutralized: the global fight against cyber threats enters a new phaseOperation Morpheus, coordinated by Europol, disabled nearly 600 Cobalt Strike servers used by cybercriminals. Pirated versions of this pentesting tool have been exploited for cyber attacks. Public-private collaboration has been crucial to this success.

Indirector vulnerability discovered in modern Intel CPUsNew Intel CPU security threat: learn how the Indirector attack can compromise your data and key techniques to protect yourselfA new vulnerability called Indirector affects recent Intel processors, exploiting flaws in the IBP and BTB components to access sensitive data. Intel has recommended mitigation measures but they may affect performance. The discovery will be presented at the USENIX Security Symposium.

Cyber attack in Indonesia: the new Brain Cipher ransomware brings services to their kneesNew ransomware hits Indonesia: learn how Brain Cipher crippled essential services and the techniques used by hackersBrain Cipher is a new ransomware group that hit a data center in Indonesia, encrypting government servers and disrupting vital services. They demanded a ransom of $8 million in Monero. Ransomware encrypts both data and file names, making recovery difficult.

China's strategy in cyber space: civilian hackers and state supportCivilian hackers and digital sovereignty: China's cyber espionage modelChina's offensive cyber ecosystem relies on state-backed civilian hackers using zero-day vulnerabilities. Hacking competitions and bug bounty programs are used to identify these flaws. Other countries must balance these practices with their own ethical values.

Growing activity of chinese hacker groupsIdentifying and mitigating new threats: the growth of hostile cyber operations led by chinese hacker groupsIn June 2024, Chinese hacker groups intensified attacks using tools such as SpiceRAT and advanced phishing and zero-day techniques. They have affected global organizations, causing serious damage. Companies must implement enhanced security measures and train employees.

Investigation into Facebook data breach and Akira ransomwareCybersecurity challenges: from the latest Facebook breach to the Akira ransomware threatThe article discusses a recent data breach at Facebook that compromised millions of profiles, the FBI's warning of an increase in Akira ransomware cases, and the importance of multi-layered strategies for companies and international collaboration to counter cyber threats .

Malware emergency on macOS: Atomic Stealer's threat to sensitive data and cryptocurrenciesNew infection and mitigation techniques to protect Mac devicesAtomic Stealer is a new malware that affects macOS, stealing sensitive data and cryptocurrencies. It spreads as cracked software. It uses AppleScript to obtain passwords and steals data from browsers and cryptocurrency wallets. It is recommended to download from official sources only.

A new LPE exploit for Windows for sale in the undergroundA new local privilege escalation threat for Windows in the underground forumsA privilege escalation exploit on Windows systems has been discovered in an underground forum. Sold for $120,000, it compromises various versions of Windows in seconds while remaining hidden. Emphasizes the importance of updating and protecting systems.

KeyPlug backdoor identified: alarm for Italian industriesTinexta Cyber reveals the technical details of the dangerous KeyPlug backdoor and its implications for the security of Italian businessesTinexta Cyber discovered the KeyPlug backdoor, attributed to China's APT41 group, which infected Italian companies. KeyPlug affects both Windows and Linux. A connection with the I-Soon data leak is suspected. It is crucial to strengthen industrial security against these threats.

Critical failure in Check Point VPN solutions: risks and security measuresExposure of enterprise systems: urgent updates and patches to protect networksA critical vulnerability in Check Point VPNs, disclosed via a PoC, allows an attacker to execute arbitrary code. Check Point has released a patch and recommends urgent updates to avoid security risks. The incident highlights the importance of updates and ongoing surveillance.

Massive cyberattack on Windstream home routersAn analysis of the devastating cyber attack on Windstream routers and the techniques used by the cybercriminalsA malware attack called “Pumpkin Eclipse” has rendered more than 600,000 Windstream routers inoperable in the US. Black Lotus Labs experts discovered that the Chalubo malware overwrote the devices' firmware. The origin of the attack is still uncertain.

Distribution of malware via counterfeit copies of Microsoft OfficeMalware campaign analysis using counterfeit installers of popular softwareA malware campaign distributes pirated software, exploiting fake Microsoft Office installers. Download URLs point to legitimate services, making identification difficult. The malware includes RATs, cryptocurrency miners and antivirus evasion tools.

The largest botnet ever in the United States has been dismantledYunhe Wang Arrest: The Role and Impact of the 911 S5 Botnet in Global CybercrimeThe US Department of Justice has arrested Yunhe Wang, 35, for running the 911 S5 botnet, which is linked to fraud, child exploitation and false bomb threats. The network has infected millions of computers since 2014. The operation involved the collaboration of international law enforcement agencies.

EU ATM malware threatens lenders around the worldThe threat of automated malware on ATMsThe "EU ATM Malware" is malicious software that affects ATMs of various brands, with a 99% success rate. Automated and versatile, it threatens global banking security. Banks must update their defenses to counter this threat.

ShrinkLocker: malicious use of BitLocker in latest ransomware variantA new threat uses Windows security features to lock down entire memory drivesShrinkLocker is a new ransomware that uses Windows BitLocker to encrypt entire hard drives, making it difficult to access data without a recovery key. Companies must strengthen security and backup policies to prevent and mitigate such attacks.

"Emerging Threat: Social Media Platforms Vulnerable to New Exploit"New critical exploit discovered that threatens the security of millions of users of social platformsA 0day exploit found on the dark web allows access to Facebook and Instagram, bypassing two-step verification. Originally offered at $1000, it now costs $300.

Dirty Stream: Microsoft identifies new attack on AndroidA new cyber threat threatens the security of Android users through compromised applicationsMicrosoft has discovered a vulnerability in Android devices called "Dirty Stream", which allows attackers to alter data between apps, causing risks such as data theft.

The Akira phenomenon: analysis of the ransomware that shook 2023An in-depth analysis of the impact and techniques of the most dangerous ransomware of 2023The article discusses the Akira ransomware, which emerged in 2023, affecting 250 entities, demanding ransoms of up to $42 million. It uses advanced methods such as vulnerability exploits and phishing to infiltrate and spread within networks.

Kapeka: the new cyber threat from RussiaDiscovering and analyzing a new global cybersecurity challengeThe Kapeka backdoor, identified by WithSecure, is a threat to Windows, linked to the Sandworm group. It disguises itself as a Word add-in and handles malicious operations remotely.

Security flaws: Microsoft Defender and Kaspersky exposedRisk of false positives and data deletion in environments protected by security solutions deemed reliableVulnerabilities in antivirus software from Microsoft and Kaspersky were discovered at the Black Hat Asia event, allowing false positive attacks that delete legitimate files. Despite the patches, the problem persists. Important to have robust backups.

Telegram becomes a playground for Pegasus spyware trafficHighly sophisticated spyware for sale on a popular messaging platform. Apple warns its usersPegasus spyware, created by NSO Group, is now being sold on Telegram by a Russian group for $1.5 million. Apple responded by issuing global security alerts and improving protection strategies for users.

Severe vulnerability in Magento software puts global e-commerce at riskImplications and mitigation strategies for Magento platform usersThe recent bug in Magento, Adobe's e-commerce platform, exposed the data of 160,000 credit cards to security risks. It is essential to regularly update and test your system to protect sensitive information.

New developments and Microsoft solutions against the Spectre v2 attack on WindowsMitigation strategies and configuration recommendations for Windows usersThe new Spectre v2 attack uses "Branch History Injection" to compromise Windows systems. Microsoft has updated procedures to limit this threat by editing the registry.

Telecommunications security: flaw exposes conversations and 2FA to the risk of interceptionRisk of privacy violation through call diversion: measures and industry responsesA flaw in mobile security allows hackers to intercept calls and voice messages, exposing 2FA codes. Experts recommend greater precautions and Verizon promises corrective measures.

iPhone security alert: new spyware foundApple tightens security measures for iPhone usersApple has warned iPhone users in 92 countries about spyware attacks that try to compromise devices remotely. They recommend keeping iOS up to date, using Lockdown Mode, and offer support through Amnesty International.

Serious vulnerability discovered in D-Link NAS devicesHigh risk of cyber attacks for thousands of outdated NAS devicesA security flaw, identified as CVE-2024-3273, affects some no longer supported D-Link NAS models, exposing them to risks such as the execution of arbitrary commands. Over 92 thousand devices are at risk. D-Link recommends replacing obsolete equipment.

Risks in open source: the case of the vulnerability in XzThe malicious incursion demonstrates the challenges in security of open source projects, prompting improvements in vetting practicesThe data compression utility Xz has had a backdoor for three weeks, due to a security flaw involving a single person running it. This has raised questions about open source security and the importance of auditing and shared management.

Security alert: sophisticated phishing campaign hits ItalyAn in-depth analysis reveals the advanced techniques of a cyber attack linked to Iranian entities, alarming Italian companiesIn Italy, a sophisticated phishing campaign, with possible Iranian origins, targets businesses via deceptive emails leading to a malicious link. Advanced techniques such as Persistent XSS are used to steal personal data, prompting caution and security updates.

The rise of zero-day exploits in 2023: An in-depth lookA worrying increase that calls for a decisive reaction from the cybersecurity sectorIn 2023, cyber attacks via zero-day exploits increased by 50% to 97 cases. These attacks, primarily targeting popular platforms and devices, are often linked to government espionage. Google and Mandiant highlight the need to strengthen security.

DoS loop: new threat on UDP protocol puts digital security at risk300,000 systems exposed: how to deal with the innovative attack that exploits UDP vulnerabilitiesCISPA has discovered a cyber attack, called Loop DoS, that targets systems using UDP, causing endless traffic between servers with fake IP addresses. Around 300,000 devices are at risk. Security patches and preventative methodologies are recommended to avoid this.

eSIM under attack: security risks in the mobile sector are growingThe challenge against identity theft in mobile networks: strategies and solutions to safeguard yourselfIn Russia there is an increase in mobile identity theft via eSIMs, used to illegally access banking services. Precaution and security measures such as strong passwords and two-factor authentication are recommended.

Cybersecurity challenges: the impact of GPT-4 on cyber-attacksThe age of advanced AI: how GPT-4 transforms web security paradigms and challenges industry professionalsGPT-4, an advanced artificial intelligence, has demonstrated the ability to hack websites without outside help, surpassing other AI models. This raises concerns about cybersecurity and drives the search for new protection strategies.

The challenges of cybersecurity in the era of artificial intelligenceInnovative tactics: cyberattacks evolve with AIThe article examines how artificial intelligence (AI) is used in advanced cyberattacks, to create personalized phishing emails, fool facial recognition systems, automate brute force attacks and develop self-adaptive malware.

New phishing strategies: malware evolves with Google SitesSophisticated cyber attack tactics: the use of Google Sites and advanced techniques in latest phishing schemeResearchers have discovered a malware campaign that uses fake Google Sites pages to spread AZORult, an information-stealing malware. It uses advanced techniques to avoid detection, aiming to steal sensitive data.

New phishing campaign exploits AWS and GitHub to spread trojansSophisticated techniques and cloud services as vehicles for emerging threatsResearchers have discovered a phishing campaign that leverages AWS and GitHub to spread malware, such as the VCURMS and STRRAT RATs, via deceptive emails. These malware can steal sensitive data and receive commands from cybercriminals.

The zero-day underground market: Microsoft Office security challengesExploring the implications of undisclosed exploits in the Microsoft Office ecosystemA security forum has discovered the sale of a zero-day attack that attacks Microsoft Office. This bug, not known to the creators, allows hackers to execute malicious code. The seller is asking for $200,000 in bitcoin. Zero-days are a serious security threat.

The deep web black market and the new frontier of antivirus evasionThe challenge for IT specialists in countering sophisticated evasion strategies of the main antiviruses@HeartCrypt, on the deep web, offers advanced encryption to evade antivirus like Windows Defender, starting at $20. It promises undetectable .exe files and customizes the stub for each customer.

New attack strategies in Italy: the adaptability of phishingEvolution of cyber attacks: discovering personalized phishing tacticsCERT-AgID reported an evolution in phishing methods called "adaptive phishing", which customizes email attacks to increase their effectiveness, using authentic victim logos and websites.

Silent infiltration: the malicious code epidemic on GitHubImpact of malicious code in repositories: security risks in software developmentCybercriminals have cloned over 100,000 GitHub repositories, inserting malware that steals sensitive data. They use deceptive forks and sophisticated techniques to hide malicious code.

Cyberespionage revealed: China's extended digital surveillanceMassive digital surveillance and influencing operation operated by Chinese entities discoveredA leak has revealed that China uses sophisticated surveillance and propaganda methods against dissidents, spending heavily to spread false information and spy via malware.

LockBit's response to FBI actionsLockBit's technological revenge: post-attack updates and awarenessThe LockBit organization, after being attacked, reveals that it had a security flaw due to an outdated version of PHP and urges systems to be updated.

LockBit's tenacious activity despite global investigationsChallenges and countermeasures in the war against the LockBit cyber criminal groupLockBit, a cybercriminal group, continues to launch attacks despite international legal action. Security specialists have discovered new vulnerabilities exploited by the group and Trend Micro analyzes an advanced version of their malware.

KeyTrap: DNSSEC flaw discovered by researchersThe vulnerability puts the stability of DNSSEC at riskA vulnerability, called KeyTrap, has been discovered in the DNSSEC authentication system, potentially causing disruptions to DNS service. Safety solutions have been implemented to prevent damage.

New wave of ransomware targets IT infrastructuresCyber security on alert: new risks for virtualized infrastructuresMRAGENT is a new ransomware targeting VMware ESXi servers, operated by the RansomHouse cyber gang. These attacks threaten the security of corporate data and require protective measures such as backups and software updates.

The new era of digital vulnerability in ItalyDetailed analysis and preventive measures in the context of the increase in digital crimes in ItalyThe article highlights the 80% increase in cybercrime in Italy in the last three years, underlining the risks to minors and national security, and the need to improve cybersecurity.

Spear phishing attacks targeting Microsoft365 and AzureDefense and training strategies against ingenious cyber fraudThe article discusses the rise of spear phishing attacks against Microsoft365 and Azure users, urging the use of multi-factor authentication and training for prevention.