Chinese threat actor DragonSpark targets East Asian businesses

January 25, 2023

Organizations in Taiwan, HongKong, Singapore and China have been recently facing attacks from a Chinese threat actor DragonSpark. The threat actor was observed using open source tool SparkRAT for its attacks, according to a report by SentinelOne. SparkRAT is multi-platform, […]

Cybersecurity in 2023: Russian escalation, Chinese espionage, Iranian “hacktivism”

January 18, 2023

State-sponsored activity In 2022, we saw increasing state-sponsored activity originating from several countries. But the drivers behind the activity and the tactics used varied widely. This will continue into 2023, as governments use their cyber capabilities as one way of […]

EU Tells TikTok Chief To Respect Data Privacy Laws

January 11, 2023

TikTok, whose parent company ByteDance is Chinese, has come under fierce Western scrutiny in recent months over concerns about how much access Beijing has to user data. TiKTok chief executive Shou Zi Chew held official talks for the first time […]

Mobile, Mobile security

These dodgy Android apps have seen over 20 million downloads

January 30, 2023

Via: TechRadar

The Google Play Store has been home to a growing number of suspicious activities in recent months, new research has found. A study by Dr.Web found a large number of fake apps and trojans designed to subscribe victims to paid […]

Threats & Malware, Virus & Malware

Researchers Discover New PlugX Malware Variant Spreading via Removable USB Devices

January 27, 2023

Via: The Hacker News

Cybersecurity researchers have uncovered a PlugX sample that employs sneaky methods to infect attached removable USB media devices in order to propagate the malware to additional systems. “This PlugX variant is wormable and infects USB devices in such a way […]

Cyber warfare, Cyber-crime

Iranian APT Leaks Data From Saudi Arabia Government Under New Persona

January 27, 2023

Via: Security Week

Also referred to as Cobalt Sapling, Moses Staff has been likely active since November 2020, but its existence was not revealed until September 2021. A declared anti-Israeli and pro-Palestinian group, the APT has posted on its leaks website 16 activities […]

Hacker, Threats & Malware

FBI takes down Hive ransomware group in an undercover operation

January 27, 2023

Via: CSO Online

The US Department of Justice (DOJ) along with international partners have taken down the Hive ransomware group. The operation that began in July 2022 resulted in the FBI penetrating Hive’s computer networks, capturing its decryption keys, and offering them to […]

Cloud security, Security

Ermetic extends its CNAPP with cloud workload protection capabilities

January 27, 2023

Via: Help Net Security

Ermetic has extended its Cloud Native Application Protection Platform (CNAPP) with cloud workload protection capabilities that enable customers to detect, prevent and remediate security risks in virtual machines, containers and serverless functions. Using context that spans infrastructure configurations, network, access […]

Threats & Malware, Vulnerabilities

Experts warn of a surge of attacks exploiting a Realtek Jungle SDK RCE (CVE-2021-35394)

January 26, 2023

Via: Security Affairs

Palo Alto Networks researchers reported that between August and October 2022 the number of attacks that attempted to exploit a Realtek Jungle SDK RCE (CVE-2021-35394) (CVSS score 9.8) accounted for more than 40% of the total number of attacks. “Realtek […]

Email security, Security

PK Secure Email helps users discover sensitive information in email communication

January 26, 2023

Via: Help Net Security

PKWARE has released its newest data discovery and protection solution, PK Secure Email. This Microsoft Outlook add-in automatically discovers sensitive information in email message body, subject line, and attachment and prompts policy-driven protection actions upon sending. Email is a staple […]

Network security, Security

Perimeter 81’s malware protection defends users from internet-borne threats

January 26, 2023

Via: Help Net Security

With continued transition to cloud services to support remote work, the threat of malware continues to grow, expanding each company’s attack surface. The first half of 2022 saw 2.8 billion malware attacks in which more than 270,000 “never-seen-before” malware variants […]