Cybersecurity

U.N. panel coordinator urges stepped up focus on North Korea cyber crime

The coordinator for the U.N. body monitoring enforcement of sanctions on North Korea said on Wednesday a stepped up focus was needed on cybercrime, which had become fundamental to Pyongyang's ability to finance its banned weapons programs. Eric Penton-Voak, of the…

Israeli charged in global hacker-for-hire scheme pleads guilty

An Israeli private detective detained in New York since 2019 on charges of involvement in a hacker-for-hire scheme pleaded guilty to wire fraud, conspiracy to commit hacking and aggravated identity theft on Wednesday. Federal prosecutors say the detective, Aviram Azari…

Researchers Detail Bug That Could Paralyze Snort Intrusion Detection System

Details have emerged about a now-patched security vulnerability in the Snort intrusion detection and prevention system that could trigger a denial-of-service (DoS) condition and render it powerless against malicious traffic. Tracked as CVE-2022-20685, the vulnerability…

Okta Wraps Up Lapsus$ Investigation, Pledges More Third-Party Controls

Identity cloud provider Okta concluded its investigation into a recent breach of its systems by the Lapsus$ extortion group, which gained access to some of company's systems through a third-party contract firm and then revealed the compromise in March. The breach impacted…

REvil's TOR sites come alive to redirect to new ransomware operation

REvil ransomware’s servers in the TOR network are back up after months of inactivity and redirect to a new operation that appears to have started since at least mid-December last year. It is unclear who is behind the new REvil-connected operation but the new leak site lists a…

Microsoft Exchange servers hacked to deploy Hive ransomware

A Hive ransomware affiliate has been targeting Microsoft Exchange servers vulnerable to ProxyShell security issues to deploy various backdoors, including Cobalt Strike beacon. From there, the threat actors perform network reconnaissance, steal admin account credentials…

LinkedIn Becomes the Most Impersonated Brand for Phishing Attacks

LinkedIn has become by far the most impersonated brand for phishing attacks, according to new research by Check Point Research (CPR). The cybersecurity vendor’s 2022 Q1 Brand Phishing Report revealed that phishing attacks impersonating the professional social…

US, Allies Say New Intel Suggests Coming Russian Cyberattack

Five allied countries including the United States warned Wednesday that "evolving intelligence" indicated Russia was poised to launch powerful cyberattacks against rivals supporting Ukraine. The members of the "Five Eyes" intelligence sharing network -- the US…

FBI Warns of Ransomware Attacks on Farming Co-ops During Planting, Harvest Seasons

The FBI issued a private industry notification on Wednesday to warn agricultural cooperatives about a potential increase in ransomware attacks during planting and harvest seasons. In September 2021, the FBI warned the food and agriculture sector that an increase…

Russian state hackers hit Ukraine with new malware variants

Threat analysts report that the Russian state-sponsored threat group known as Gamaredon (a.k.a. Armageddon/Shuckworm) is launching attacks against targets in Ukraine using new variants of the custom Pteredo backdoor. Gamaredon has been launching cyber-espionage…