AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Cyber threats

Critical vulnerabilities discovered in Windows ATERA: an invitation to updateComplexity, security and proactive measures in the modern IT landscapeThe ATERA remote monitoring service for Windows has recently been affected by critical vulnerabilities that could allow cybercriminals to access sensitive data. Experts recommend an immediate system update to protect your data. The situation highlights the importance of a proactive approach to security...

HotRat: the insidious danger hidden in non-original softwareUnauthorized remote access to your device through pirated softwareThe article deals with the HotRat malware, a trojan hidden in cracked software. HotRat is capable of bypassing security protocols, allows remote access to your device and can steal sensitive information. It prevents infestation by avoiding downloading cracked software and keeping antivirus software up...

Clop: new increase in criminal activity on the dark webRecent developments in the group's tactics: infiltration, extortion and prevention strategiesThe article concerns the intensification of the activities of the Clop criminal group, known for its cyber extortion attacks. Recently, this group targeted Ipswitch's MOVEit system, a tool for securely exchanging sensitive data. Their method involves a "double extortion", that is, they demand a ransom...

Strengthening the security of BGP: a priority for the IT worldAnalysis of issues related to Border Gateway Protocol (BGP) security and possible solutionsThe article examines the vulnerabilities of the Border Gateway Protocol (BGP), a crucial routing protocol for the Internet, which will be discussed at the upcoming Black Hat conference. Since the weaknesses of BGP could be exploited to compromise data traffic, enhancing the security of BGP with mechanisms...

Zyxel on alert: DDoS botnet attacks on devices are on the riseDisturbing infiltration of DDoS botnets on Zyxel devices revealed: here are countermeasures and security tipsDDoS botnet attacks are on the rise, specifically targeting Zyxel devices. Hackers exploit a firmware bug to control devices and use them in DDoS attacks. Zyxel is releasing firmware updates to correct the problem, but users are advised to be vigilant.

How the Lazarus group is leveraging GitHub for targeted attacksCyber security: Lazarus group aims to compromise developers on GitHubThe North Korean hacker group, Lazarus, is targeting developers on GitHub with malicious projects. Hackers use GitHub and social networks to pitch legitimate-looking software development projects that contain malicious code. Developers need to source the projects they use, use antivirus software, and...

Challenging cybersecurity: the audacity of SophosEncrypt ransomwareChallenge to the last bit: the tech community mobilizes against the threat of SophosEncryptSophosEncrypt is a ransomware that mocks security experts with its advanced attack techniques. Encrypts host files and destroys the originals, before renaming them. It uses the RSA algorithm and can process up to four threads simultaneously, making data encryption very fast. Security experts already...

The emergence of serious vulnerabilities in Adobe ColdFusion softwareUnder attack: how Adobe's software flaws put companies' IT security at riskThe article talks about the serious vulnerabilities discovered in Adobe ColdFusion software, which can be exploited to conduct cyber attacks. Emphasize the importance of installing the security patches released by Adobe to address these issues, to reduce the risk of attacks. Indicates the need for proactive...

WooCommerce in the crosshairs: the active defense against cyber attacksUnderstand and fight back: effective defense strategies against WooCommerce cyber-attacksThe report highlights the increasing use of the WooCommerce platform by cybercriminals to carry out attacks through vulnerable plugins. Stresses the importance of constant updating to avoid software flaws and recommends proactive security measures to fight back.

Analysis and defense against attacks of malicious USB drives in cyberspaceAttack strategies and defense methods against malicious USB drivesThe article analyzes the risks associated with the use of infected USBs, devices used to steal sensitive data through malware or by exploiting host driver vulnerabilities. As a defense, he suggests updating software, using antivirus, and immediately disconnecting suspicious USBs, stressing the importance...

Staggering speed: how Gamaredon hackers mine data in just 30 minutesThe group's rapid data theft techniques revealed: here's how to defend yourselfThe article analyzes the data theft techniques used by the hacker group Gamaredon, capable of stealing data in just 30 minutes. The use of phishing, backdoors and data harvesting scripts is discussed, stressing the importance of proper security measures.

WormGPT: a new AI tool that makes hackers nerve-wrackingCybersecurity at risk: the challenges posed by the new AI toolThe article discusses WormGPT, an artificial intelligence tool that can execute scripts automatically, potentially helping hackers penetrate computer systems. Despite the operational benefits, WormGPT has raised security concerns. The article thus highlights the importance of implementing security countermeasures...

Computer research explains how to divert a satelliteLeveraging technology: the challenge of security in satellite systemsA group of researchers has shown that it is possible to hijack control of a satellite through a complicated process. This involves setting up a ground radio station to intercept and send signals to the satellite. The main challenge has been cracking the encryption that protects communications. This discovery...

TikTok vulnerability: security scenario overview and attack techniquesSubmerged in exploits: lights and shadows on TikTok's cybersecurityThe article analyzes the security vulnerabilities of the TikTok platform. Attack techniques such as dismantling user authentication, SQL injection and manipulation of followers are emphasized. Possible consequences are also reported, such as theft of sensitive information and an example of SMS phishing....

Protecting the internet telephone registry: strategies for DNS securityDNS attack universe unveiled: understanding, preventing, and mitigating cyber-assaults riskyThe article deals with the security of the Domain Name System (DNS), essential for internet browsing. It shows how bad actors can exploit DNS weaknesses to divert traffic or launch DDoS attacks. Defense requires an approach that includes attack prevention, detection, and mitigation. Finally, the importance...

Avrecon: the new botnet that threatens SOHO routersInfestation techniques and defense strategiesA new botnet called Avrecon is aiming to infect SOHO routers. It uses attacking techniques wisely to access your system through weak network ports. Once infiltrated, it performs further attacks on other machines. To combat Avrecon it is essential to keep the security measures of the routers and firmware...

QuickBlox API: data security at riskA flaw in the QuickBlox framework API puts the personal information of millions of users at riskA critical flaw has been discovered in the QuickBlox framework, which could compromise the personal data of millions of users. The vulnerability existed in the system API and was discovered during read and write operations on specific QuickBlox entities. The company took prompt action to fix the flaw...

Chinese hackers and Microsoft's tools: new tactics in actionWhen cyberattacks exploit Microsoft's seal of trustThe article highlights how Chinese hackers are using tools signed by Microsoft to bypass security protocols and infiltrate systems. Microsoft has responded with investigations and security updates. The article highlights the importance of constant updates and user education to deal with these increasingly...

PyLoose: the new Python-based fileless attackAre you on the lookout for suspicious files? That's why you should fear even the invisible onesThe article deals with PyLoose, a new type of attack based on the Python programming language. The attack is "fileless", known as fileless, making it difficult to trace. PyLoose compromises the security of data, accessible with advanced techniques, highlighting the importance of adequate security protocols...

BEC: the insidious danger of email scams in the corporate sectorThe sophistication of Business Email Compromise: defense strategies against email scamsThe article discusses the threat of Business Email Compromise (BEC) scams in the corporate world. BEC scams use sophisticated psychological manipulation and social engineering to trick victims into sharing sensitive data or performing financial transactions. The impact on companies can be severe, risking...

Microsoft alarm: zero-day attacks against the Office packageMicrosoft on alert for zero-day vulnerabilities: hacker control over systems is possibleMicrosoft has warned about a severe, unpatched 'zero-day' vulnerability (CVE-2021-40444) in its Office software. The bug, which affects Microsoft's popular Office suite, allows hackers to control user systems using malicious code embedded in Word documents. With currently no available fix, Microsoft...

Russia-linked cyber agent RomCom attacks Ukraine supporters during NATO 2023 summitUsing sophisticated spear-phishing tactics, RomCom distributed targeted remote access trojan to Vilnius, Lithuania summit delegatesThe Russia-linked cyber group, RomCom, has reportedly targeted supporters of Ukraine, including attendees of the NATO 2023 summit. They spread a malicious document via spear-phishing and exploited a Microsoft vulnerability for a remote code execution attack. BlackBerry's cybersecurity unit unveiled these...

Big Head: the new fast-spreading multi-functional ransomwareAn advanced ransomware has been detected hiding behind fake Windows update notifications and Word installations. Widespread mainly in the USA, Spain, France and TürkiyeThe article discusses a new type of ransomware, Big Head, which poses a threat through simulated Windows updates and counterfeit software. The malware releases encrypted binaries to spread and disable protections. Variants also include data theft capabilities and additional file infection for attacking...

Proxyjacking: the emerging cyber threat and how to protect yourselfDiscovered a new form of cyber attack: what Akamai's analysis revealsThe article discusses "proxyjacking", a stealthy cyber threat, which uses victims' bandwidth for profit. Researchers at Akamai's SIRT detected this during honeypot monitoring, noticing the use of a double Base64-encoded Bash script to evade detection. The article suggests using strong passwords, regular...

Online fraud and identity theft: the emerging problem of cybercrimeThe silent rise of cyber fraud: from credit fraud to identity theftThe article discusses the growing problem of cyber fraud, specifically identity theft and credit fraud in Italy. The data shows a 20% increase in credit fraud cases in 2022. The conducted scams caused an estimated damage of 132 million euros. Potential solutions include implementing mitigation strategies...

The dark side of ChatGPT: risks and implications for IT securityHow ChatGPT can be exploited to put computer security at riskChatGPT, while useful, also presents various security risks. Its capabilities can be exploited by cybercriminals to create phishing messages and generate malicious code, including malware and ransomware. Furthermore, it can inadvertently aid in identifying vulnerabilities for exploitation. As it's accessible...

The rapid expansion of attacks with BlackByte 2.0 ransomwareThe incisive techniques used in BlackByte 2.0 ransomware and the proposed defensive strategiesThe article discusses the increasing threat of BlackByte 2.0 ransomware attacks. This rapid and potent type of cyberattack can breach and download significant data within 5 days. Attackers exploit weaknesses in Microsoft Exchange servers and use advanced tools like web shells and Cobalt Strike beacons...

Implications of fileless attacks: a detailed analysisDecode fileless attack techniques and effective defense strategiesThe article discusses 'fileless attacks', a new type of cyber threat that do not deliver malicious files but compromise applications and scripts on target systems. They use system tools like PowerShell, WMI, and Office document macros for infiltration and operate directly in a system's memory, leaving...

CISA warns: "hackers exploit known vulnerability in Netwrix Auditor software"Insight into the cyber response to the eminent danger of the Netwrix Auditor breachThe US Cybersecurity Agency, CISA, has warned that cybercriminals are exploiting a known vulnerability in Netwrix Auditor software to spread Truebot malware across US and Canadian organizations. This loophole, discovered a year ago, can enable hackers to infiltrate an entire Active Directory domain....

Rise of cyber attacks: digital India on the frontlineAs India accelerates its digital transformation to become a global player, cyber security emerges as an urgent challengeThe rapid digitization of industries in India has led to an increase in cyber-attacks, causing significant impacts on businesses including production halts and revenue losses. Many companies had neglected cybersecurity but following the rise in attacks, there's a growing demand for preventative security...

Electric vehicle charging stations: new target for hackersAs the electric car industry grows, new challenges emerge: the safety of charging stations becomes a pressing issueThe increase in electric vehicle usage is causing new security issues, notably hacking of charging stations. Cybersecurity experts warn these hacks could access personal data or manipulate the power supply, causing grid instabilities. Responsibility for security lies primarily with station manufacturers,...

DDoSia evolves: new version threatens global cybersecurityUpgraded DDoSia attack tool obscures targets, expands reach, and heightens the cyber threat landscape across multiple nations and industriesThe DDoSia attack tool, linked to a pro-Russian hacker group, has been updated to fetch a concealed list of target websites from command servers, escalating cybersecurity threats. Originally designed for distributed-denial-of-service attacks, DDoSia's victims are increasingly broad and global. The tool's...

Fight against cybercrime: urgent for family officesNew digital threats emerge: How family offices can weather the wave of cyber attacks and protect their assetsIn the digital age we live in, just opening an internet browser can expose us to security risks. For family offices, which manage large estates, this vulnerability can be even more insidious. According to Boston Private, 26% of these offices have suffered a cyberattack, and for nearly two-thirds of them,...

Creepy evolution: Rustbucket malware updatesSecurity experts discover a new variant of Rustbucket malware for macOS, which stands out for its sophisticated persistence and ability to evade security measuresIn a recent revelation, researchers have unveiled an enhanced version of an Apple macOS malware named Rustbucket. This upgraded variant exhibits superior capabilities that strengthen its persistence on infected systems and allow it to evade detection by security tools. The Rustbucket malware family,...

The rise of Midnight Blizzard's cyber attacks: Microsoft alertsA dramatic increase in intrusions conducted by the Russian hacker group is reported; the techniques used become increasingly sophisticated and disguisedMicrosoft has revealed a dramatic increase in credential-stealing attacks perpetrated by the state-affiliated Russian hacker group known as the Midnight Blizzard. These attacks use residential proxy services to mask the source IP address, targeting governments, IT service providers, NGOs, defense sectors...

Global attack on mobile banking: Anatsa trojan infects Google PlaySophisticated malware aims to steal sensitive data from more than 600 banking applications via malicious droppers on Google PlayAndroid users in at least five countries have been targeted by the Anatsa banking trojan through malicious vaults uploaded to Google Play. This alarming news was reported by ThreatFabric, a company that specializes in detecting computer threats. The identified repositories, which have achieved over 30,000...

Cyber scam alert: WhatsApp Pink threatens Android usersMumbai Police Issue Emergency Alert Against Dangerous WhatsApp Pink Scam: Here's How To Protect YourselfMumbai Police has issued a red alert notice for Android users who have downloaded WhatsApp Pink, warning of the potential repercussions of this scam.Scam emergency: Mumbai issues red alert for WhatsApp PinkIn a new wave of fraudulent activity, the Mumbai Police recently issued a red alert for Android...

Profitable companies targeted by cybercriminals: risks and impacts of cybercrimeAnalysis by the American Enterprise Institute reveals how large companies with significant financial resources are preferred targets for cyber attacks, with serious economic repercussions on the entire...Research by the American Enterprise Institute (AEI) think tank has shown that cybercriminals tend to attack highly profitable companies with abundant cash reserves and which invest generously in advertising. Analysis of cyber attacks from January 1999 to January 2022 suggests that cyber threat actors...

Volt Typhoon: the emerging chinese cyber-espionage threatDetailed analysis reveals advanced hacking techniques used by Volt Typhoon, a new chinese cyber-espionage group, also known as Vanguard PandaA new Chinese state actor in the cyber warfare landscape, known as Volt Typhoon, has been recently discovered and has been active since 2020. This group of hackers has shown unprecedented operational techniques to maintain remote access to its targets. The findings come from CrowdStrike, which keeps...

Cyber security: six new vulnerabilities in the US Agency catalogApple, VMware and Zyxel involved: CISA's list of known and exploited vulnerabilities is updated with six new flaws highlighted by cyber espionage activitiesThe US Information Security and Infrastructure Security Agency (CISA) recently updated its catalog of Known and Exploited Vulnerabilities (KEV), including six new flaws. The decision was made based on evidence of active exploitation of the vulnerabilities.Three Apple vulnerabilities, two in VMware and...

Financial scam: courier companies in the crosshairsNew online threat: Zerodha CEO reveals alarming fraud exploiting FedEx and Blue Dart namesFinancial fraud, increasingly sophisticated in the age of the pervasive internet, has become a regular phenomenon. The latest in chronological order involves courier companies, with a scam that is rapidly spreading.Under the name of FedEx: a worrying example from the CEO of ZerodhaNithin Kamath, co-founder...

Firmware backdoor discovered in Gigabyte motherboards: what to do to protect dataThe security risk to your personal data is high: here's what to do to prevent unauthorized accessA firmware backdoor has been discovered in several motherboards manufactured by Gigabyte, one of the world's largest manufacturers. The firmware backdoor would be present on 271 motherboard models, including the most used ones for high-end gaming PCs from the Aorus and Gaming brands. PCs that use these...

MULTI#STORM: new phishing attack targets India and the United StatesSophisticated cyber attack using JavaScript files exploits RATs like Warzone and Quasar to compromise digital systems, creating pitfalls for unwitting usersA recent phishing campaign, identified as MULTI#STORM, has launched a targeted attack on India and the United States. Using JavaScript files, the attack aims to introduce remote access Trojans into compromised systems. Securonix researchers, including Den Iuzvyk, Tim Peck, and Oleg Kolesnikov, noted...

Russian hackers attack ukrainian infrastructure: Roundcube software is the targetRussian APT group exploits open-source webmail vulnerabilities to infiltrate ukrainian government and military entitiesA well-known Advanced Persistent Attack (APT) group, linked to the Russian government, has been discovered exploiting security vulnerabilities in the open-source email software Roundcube to spy on organizations in Ukraine. These include government institutions and military entities involved in aviation...

Diicot cybercriminals unleashing a new wave of DDoS attacksRomanian threat actor Diicot exhibits enhanced capabilities and diversified attack strategies, posing significant cybersecurity concernsIn the realm of cybersecurity, researchers have unearthed some new payloads that have not been recorded before, tied to a Romanian cyber threat group referred to as Diicot. This group is suspected to be capable of initiating distributed denial-of-service (DDoS) attacks. The name Diicot carries significant...

Mystic Stealer - the new emerging cyberthreatSophisticated malware for rent on hacking forums and the darknet, with worrying impact on browsers, cryptocurrencies and password managersSince April 2023, an emerging malware called Mystic Stealer has been rapidly spreading among the cybercriminal community. This malicious software is offered for rent for $150 a month on darknet hidden markets and hacking forums. Its victims include 40 web browsers, 70 browser extensions, 21 cryptocurrency...

Safe surfing in the sea of telecommuting: 10 key cyberthreatsDiscover the most frequent risks of remote working to protect your data and keep your digital security barrier strongWith the rise of remote working, catalysed by the Covid-19 pandemic, cybersecurity has become critical for businesses. While telecommuting offers work flexibility and cost savings, it also introduces a number of cybersecurity risks that need to be addressed. In this article, we'll explore the 10 most...

Misinformation and cybersecurity: the dark connectionDeciphering the role of disinformation in cybersecurity threats and social engineeringThe global landscape is increasingly subject to the phenomenon of disinformation, which has caused many discussions over the years. Prominent politicians, such as Donald Trump with his constant claims of "fake news" or Vladimir Putin with his provocative rhetorical style, have fueled this issue. Furthermore,...

Diicot: from cryptojacking to DDoS attacksRomanian threat group extends its capabilities: new attack strategy details and defense adviceCybersecurity researchers have identified previously undocumented workloads linked to Diicot, a Romanian threat group, highlighting the group's potential to launch Distributed Denial of Service (DDoS) attacks. The name Diicot has a certain relevance, as it coincides with the name of the Romanian police...

Innovation in cybercrime in the post-pandemic eraAttackers adapt to new technological realities: from the decay of Office macros to the rise of multi-factor authentication bypass and cloud threatsAs COVID-19-related medical and economic measures have eased, attackers have had to reinvent themselves to find new ways to make money, honing their social engineering skills, commodifying once-sophisticated attacking techniques, and creatively seeking new opportunities in unexpected. In 2022, the cyber-attack...