AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Cyber threats

The Akira phenomenon: analysis of the ransomware that shook 2023An in-depth analysis of the impact and techniques of the most dangerous ransomware of 2023The article discusses the Akira ransomware, which emerged in 2023, affecting 250 entities, demanding ransoms of up to $42 million. It uses advanced methods such as vulnerability exploits and phishing to infiltrate and spread within networks.

Kapeka: the new cyber threat from RussiaDiscovering and analyzing a new global cybersecurity challengeThe Kapeka backdoor, identified by WithSecure, is a threat to Windows, linked to the Sandworm group. It disguises itself as a Word add-in and handles malicious operations remotely.

Security flaws: Microsoft Defender and Kaspersky exposedRisk of false positives and data deletion in environments protected by security solutions deemed reliableVulnerabilities in antivirus software from Microsoft and Kaspersky were discovered at the Black Hat Asia event, allowing false positive attacks that delete legitimate files. Despite the patches, the problem persists. Important to have robust backups.

Telegram becomes a playground for Pegasus spyware trafficHighly sophisticated spyware for sale on a popular messaging platform. Apple warns its usersPegasus spyware, created by NSO Group, is now being sold on Telegram by a Russian group for $1.5 million. Apple responded by issuing global security alerts and improving protection strategies for users.

Severe vulnerability in Magento software puts global e-commerce at riskImplications and mitigation strategies for Magento platform usersThe recent bug in Magento, Adobe's e-commerce platform, exposed the data of 160,000 credit cards to security risks. It is essential to regularly update and test your system to protect sensitive information.

New developments and Microsoft solutions against the Spectre v2 attack on WindowsMitigation strategies and configuration recommendations for Windows usersThe new Spectre v2 attack uses "Branch History Injection" to compromise Windows systems. Microsoft has updated procedures to limit this threat by editing the registry.

Telecommunications security: flaw exposes conversations and 2FA to the risk of interceptionRisk of privacy violation through call diversion: measures and industry responsesA flaw in mobile security allows hackers to intercept calls and voice messages, exposing 2FA codes. Experts recommend greater precautions and Verizon promises corrective measures.

iPhone security alert: new spyware foundApple tightens security measures for iPhone usersApple has warned iPhone users in 92 countries about spyware attacks that try to compromise devices remotely. They recommend keeping iOS up to date, using Lockdown Mode, and offer support through Amnesty International.

Serious vulnerability discovered in D-Link NAS devicesHigh risk of cyber attacks for thousands of outdated NAS devicesA security flaw, identified as CVE-2024-3273, affects some no longer supported D-Link NAS models, exposing them to risks such as the execution of arbitrary commands. Over 92 thousand devices are at risk. D-Link recommends replacing obsolete equipment.

Risks in open source: the case of the vulnerability in XzThe malicious incursion demonstrates the challenges in security of open source projects, prompting improvements in vetting practicesThe data compression utility Xz has had a backdoor for three weeks, due to a security flaw involving a single person running it. This has raised questions about open source security and the importance of auditing and shared management.

Security alert: sophisticated phishing campaign hits ItalyAn in-depth analysis reveals the advanced techniques of a cyber attack linked to Iranian entities, alarming Italian companiesIn Italy, a sophisticated phishing campaign, with possible Iranian origins, targets businesses via deceptive emails leading to a malicious link. Advanced techniques such as Persistent XSS are used to steal personal data, prompting caution and security updates.

The rise of zero-day exploits in 2023: An in-depth lookA worrying increase that calls for a decisive reaction from the cybersecurity sectorIn 2023, cyber attacks via zero-day exploits increased by 50% to 97 cases. These attacks, primarily targeting popular platforms and devices, are often linked to government espionage. Google and Mandiant highlight the need to strengthen security.

DoS loop: new threat on UDP protocol puts digital security at risk300,000 systems exposed: how to deal with the innovative attack that exploits UDP vulnerabilitiesCISPA has discovered a cyber attack, called Loop DoS, that targets systems using UDP, causing endless traffic between servers with fake IP addresses. Around 300,000 devices are at risk. Security patches and preventative methodologies are recommended to avoid this.

eSIM under attack: security risks in the mobile sector are growingThe challenge against identity theft in mobile networks: strategies and solutions to safeguard yourselfIn Russia there is an increase in mobile identity theft via eSIMs, used to illegally access banking services. Precaution and security measures such as strong passwords and two-factor authentication are recommended.

Cybersecurity challenges: the impact of GPT-4 on cyber-attacksThe age of advanced AI: how GPT-4 transforms web security paradigms and challenges industry professionalsGPT-4, an advanced artificial intelligence, has demonstrated the ability to hack websites without outside help, surpassing other AI models. This raises concerns about cybersecurity and drives the search for new protection strategies.

The challenges of cybersecurity in the era of artificial intelligenceInnovative tactics: cyberattacks evolve with AIThe article examines how artificial intelligence (AI) is used in advanced cyberattacks, to create personalized phishing emails, fool facial recognition systems, automate brute force attacks and develop self-adaptive malware.

New phishing strategies: malware evolves with Google SitesSophisticated cyber attack tactics: the use of Google Sites and advanced techniques in latest phishing schemeResearchers have discovered a malware campaign that uses fake Google Sites pages to spread AZORult, an information-stealing malware. It uses advanced techniques to avoid detection, aiming to steal sensitive data.

New phishing campaign exploits AWS and GitHub to spread trojansSophisticated techniques and cloud services as vehicles for emerging threatsResearchers have discovered a phishing campaign that leverages AWS and GitHub to spread malware, such as the VCURMS and STRRAT RATs, via deceptive emails. These malware can steal sensitive data and receive commands from cybercriminals.

The zero-day underground market: Microsoft Office security challengesExploring the implications of undisclosed exploits in the Microsoft Office ecosystemA security forum has discovered the sale of a zero-day attack that attacks Microsoft Office. This bug, not known to the creators, allows hackers to execute malicious code. The seller is asking for $200,000 in bitcoin. Zero-days are a serious security threat.

The deep web black market and the new frontier of antivirus evasionThe challenge for IT specialists in countering sophisticated evasion strategies of the main antiviruses@HeartCrypt, on the deep web, offers advanced encryption to evade antivirus like Windows Defender, starting at $20. It promises undetectable .exe files and customizes the stub for each customer.

New attack strategies in Italy: the adaptability of phishingEvolution of cyber attacks: discovering personalized phishing tacticsCERT-AgID reported an evolution in phishing methods called "adaptive phishing", which customizes email attacks to increase their effectiveness, using authentic victim logos and websites.

Silent infiltration: the malicious code epidemic on GitHubImpact of malicious code in repositories: security risks in software developmentCybercriminals have cloned over 100,000 GitHub repositories, inserting malware that steals sensitive data. They use deceptive forks and sophisticated techniques to hide malicious code.

Cyberespionage revealed: China's extended digital surveillanceMassive digital surveillance and influencing operation operated by Chinese entities discoveredA leak has revealed that China uses sophisticated surveillance and propaganda methods against dissidents, spending heavily to spread false information and spy via malware.

LockBit's response to FBI actionsLockBit's technological revenge: post-attack updates and awarenessThe LockBit organization, after being attacked, reveals that it had a security flaw due to an outdated version of PHP and urges systems to be updated.

LockBit's tenacious activity despite global investigationsChallenges and countermeasures in the war against the LockBit cyber criminal groupLockBit, a cybercriminal group, continues to launch attacks despite international legal action. Security specialists have discovered new vulnerabilities exploited by the group and Trend Micro analyzes an advanced version of their malware.

KeyTrap: DNSSEC flaw discovered by researchersThe vulnerability puts the stability of DNSSEC at riskA vulnerability, called KeyTrap, has been discovered in the DNSSEC authentication system, potentially causing disruptions to DNS service. Safety solutions have been implemented to prevent damage.

New wave of ransomware targets IT infrastructuresCyber security on alert: new risks for virtualized infrastructuresMRAGENT is a new ransomware targeting VMware ESXi servers, operated by the RansomHouse cyber gang. These attacks threaten the security of corporate data and require protective measures such as backups and software updates.

The new era of digital vulnerability in ItalyDetailed analysis and preventive measures in the context of the increase in digital crimes in ItalyThe article highlights the 80% increase in cybercrime in Italy in the last three years, underlining the risks to minors and national security, and the need to improve cybersecurity.

Spear phishing attacks targeting Microsoft365 and AzureDefense and training strategies against ingenious cyber fraudThe article discusses the rise of spear phishing attacks against Microsoft365 and Azure users, urging the use of multi-factor authentication and training for prevention.

Android: new variant of Moqhao malware identifiedNew attack methods for the dreaded malware for Android devices revealedA new variant of the Moqhao malware for Android has been discovered. Use advanced techniques to hide in apps and resist resets. It is vital to use secure software and update devices.

Cyber security: combating bank data theftThe growing threat of infostealers in the banking sectorInfostealers are malware that steal sensitive data, such as banking credentials. Banks must use advanced security systems and teach customers to avoid risks. In the event of attacks, rapid reaction plans limit the damage.

Cyber security: the deepfake risk in virtual meetingsPrevention and response strategies to deepfake attacks in virtual conferencesDeepfakes in video conferencing are a threat to corporate security. Advanced systems are used to defend themselves and companies must respect privacy laws by constantly monitoring the network.

FBI alert: couriers are a tool for new fraudsExploitation of delivery services for financial scams: the modus operandi of cyber criminalsThe FBI warns that scammers are posing as tech support workers or officials to convince people, often elderly people, to give them valuable assets such as gold, using couriers.

Windows security alert: Phemedrome malware bypasses Microsoft DefenderTreacherous overtake: Phemedrome malware leaves Microsoft's defenses behindA malware called Phemedrome is attacking Windows systems by exploiting a security flaw in Microsoft Defender SmartScreen to steal data.

New "Kasseika" ransomware tactic discoveredAdvanced Kasseika ransomware attack methodology evades digital defensesA ransomware variant called Kasseika uses a vulnerable driver to disable antivirus and encrypt data. It starts with an email scam and then spreads across the internet. Demands 50 Bitcoin ransom.

Discovery of vulnerable e-commerce sites internationallySecurity measures against the increase in attacks on online sales sitesThe recent operation by Europol and Enisa uncovered measures against "digital skimming" which steals sensitive data from e-commerce sites. They suggest precautions such as updating systems and using protective technologies such as 3D Secure.

Innovative detection method of spyware on iOSDiscover the new frontier of mobile security: iShutdown and the fight against spyware attacks on iPhoneThe Kaspersky laboratory created iShutdown, a method to discover Pegasus spyware on iPhone by analyzing the Shutdown.log system file. It offers non-invasive diagnosis and helps protect against advanced malware.

What is IP Spoofing and the threats it posesAddress sophisticated network security threatsIP spoofing is a cyber attack where the IP address is spoofed to hide the hacker's identity and fool security systems. It is used to steal data or cause disruptions.

Rogueware: the deceptive veil of fake antivirusesStrategies and tips for defending against fake security softwareRogueware is malware that looks like legitimate antivirus and tricks users with false security alerts into paying for a "full" version. It is essential to inform and update security defenses to prevent them.

Security risk: NoaBot affects Linux systemsEmergency in Linux-based systems: NoaBot exploits SSH vulnerabilities for covert cryptocurrency miningNoaBot is a new malware that targets Linux devices for use in cryptocurrency mining. It hides better than other viruses and spreads by cracking weak SSH passwords. Akamai has studied and tracked NoaBot, providing advice on how to recognize and stop it.

Cybersecurity emergency: Google cookies in the sights of hackersSecurity experts alert: Google session data vulnerability under hacker attackA report indicates that there is malware stealing Google session cookies to access user accounts. Even changing your password doesn't stop the attack. Google is working to fix the problem.

AsyncRAT: a large-scale cyber breachInfiltration and evasive strategies: the RAT that threatens digital securityAsyncRAT, a remote access tool for Windows, was used in a cyberattack to infiltrate and steal data from systems, targeting critical infrastructure in the US.

Security alert: malicious packets detected on PyPIPrevention measures and security awareness in response to the cyber threat on PyPIESET has discovered 116 malicious packages on PyPI that could install malware and infostealers to steal data and cryptocurrencies. Developers need to be careful and check the code.

Large-scale theft of cryptocurrencies via phishingAnalysis of sophisticated cybercriminal strategies in the cryptocurrency sectorThe text reports that in 2023 a powerful malware, called "Wallet drainer", caused a loss of 295 million dollars in cryptocurrencies to 324,000 users. There are criminal groups, such as Monkey Drainer and Inferno Drainer, who have perpetrated phishing attacks by evading security systems. Despite advertising...

Discovery of a sophisticated malware attack against iPhonesExploited 4 zero-day vulnerabilities in a multi-faceted deadly malware attack on Apple devicesThe recent “Triangulation” hacker attack targeted iPhone users using undocumented vulnerabilities. The “backdooring” method was used to gain unauthorized access to systems and spread malware via iMessage by exploiting four zero-day vulnerabilities. Analysis revealed that the attacks were successful by expl...

Black Basta decryption: ransomware flaw discovered and decryptor createdSRLabs exposes Black Basta's fake invincibility: compromised encryption offers a bastion of hope for victimsSRLabs researchers have discovered a flaw in the encryption software of the Black Basta ransomware, creating a decryptor to recover encrypted files. The decryptor, called 'Black Basta Buster', exploits a weakness in the encryption algorithm used. However, the flaw has been fixed, preventing the use of...

Agent Tesla: the attack vector exploits Microsoft OfficeExploiting an outdated vulnerability to spread the well-known malwareThe old Microsoft Office vulnerability, CVE-2017-11882, is being used to distribute the Agent Tesla malware. This software flaw threatens to compromise every version of Office released in the last 17 years, including Office 365. Criminals are actively using spam emails to trick users into opening malicious...

ALPHV operational disruption: FBI BlackCat ransomware strikeSuccessful sabotage: FBI and international police forces block the ALPHV criminal networkThe FBI, thanks to extensive international collaboration, hacked the infrastructure of the ALPHV criminal network also known as BlackCat, obtaining keys to decrypt data of ransomware victims. The operation blocked approximately $68 million in extortion. Despite this, ALPHV may reorganize under another...

McAfee and projections on the future of cybersecurity in 2024Deepfake, AI and the new face of online fraud: the cyber security landscape according to McAfeeDigital security firm McAfee warns of future risks related to artificial intelligence: sophisticated attacks called deepfakes, online fraud on social media and a rise in malware and voice fraud. The importance of user training and dynamic security solutions is highlighted.

Malware campaign targets banking informationThe artifice of the attacks has been revealed: between malicious scripts, camouflage and links with DanaBotA recent malware campaign carried out a JavaScript injection attack, targeting 50,000 users at 40 banking institutions around the world. The malware injects a malicious script into the user's browser, modifying banks' web pages and stealing data. Cybercriminals used sophisticated techniques to bypass...