DEV-1101 AiTM phishing kit is fueling large-scale phishing campaignsMicrosoft warns of large-scale phishing attacks orchestrated with an open-source adversary-in-the-middle (AiTM) phishing kit available in the cybercrime...
Day: March 14, 2023
$197 Million in Cryptocurrency Stolen in Euler Finance Attack
$197 Million in Cryptocurrency Stolen in Euler Finance AttackOn Sunday, a cryptocurrency flash loan attack on the lending platform Euler Finance resulted in the theft of...
What Is Cyber Essentials and How Can Heimdal Help Your Organization Achieve CE Compliance?
What Is Cyber Essentials and How Can Heimdal Help Your Organization Achieve CE Compliance?Cyber Essentials is a practical, government-backed scheme that will assist you in protecting...
FBI’s Report Shows: Investment Fraud Caused Loses of Over $3 Billion in 2022
FBI’s Report Shows: Investment Fraud Caused Loses of Over $3 Billion in 2022According to the FBI’s annual Internet Crime Report, investment fraud was the most common...
KamikakaBot Malware Used to Attack Southeast Asian Government Agencies
KamikakaBot Malware Used to Attack Southeast Asian Government AgenciesThe Dark Pink APT has been linked to a new wave of attacks using the KamiKakaBot malware against...
Patch Tuesday March 2023 – Microsoft Releases Fixes for 23 Vulnerabilities
Patch Tuesday March 2023 – Microsoft Releases Fixes for 23 VulnerabilitiesAs part of the March vulnerability patching bout, Microsoft has released 23 fixes for Chromium- and...
BlackLotus UEFI Bootkit Detection: Exploits CVE-2022-21894 to Bypass UEFI Secure Boot and Disables OS Security Mechanisms
BlackLotus UEFI Bootkit Detection: Exploits CVE-2022-21894 to Bypass UEFI Secure Boot and Disables OS Security Mechanisms An increasing number of Unified Extensible Firmware Interface (UEFI) security...
FBI reveals that more money is lost to investment fraud than ransomware and business email compromise combined
FBI reveals that more money is lost to investment fraud than ransomware and business email compromise combinedThe latest annual FBI report on the state of cybercrime...
STALKER 2 hacker demands Ukrainian game developer reinstates Russian language support, or else…
STALKER 2 hacker demands Ukrainian game developer reinstates Russian language support, or else…A Ukrainian video game developer has revealed that a hacker has leaked development material...
Software supply chain attacks are on the rise — are you at risk?
Software supply chain attacks are on the rise — are you at risk?Graham Cluley Security News is sponsored this week by the folks at Sysdig. Thanks...
NetWire Remote Access Trojan Maker Arrested
NetWire Remote Access Trojan Maker ArrestedFrom Brian Krebs: A Croatian national has been arrested for allegedly operating NetWire, a Remote Access Trojan (RAT) marketed on cybercrime...
How AI Could Write Our Laws
How AI Could Write Our LawsBy Nathan E. Sanders & Bruce Schneier Nearly 90% of the multibillion-dollar federal lobbying apparatus in the United States serves corporate...
Employee termination policy
Employee termination policyPURPOSE This policy provides termination guidelines, including the process of disabling former employee access, reclaiming company equipment and finalizing payroll/benefits details. It complements our...
YoroTrooper cyberspies target CIS energy orgs, EU embassies
YoroTrooper cyberspies target CIS energy orgs, EU embassiesA new threat actor named 'YoroTrooper' has been running cyber-espionage campaigns since at least June 2022, targeting government and...
Cybercriminals exploit SVB collapse to steal money and data
Cybercriminals exploit SVB collapse to steal money and dataThe collapse of the Silicon Valley Bank (SVB) on March 10, 2023, has sent ripples of turbulence throughout...
Microsoft March 2023 Patch Tuesday fixes 2 zero-days, 83 flaws
Microsoft March 2023 Patch Tuesday fixes 2 zero-days, 83 flawsToday is Microsoft's March 2023 Patch Tuesday, and security updates fix two actively exploited zero-day vulnerabilities and...
FBI warns of spike in ‘pig butchering’ crypto investment schemes
FBI warns of spike in ‘pig butchering’ crypto investment schemesAmericans are increasingly targeted in 'pig butchering' cryptocurrency investment schemes, according to a public service announcement issued...
Increasing infrastructure security by reducing complexity
Increasing infrastructure security by reducing complexityBy Deryck Mitchelson, Field CISO EMEA, Check Point Software Technologies. Cyber complexity can impede efforts to secure systems. In particular, cyber security...
SHARED INTEL Q&A: Bi-partisan report calls a for a self-sacrificing approach to cybersecurity
SHARED INTEL Q&A: Bi-partisan report calls a for a self-sacrificing approach to cybersecurityA new report from the Bipartisan Policy Center (BPC) lays out — in stark...
LockBit Ransomware Group Claims SpaceX Contractor Data Theft
LockBit Ransomware Group Claims SpaceX Contractor Data TheftExtortionists With Penchant for Splashy PR Moves Call on Elon Musk to Pay RansomThe LockBit ransomware operation claims to...
New HiatusRAT Malware Targets Business-Grade Routers to Covertly Spy on Victims
New HiatusRAT Malware Targets Business-Grade Routers to Covertly Spy on VictimsA never-before-seen complex malware is targeting business-grade routers to covertly spy on victims in Latin America,...
Why Healthcare Can’t Afford to Ignore Digital Identity
Why Healthcare Can't Afford to Ignore Digital IdentityInvesting in digital identity can improve security, increase clinical productivity, and boost healthcare's bottom line. — by Gus Malezis, CEO of...
KamiKakaBot Malware Used in Latest Dark Pink APT Attacks on Southeast Asian Targets
KamiKakaBot Malware Used in Latest Dark Pink APT Attacks on Southeast Asian TargetsThe Dark Pink advanced persistent threat (APT) actor has been linked to a fresh set of...
Researchers Uncover Over a Dozen Security Flaws in Akuvox E11 Smart Intercom
Researchers Uncover Over a Dozen Security Flaws in Akuvox E11 Smart IntercomMore than a dozen security flaws have been disclosed in E11, a smart intercom product...
Warning: AI-generated YouTube Video Tutorials Spreading Infostealer Malware
Warning: AI-generated YouTube Video Tutorials Spreading Infostealer MalwareThreat actors have been increasingly observed using AI-generated YouTube Videos to spread a variety of stealer malware such as...
How to Apply NIST Principles to SaaS in 2023
How to Apply NIST Principles to SaaS in 2023The National Institute of Standards and Technology (NIST) is one of the standard-bearers in global cybersecurity. The U.S.-based...
Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising
Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious AdvertisingA fake ChatGPT-branded Chrome browser extension has been found to come with capabilities to hijack Facebook accounts...
Large-scale Cyber Attack Hijacks East Asian Websites for Adult Content Redirects
Large-scale Cyber Attack Hijacks East Asian Websites for Adult Content RedirectsA widespread malicious cyber operation has hijacked thousands of websites aimed at East Asian audiences to...
Linux gets double-quick double-update to fix kernel Oops!
Linux gets double-quick double-update to fix kernel Oops!Linux doesn't BSoD. It has oopses and panics instead. (We show you how to make a kernel module to...
LogonBox SSPR 2.3.20
LogonBox SSPR 2.3.20Introduction LogonBox is pleased to announce the immediate availability of LogonBox SSPR 2.3.20.This release includes the ability to force AD schema versions and changes...