January 30, 2023
January 25, 2023
Organizations in Taiwan, HongKong, Singapore and China have been recently facing attacks from a Chinese threat actor DragonSpark. The threat actor was observed using open source tool SparkRAT for its attacks, according to a report by SentinelOne. SparkRAT is multi-platform, […]
January 18, 2023
State-sponsored activity In 2022, we saw increasing state-sponsored activity originating from several countries. But the drivers behind the activity and the tactics used varied widely. This will continue into 2023, as governments use their cyber capabilities as one way of […]
January 11, 2023
TikTok, whose parent company ByteDance is Chinese, has come under fierce Western scrutiny in recent months over concerns about how much access Beijing has to user data. TiKTok chief executive Shou Zi Chew held official talks for the first time […]
January 30, 2023
TechRadarThe Google Play Store has been home to a growing number of suspicious activities in recent months, new research has found. A study by Dr.Web found a large number of fake apps and trojans designed to subscribe victims to paid […]
Threats & Malware, Virus & Malware
January 27, 2023
The Hacker NewsCybersecurity researchers have uncovered a PlugX sample that employs sneaky methods to infect attached removable USB media devices in order to propagate the malware to additional systems. “This PlugX variant is wormable and infects USB devices in such a way […]
January 27, 2023
Security WeekAlso referred to as Cobalt Sapling, Moses Staff has been likely active since November 2020, but its existence was not revealed until September 2021. A declared anti-Israeli and pro-Palestinian group, the APT has posted on its leaks website 16 activities […]
January 27, 2023
CSO OnlineThe US Department of Justice (DOJ) along with international partners have taken down the Hive ransomware group. The operation that began in July 2022 resulted in the FBI penetrating Hive’s computer networks, capturing its decryption keys, and offering them to […]
January 27, 2023
Help Net SecurityErmetic has extended its Cloud Native Application Protection Platform (CNAPP) with cloud workload protection capabilities that enable customers to detect, prevent and remediate security risks in virtual machines, containers and serverless functions. Using context that spans infrastructure configurations, network, access […]
Threats & Malware, Vulnerabilities
January 26, 2023
Security AffairsPalo Alto Networks researchers reported that between August and October 2022 the number of attacks that attempted to exploit a Realtek Jungle SDK RCE (CVE-2021-35394) (CVSS score 9.8) accounted for more than 40% of the total number of attacks. “Realtek […]
January 26, 2023
Help Net SecurityPKWARE has released its newest data discovery and protection solution, PK Secure Email. This Microsoft Outlook add-in automatically discovers sensitive information in email message body, subject line, and attachment and prompts policy-driven protection actions upon sending. Email is a staple […]
January 26, 2023
Help Net SecurityWith continued transition to cloud services to support remote work, the threat of malware continues to grow, expanding each company’s attack surface. The first half of 2022 saw 2.8 billion malware attacks in which more than 270,000 “never-seen-before” malware variants […]