AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Middle East Low Code No Code Summit TimeAI Summit

Cyber threats

Cyberespionage revealed: China's extended digital surveillanceMassive digital surveillance and influencing operation operated by Chinese entities discoveredA leak has revealed that China uses sophisticated surveillance and propaganda methods against dissidents, spending heavily to spread false information and spy via malware.

LockBit's response to FBI actionsLockBit's technological revenge: post-attack updates and awarenessThe LockBit organization, after being attacked, reveals that it had a security flaw due to an outdated version of PHP and urges systems to be updated.

LockBit's tenacious activity despite global investigationsChallenges and countermeasures in the war against the LockBit cyber criminal groupLockBit, a cybercriminal group, continues to launch attacks despite international legal action. Security specialists have discovered new vulnerabilities exploited by the group and Trend Micro analyzes an advanced version of their malware.

KeyTrap: DNSSEC flaw discovered by researchersThe vulnerability puts the stability of DNSSEC at riskA vulnerability, called KeyTrap, has been discovered in the DNSSEC authentication system, potentially causing disruptions to DNS service. Safety solutions have been implemented to prevent damage.

New wave of ransomware targets IT infrastructuresCyber security on alert: new risks for virtualized infrastructuresMRAGENT is a new ransomware targeting VMware ESXi servers, operated by the RansomHouse cyber gang. These attacks threaten the security of corporate data and require protective measures such as backups and software updates.

The new era of digital vulnerability in ItalyDetailed analysis and preventive measures in the context of the increase in digital crimes in ItalyThe article highlights the 80% increase in cybercrime in Italy in the last three years, underlining the risks to minors and national security, and the need to improve cybersecurity.

Spear phishing attacks targeting Microsoft365 and AzureDefense and training strategies against ingenious cyber fraudThe article discusses the rise of spear phishing attacks against Microsoft365 and Azure users, urging the use of multi-factor authentication and training for prevention.

Android: new variant of Moqhao malware identifiedNew attack methods for the dreaded malware for Android devices revealedA new variant of the Moqhao malware for Android has been discovered. Use advanced techniques to hide in apps and resist resets. It is vital to use secure software and update devices.

Cyber security: combating bank data theftThe growing threat of infostealers in the banking sectorInfostealers are malware that steal sensitive data, such as banking credentials. Banks must use advanced security systems and teach customers to avoid risks. In the event of attacks, rapid reaction plans limit the damage.

Cyber security: the deepfake risk in virtual meetingsPrevention and response strategies to deepfake attacks in virtual conferencesDeepfakes in video conferencing are a threat to corporate security. Advanced systems are used to defend themselves and companies must respect privacy laws by constantly monitoring the network.

FBI alert: couriers are a tool for new fraudsExploitation of delivery services for financial scams: the modus operandi of cyber criminalsThe FBI warns that scammers are posing as tech support workers or officials to convince people, often elderly people, to give them valuable assets such as gold, using couriers.

Windows security alert: Phemedrome malware bypasses Microsoft DefenderTreacherous overtake: Phemedrome malware leaves Microsoft's defenses behindA malware called Phemedrome is attacking Windows systems by exploiting a security flaw in Microsoft Defender SmartScreen to steal data.

New "Kasseika" ransomware tactic discoveredAdvanced Kasseika ransomware attack methodology evades digital defensesA ransomware variant called Kasseika uses a vulnerable driver to disable antivirus and encrypt data. It starts with an email scam and then spreads across the internet. Demands 50 Bitcoin ransom.

Discovery of vulnerable e-commerce sites internationallySecurity measures against the increase in attacks on online sales sitesThe recent operation by Europol and Enisa uncovered measures against "digital skimming" which steals sensitive data from e-commerce sites. They suggest precautions such as updating systems and using protective technologies such as 3D Secure.

Innovative detection method of spyware on iOSDiscover the new frontier of mobile security: iShutdown and the fight against spyware attacks on iPhoneThe Kaspersky laboratory created iShutdown, a method to discover Pegasus spyware on iPhone by analyzing the Shutdown.log system file. It offers non-invasive diagnosis and helps protect against advanced malware.

What is IP Spoofing and the threats it posesAddress sophisticated network security threatsIP spoofing is a cyber attack where the IP address is spoofed to hide the hacker's identity and fool security systems. It is used to steal data or cause disruptions.

Rogueware: the deceptive veil of fake antivirusesStrategies and tips for defending against fake security softwareRogueware is malware that looks like legitimate antivirus and tricks users with false security alerts into paying for a "full" version. It is essential to inform and update security defenses to prevent them.

Security risk: NoaBot affects Linux systemsEmergency in Linux-based systems: NoaBot exploits SSH vulnerabilities for covert cryptocurrency miningNoaBot is a new malware that targets Linux devices for use in cryptocurrency mining. It hides better than other viruses and spreads by cracking weak SSH passwords. Akamai has studied and tracked NoaBot, providing advice on how to recognize and stop it.

Cybersecurity emergency: Google cookies in the sights of hackersSecurity experts alert: Google session data vulnerability under hacker attackA report indicates that there is malware stealing Google session cookies to access user accounts. Even changing your password doesn't stop the attack. Google is working to fix the problem.

AsyncRAT: a large-scale cyber breachInfiltration and evasive strategies: the RAT that threatens digital securityAsyncRAT, a remote access tool for Windows, was used in a cyberattack to infiltrate and steal data from systems, targeting critical infrastructure in the US.

Security alert: malicious packets detected on PyPIPrevention measures and security awareness in response to the cyber threat on PyPIESET has discovered 116 malicious packages on PyPI that could install malware and infostealers to steal data and cryptocurrencies. Developers need to be careful and check the code.

Large-scale theft of cryptocurrencies via phishingAnalysis of sophisticated cybercriminal strategies in the cryptocurrency sectorThe text reports that in 2023 a powerful malware, called "Wallet drainer", caused a loss of 295 million dollars in cryptocurrencies to 324,000 users. There are criminal groups, such as Monkey Drainer and Inferno Drainer, who have perpetrated phishing attacks by evading security systems. Despite advertising...

Discovery of a sophisticated malware attack against iPhonesExploited 4 zero-day vulnerabilities in a multi-faceted deadly malware attack on Apple devicesThe recent “Triangulation” hacker attack targeted iPhone users using undocumented vulnerabilities. The “backdooring” method was used to gain unauthorized access to systems and spread malware via iMessage by exploiting four zero-day vulnerabilities. Analysis revealed that the attacks were successful by expl...

Black Basta decryption: ransomware flaw discovered and decryptor createdSRLabs exposes Black Basta's fake invincibility: compromised encryption offers a bastion of hope for victimsSRLabs researchers have discovered a flaw in the encryption software of the Black Basta ransomware, creating a decryptor to recover encrypted files. The decryptor, called 'Black Basta Buster', exploits a weakness in the encryption algorithm used. However, the flaw has been fixed, preventing the use of...

Agent Tesla: the attack vector exploits Microsoft OfficeExploiting an outdated vulnerability to spread the well-known malwareThe old Microsoft Office vulnerability, CVE-2017-11882, is being used to distribute the Agent Tesla malware. This software flaw threatens to compromise every version of Office released in the last 17 years, including Office 365. Criminals are actively using spam emails to trick users into opening malicious...

ALPHV operational disruption: FBI BlackCat ransomware strikeSuccessful sabotage: FBI and international police forces block the ALPHV criminal networkThe FBI, thanks to extensive international collaboration, hacked the infrastructure of the ALPHV criminal network also known as BlackCat, obtaining keys to decrypt data of ransomware victims. The operation blocked approximately $68 million in extortion. Despite this, ALPHV may reorganize under another...

McAfee and projections on the future of cybersecurity in 2024Deepfake, AI and the new face of online fraud: the cyber security landscape according to McAfeeDigital security firm McAfee warns of future risks related to artificial intelligence: sophisticated attacks called deepfakes, online fraud on social media and a rise in malware and voice fraud. The importance of user training and dynamic security solutions is highlighted.

Malware campaign targets banking informationThe artifice of the attacks has been revealed: between malicious scripts, camouflage and links with DanaBotA recent malware campaign carried out a JavaScript injection attack, targeting 50,000 users at 40 banking institutions around the world. The malware injects a malicious script into the user's browser, modifying banks' web pages and stealing data. Cybercriminals used sophisticated techniques to bypass...

Cyber Warfare fragments: attacks in Africa with MuddyC2GoUnder the radar: operational tactics and emerging tools of the MuddyWater groupIranian hacker group MuddyWater has strengthened attacks on telecommunications in Africa, via a new system called MuddyC2Go. This system, managed remotely, facilitates cyber attacks and spreads through phishing emails or by exploiting vulnerabilities in outdated software. MuddyWater will try to remain...

Play ransomware alert: 300 entities affected, including critical infrastructureThe modus operandi of the Play cybercriminal group and advice for countering its attacksThe FBI, CISA and ASD's ACSC warn against the activities of the Play ransomware cybercriminal group, responsible for cyber breaches globally. The group uses data stolen before the attack as a threat to demand ransom. Agencies recommend implementing multi-factor authentication, software updates, and recovery...

Quishing: defense strategies against QR Code scamsThe growing threat of Quishing: how to protect yourself and navigate safelyThe article addresses the phenomenon of "quishing", online scams using QR Codes. These are scams that induce users to share sensitive data or download malicious software. The FTC suggests precautions for users and experts underline the importance of conscious use of QR Codes.

Critical security update on iOS 17.2Fighting bluetooth threats: Apple fixes critical vulnerabilities with new iOS 17.2 updateThe article describes how a recent iOS update fixed major security vulnerabilities related to Safari and the iPhone kernel. It also highlights how hackers exploited weaknesses in the Bluetooth protocol to launch DoS attacks on the device. Finally, we discuss the role of the manufacturers of Flipper Zero,...

Microsoft identifies Storm-0539 threat in gift card fraudStorm-0539: Sophisticated attacks bypass MFA protection and put gift cards at riskMicrosoft has warned of an increase in malicious activity from the Storm-0539 cyber threat group, which uses sophisticated phishing strategies. After obtaining the first credentials, they manage to bypass MFA protection and access sensitive information.

Critical RCE vulnerability discovered in Apache Struts 2: recommendations and fixesTechnical look at the RCE threat: details, implications and how to protect yourselfHackers are attacking Apache Struts 2, which is vulnerable due to a Remote Code Execution (RCE) flaw. The vulnerability, known as CVE-2023-50164, allows an attacker to upload a malicious file, resulting in an attack. Struts users are advised to update to the correct version as soon as possible to avoid...

The new face of ransomware gangsChallenge to corporations: ransomware gangs go corporateRansomware hackers are changing their tactics, adopting an almost corporate approach to the media. Some groups, such as Royal, the Play, and RansomHouse, actively seek to correct false information about them and put pressure on their victims by publicly exposing them.

Microsoft reports abuse of OAuth for crypto mining and phishingExploiting OAuth for illicit activities: attackers adapt to emerging technologiesMicrosoft has discovered that criminals are using OAuth infrastructure to conduct phishing and cryptocurrency mining attacks, leveraging compromised user accounts to create or alter OAuth applications. Microsoft suggests implementing multi-factor authentication and periodic checks to prevent such...

DeepMind reveals flaw in AI memoriesA critical vulnerability in AI: extractable storage identified in ChatGPTDeepMind has discovered a vulnerability in OpenAI's ChatGPT that can reveal sensitive information stored during its training. Through the repeated use of specific words, the AI could reveal personal data, NSFW content, and more. OpenAI has already taken steps to address the issue.

Generative AI: a new frontier of cybercrimeDouble challenge: the ambivalent role of generative artificial intelligence in cybersecurityThe article explores the risks and opportunities of GAIA (generative artificial intelligence) in cybersecurity. While AI can enhance defense against cyber attacks, it can also arm cybercriminals with more sophisticated tools. Therefore, defense strategies must include sound human training and international...

Bluetooth: the new threat to device securityMalicious people can connect via Bluetooth without your consentCybersecurity research has identified a critical Bluetooth vulnerability affecting various Android, Linux, iOS and macOS devices. Attackers can connect via Bluetooth without the user's consent, thus being able to control the device. Software companies are rolling out corrective patches. To prevent such...

Operation EMMA: global effort against bank fraudGlobal synergy in the fight against financial cybercrimeThe international operation EMMA, supported by Europol, Eurojust and Interpol, intercepted over 10,000 suspicious transactions, arrested more than a thousand people and prevented fraud worth around 32 million euros. The Italian Postal Police has identified 879 "money mules", avoiding fraud worth over...

New P2PInfect botnet variant discovered affecting IoT devicesNew attack and spread tactics: the disturbing evolution of P2PInfectCado Security Labs research reveals a new version of the P2PInfect malware, targeting IoT devices with MIPS processors. Originally attacking vulnerable Redis systems, P2PInfect evolved to brute-force attacks on SSH servers. With strengthened evasion methods and the ability to execute commands on compromised...

Ransomware Turtle on macOS: 360° investigation by expert Patrick WardleAnalysis of the characteristics and potential threats of Turtle ransomware on macOSSecurity analyst Patrick Wardle studied Turtle, a new ransomware for macOS. Wardle believes Turtle was originally designed for Windows and then adapted for macOS. The ransomware isn't particularly sophisticated but can still cause damage, underscoring the importance for Apple users to remain vigilant...

Bluffs: the alarm of the Italian researcher on bluetooth securityBluffs vulnerability revealed: how it risks your privacy through bluetoothThe new Bluetooth system vulnerability, called "Bluffs", was discovered by Italian researcher Daniele Antonioli. This flaw could compromise the security of various devices manufactured since 2014. It relies on the generation of weak security keys, threatening user privacy. Antonioli presented his research...

Agent Raccoon: a new malware in circulationThe complex panorama of his attack techniques and defense strategiesThe article describes the risk posed by Agent Raccoon, a dangerous new malware, which uses advanced techniques such as keyloggers and screenloggers to steal valuable information. Widespread mainly in the USA, it is often conveyed via phishing emails and escapes detection by common antiviruses. The article...

Apple responds to zero-day vulnerabilities with hotfixesApple has taken urgent action to fix two critical security flawsApple has released an urgent update to fix two zero-day vulnerabilities affecting iPhone, iPad and Mac devices. The flaws, located in the WebKit rendering engine, allowed attacks via malicious web pages that could lead to unauthorized memory reading and corruption. code execution. The security updates...

Cyberattacks and cryptocurrency laundering: North Korea's strategySanction evasion strategies and social engineering techniques adoptedThe North Korea-linked Lazarus Group uses technology to steal cryptocurrencies, bypassing sanctions. They stole around $3 billion in 6 years, taking advantage of DeFi systems to mask their tracks.

Introduction to the new SysJoker threatIn-depth analysis reveals evolutions and risks of SysJoker cross-platform malwareA new version of the SysJoker malware has been discovered. It now uses the Rust language to avoid detection and may be linked to hackers associated with Hamas, according to Check Point.

Zero-day network vulnerabilities affect IoT devicesCybersecurity experts reveal new risks for the Internet of ThingsStudio Akamai has discovered two zero-day vulnerabilities in IoT used by criminals to create botnets for DDoS attacks. Security can be improved by changing default passwords.

Google compromise attempt: LummaC2 malware revives cookiesCyber attack strategies are advancing: a potential risk to data securityCybercriminals claim they can "reanimate" expired Google cookies via Lumma malware. The risk is unauthorized access to accounts. Caution advised for users. Google investigates possible vulnerability.

Espionage activities of the russian cyber group APT28Fancy Bear's advanced tactics targeted by cyber security authoritiesA Russian cyber-espionage group, APT28, targets Western entities using advanced, hard-to-detect malware. There is an urgent need for organizations to strengthen their cyber security.