Daily Cyber Brief

$30M of stolen crypto is seized by the U.S., APT42 has launched over 30 cyberespionage campaigns since 2015, and Vice Society claims responsibility for LAUSD attack...

Cybersecurity

Albania blames Iran for second cyberattack since July

Albania blamed the Iranian government Saturday for a cyberattack against computer systems used by Albanian state police — just days after the White House condemned Tehran for a hack that disrupted Albanian government services in July. The latest hack forced Albanian…

Vice Society claims LAUSD ransomware attack, theft of 500GB of data

The Vice Society gang has claimed the ransomware attack that hit Los Angeles Unified (LAUSD), the second largest school district in the United States, over the weekend. LAUSD says it enrolls more than 640,000 students, from kindergarten through 12th grade, and it…

CISA orders agencies to patch Chrome, D-Link flaws used in attacks

CISA has added 12 more security flaws to its list of bugs exploited in attacks, including two critical D-Link vulnerabilities and two (now-patched) zero-days in Google Chrome and the Photo Station QNAP software. The Google Chrome zero-day (CVE-2022-3075) was patched…

Cisco: Log4j vulnerability used to attack energy companies in Canada, US and Japan

Hackers continue to abuse the endemic Log4j vulnerability months after its discovery, according to a new report from Cisco researchers who discovered a campaign targeting energy companies across the U.S., Canada, Japan and other countries. Cisco Talos security…

GIFShell attack creates reverse shell using Microsoft Teams GIFs

A new attack technique called ‘GIFShell’ allows threat actors to abuse Microsoft Teams for novel phishing attacks and covertly executing commands to steal data using ... GIFs. The new attack scenario, shared exclusively with BleepingComputer, illustrates how attackers can…

Attackers Exploit Zero-Day WordPress Plug-in Vulnerability in BackupBuddy

Attackers are actively exploiting a critical vulnerability in BackupBuddy, a WordPress plug-in that an estimated 140,000 websites are using to back up their installations. The vulnerability allows attackers to read and download arbitrary files from affected websites, including those…

Firmware bugs in many HP computer models left unfixed for over a year

A set of six high-severity firmware vulnerabilities impacting a broad range of HP devices used in enterprise environments are still waiting to be patched, although some of them were publicly disclosed since July 2021. Firmware flaws are particularly dangerous because they…

U.S. Seizes Cryptocurrency Worth $30 Million Stolen by North Korean Hackers

More than $30 million worth of cryptocurrency plundered by the North Korea-linked Lazarus Group from online video game Axie Infinity has been recovered, marking the first time digital assets stolen by the threat actor have been seized. "The seizures represent approximately 10%…

Ransomware gangs switching to new intermittent encryption tactic

A growing number of ransomware groups are adopting a new tactic that helps them encrypt their victims' systems faster while reducing the chances of being detected and stopped. This tactic is called intermittent encryption, and it consists of encrypting only parts of the…

Iranian APT42 Launched Over 30 Espionage Attacks Against Activists and Dissidents

A state-sponsored advanced persistent threat (APT) actor newly christened APT42 (formerly UNC788) has been attributed to over 30 confirmed espionage attacks against individuals and organizations of strategic interest to the Iranian government at least since 2015…

Daily Cyber Brief

$30M of stolen crypto is seized by the U.S., APT42 has launched over 30 cyberespionage campaigns since 2015, and Vice Society claims responsibility for LAUSD attack...

Cybersecurity

Join the conversation

Overt Operator