New Malvertising Campaign Distributing Trojanized IT Tools via Google and Bing Search Ads

A new malvertising campaign has been observed leveraging ads on Google Search and Bing to target users seeking IT tools like AnyDesk, Cisco AnyConnect VPN, and WinSCP, and trick them into downloading trojanized installers with an aim to breach enterprise networks and likely carry out future ransomware attacks. Dubbed Nitrogen, the “opportunistic” activity is designed to […]

GameOver(lay): Two Severe Linux Vulnerabilities Impact 40% of Ubuntu Users

Cybersecurity researchers have disclosed two high-severity security flaws in the Ubuntu kernel that could pave the way for local privilege escalation attacks. Cloud security firm Wiz, in a report shared with The Hacker News, said the easy-to-exploit shortcomings have the potential to impact 40% of Ubuntu users. “The impacted Ubuntu versions are prevalent in the cloud as […]

The 4 Keys to Building Cloud Security Programs That Can Actually Shift Left

As cloud applications are built, tested and updated, they wind their way through an ever-complex series of different tools and teams. Across hundreds or even thousands of technologies that make up the patchwork quilt of development and cloud environments, security processes are all too often applied in only the final phases of software development.  Placing […]

Group-IB Co-Founder Sentenced to 14 Years in Russian Prison for Alleged High Treason

A city court in Moscow on Wednesday convicted Group-IB co-founder and CEO Ilya Sachkov of “high treason” and jailed him for 14 years in a “strict regime colony” over accusations of passing information to foreign spies. “The court found Sachkov guilty under Article 275 of the Russian Criminal Code (high treason) sentencing him to 14 […]

Hackers Target Apache Tomcat Servers for Mirai Botnet and Crypto Mining

Misconfigured and poorly secured Apache Tomcat servers are being targeted as part of a new campaign designed to deliver the Mirai botnet malware and cryptocurrency miners. The findings come courtesy of Aqua, which detected more than 800 attacks against its Tomcat server honeypots over a two-year time period, with 96% of the attacks linked to the Mirai […]

New SEC Rules Require U.S. Companies to Reveal Cyber Attacks Within 4 Days

The U.S. Securities and Exchange Commission (SEC) on Wednesday approved new rules that require publicly traded companies to publicize details of a cyber attack within four days of identifying that it has a “material” impact on their finances, marking a major shift in how computer breaches are disclosed. “Whether a company loses a factory in […]

60,000 Androids have stalkerware-type app Spyhide installed

Stalkerware-type app Spyhide is coded so badly that it’s possible to gain access to the back-end databases and retrieve data about everyone that has the app on their device. And it’s not a small number. Hacktivist maia arson crimew told TechCrunch she’d found 60,000 compromised Android devices, dating back to 2016. Spyhide, like many other stalkerware-type apps “silently and […]

Ransomware groups claim responsibility for double-attack on Yamaha

Music giant Yamaha’s Canadian division has experienced a compromise on two different fronts, both related to ransomware. In an attack which has worrying echoes of the recent Estée Lauder attack, multiple attackers have claimed to breach the organisation. Yamaha Canada Music had the following to say in a statement: Yamaha Canada Music Ltd. recently encountered […]

Group-IB Founder Ilya Sachkov Jailed for 14 Years in Russia

By Waqas Ilya Sachkov was accused of treason by Russian authorities for providing classified cybersecurity data to a foreign intelligence firm. This is a post from HackRead.com Read the original post: Group-IB Founder Ilya Sachkov Jailed for 14 Years in Russia