ITG10 Likely Targeting South Korean Entities of Interest to the Democratic People’s Republic of Korea (DPRK) – post by LinkCyb
In late April 2023, IBM Security X-Force uncovered documents that are most likely part of a phishing campaign mimicking credible senders, orchestrated by a group X-Force refers to as ITG10, and aimed at delivering RokRAT malware, similar to what has been observed by others. ITG10’s tactics, techniques and procedures (TTPs) overlap with APT37 and ScarCruft. […]
Over 60K Adware Apps Posing as Cracked Versions of Popular Apps Target Android Devices
Thousands of adware apps for Android have been found to masquerade as cracks or modded versions of popular apps to redirect users to serve unwanted ads to users as part of a campaign ongoing since October 2022. “The campaign is designed to aggressively push adware to Android devices with the purpose to drive revenue,” Bitdefender […]
Cyber Ranges: Getting into the Mind of the Attacker – post by LinkCyb
The Power of Cyber Ranges in Strengthening Cybersecurity In the world of cybersecurity, the threat of a devastating cyber-attack looms large – in fact, there’s an attack every 39 seconds. As organizations around the world become more dependent on software, the risks of data breaches, ransomware attacks, and other cyber threats grow more severe.
Hackers Leak i2VPN Admin Credentials on Telegram
By Waqas If the alleged admin login credentials are authentic, i2VPN users are at risk of a massive security and privacy breach. This is a post from HackRead.com Read the original post: Hackers Leak i2VPN Admin Credentials on Telegram
5 Reasons Why IT Security Tools Don’t Work For OT
Attacks on critical infrastructure and other OT systems are on the rise as digital transformation and OT/IT convergencecontinue to accelerate. Water treatment facilities, energy providers, factories, and chemical plants — the infrastructure that undergirds our daily lives could all be at risk. Disrupting or manipulating OT systems stands to pose real physical harm to citizens, […]
Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability – Update Now!
Google on Monday released security updates to patch a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild. Tracked as CVE-2023-3079, the vulnerability has been described as a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google’s Threat Analysis Group (TAG) has been credited with […]
Managing technology risk
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Numerous risks are inherent in the technologies that all organizations use. These risks have especially become apparent with recent ransomware attacks, which have […]
Cyclops Ransomware Gang Offers Go-Based Info Stealer to Cybercriminals
Threat actors associated with the Cyclops ransomware have been observed offering an information stealer malware that’s designed to capture sensitive data from infected hosts. “The threat actor behind this [ransomware-as-a-service] promotes its offering on forums,” Uptycs said in a new report. “There it requests a share of profits from those engaging in malicious activities using its malware.”
Chinese PostalFurious Gang Strikes UAE Users with Sneaky SMS Phishing Scheme
A Chinese-speaking phishing gang dubbed PostalFurious has been linked to a new SMS campaign that’s targeting users in the U.A.E. by masquerading as postal services and toll operators, per Group-IB. The fraudulent scheme entails sending users bogus text messages asking them to pay a vehicle trip fee to avoid additional fines. The messages also contain a shortened […]
Zyxel Firewalls Under Attack! Urgent Patching Required
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed two recently disclosed flaws in Zyxel firewalls to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities, tracked as CVE-2023-33009 and CVE-2023-33010, are buffer overflow vulnerabilities that could enable an unauthenticated attacker to cause a