The financially motivated threat actor known as FIN7 has been observed using multiple pseudonyms across several underground forums to likely advertise a security dodging tool known to be used by ransomware groups like AvosLocker, Black Basta, BlackCat, LockBit, and Trigona. “AvNeutralizer (aka AuKill), a highly specialized tool developed by FIN7 to tamper with security solutions, […]
Cyber News
A China-linked threat actor called APT17 has been observed targeting Italian companies and government entities using a variant of a known malware referred to as 9002 RAT. The two targeted attacks took place on June 24 and July 2, 2024, Italian cybersecurity company TG Soft said in an analysis published last week. “The first campaign […]
Cyber News
The infamous cybercrime group known as Scattered Spider has incorporated ransomware strains such as RansomHub and Qilin into its arsenal, Microsoft has revealed. Scattered Spider is the designation given to a threat actor that’s known for its sophisticated social engineering schemes to breach targets and establish persistence for follow-on exploitation and data theft. It also […]
Cyber News
Threat actors are actively exploiting a recently disclosed critical security flaw impacting Apache HugeGraph-Server that could lead to remote code execution attacks. Tracked as CVE-2024-27348 (CVSS score: 9.8), the vulnerability impacts all versions of the software before 1.3.0. It has been described as a remote command execution flaw in the Gremlin graph traversal language API. […]
Cyber News
In episode seven of The AI Fix, Alexa goes wild, Mark learns how to hang a towel on a Peloton for only $39.90 a month, Graham puts the news items in the wrong order, and a strawberry uses the internet. Graham explains to Mark what bats argue about, our hosts ponder whether AI should always […]
Cyber News
Details have emerged about a “massive ad fraud operation” that leverages hundreds of apps on the Google Play Store to perform a host of nefarious activities. The campaign has been codenamed Konfety – the Russian word for Candy – owing to its abuse of a mobile advertising software development kit (SDK) associated with a Russia-based […]
Cyber News
Identity-based threats on SaaS applications are a growing concern among security professionals, although few have the capabilities to detect and respond to them. According to the US Cybersecurity and Infrastructure Security Agency (CISA), 90% of all cyberattacks begin with phishing, an identity-based threat. Throw in attacks that use stolen credentials, over-provisioned accounts, and insider threats, […]
Cyber News
Cybersecurity researchers have identified two malicious packages on the npm package registry that concealed backdoor code to execute malicious commands sent from a remote server. The packages in question – img-aws-s3-object-multipart-copy and legacyaws-s3-object-multipart-copy – have been downloaded 190 and 48 times each. As of writing, they have been taken down by the npm security team. […]
Cyber News
The Iranian nation-state actor known as MuddyWater has been observed using a never-before-seen backdoor as part of a recent attack campaign, shifting away from its well-known tactic of deploying legitimate remote monitoring and management (RMM) software for maintaining persistent access. That’s according to independent findings from cybersecurity firms Check Point and Sekoia, which have codenamed […]
Cyber News