Daily Cyber Brief
LastPass hacked and lost source code, Kimusky is found targeting SK politicians and diplomats, and threat actors are switching from Cobalt Strike to the Sliver toolkit...
Cybersecurity
The Department of Treasury and the Israeli Ministry of Finance announced on Thursday a bilateral agreement formalizing and enhancing the cybersecurity partnership between the countries. The agreement follows Deputy Secretary of the Treasury…
US military and intelligence officials are stepping up their efforts to defend the electoral process from foreign hacking and disinformation as the November midterms approach, officials said Thursday. Officials are “actively defending against foreign interference and…
Password management firm LastPass was hacked two weeks ago, enabling threat actors to steal the company's source code and proprietary technical information. The disclosure comes after BleepingComputer learned of the breach from insiders last week and reached out to the…
Hackers are abusing an anti-cheat system driver for the immensely popular Genshin Impact game to disable antivirus software while conducting ransomware attacks. The driver/module, "mhypro2.sys," doesn't need the target system to have the game installed, and it can operate…
The North Korean nation-state group Kimusky has been linked to a new set of malicious activities directed against political and diplomatic entities located in its southern counterpart in early 2022. Russian cybersecurity firm Kaspersky codenamed the cluster GoldDragon…
Microsoft has discovered a new malware used by the Russian hacker group APT29 (a.k.a. NOBELIUM, Cozy Bear) that enables authentication as anyone in a compromised network. As a state-sponsored cyberespionage actor, APT29 employs the new capability to hide their…
The Python Package Index, PyPI, on Wednesday sounded the alarm about an ongoing phishing campaign that aims to steal developer credentials and inject malicious updates to legitimate packages. "This is the first known phishing attack against PyPI," the maintainers…
Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed. New research indicates that over 80,000 Hikvision surveillance cameras in the world today are vulnerable to an 11 month-old command…
The threat actor behind the attacks on Twilio and Cloudflare earlier this month has been linked to a broader phishing campaign aimed at 136 organizations that resulted in a cumulative compromise of 9,931 accounts. The activity has been condemned…
Threat actors are dumping the Cobalt Strike penetration testing suite in favor of similar frameworks that are less known. After Brute Ratel, the open-source, cross-platform kit called Sliver is becoming an attractive alternative. However, malicious activity using Sliver can be…