Daily Cyber Brief
Defense contractors are targeted in cyberattacks, Chaos malware is rapidly spreading across Europe, and Quantum Builder is being used to deliver the Agent Tesla RAT...
Cybersecurity
The Internal Revenue Service (IRS) warned Americans of an exponential rise in IRS-themed text message phishing attacks trying to steal their financial and personal information in the last few weeks. "So far in 2022, the IRS has identified and reported thousands of fraudulent…
Security researchers have discovered a new campaign targeting multiple military contractors involved in weapon manufacturing, including an F-35 Lightning II fighter aircraft components supplier. The highly targeted attacks begin with a phishing email sent to…
Bosnian authorities have remained silent about the hacking attack on the state-level parliament, whose website and servers have been out of operation since September 9. For almost three weeks, the public has known little to nothing about the attack…
Authentication service provider and Okta subsidiary Auth0 has disclosed what it calls a "security event" involving some of its code repositories. Auth0's authentication platform is used to authenticate over 42 million logins each day by more than 2,000 enterprise customers…
As protests erupted in Iran over the death in custody of a woman arrested for violating gender-based morality laws, hacker groups started offering help — and sometimes hoped to profit. But researchers warn that the offers may not be as benevolent as they appear. The cybersecurity…
The powerful Chaos malware has evolved yet again, morphing into a new Go-based, multiplatform threat that bears no resemblance to its previous ransomware iteration. It's now targeting known security vulnerabilities to launch distributed denial-of-service (DDoS)…
A multi-purpose malware written in the Go programming language is raising alarms among researchers worried about its spread in Europe. Lumen Technologies’ threat intelligence team — Black Lotus Labs — dubbed the malware “Chaos” and said it was built for Windows and…
Four vulnerabilities in the widely adopted 'Stacked VLAN' Ethernet feature allows attackers to perform denial-of-service (DoS) or man-in-the-middle (MitM) attacks against network targets using custom-crafted packets. Stacked VLANs, also known as VLAN Stacking, is a…
A recently discovered malware builder called Quantum Builder is being used to deliver the Agent Tesla remote access trojan (RAT). "This campaign features enhancements and a shift toward LNK (Windows shortcut) files when compared to similar attacks in the past," Zscaler…
The relatively new Bl00Dy Ransomware Gang has started to use a recently leaked LockBit ransomware builder in attacks against companies. Last week, the LockBit 3.0 ransomware builder was leaked on Twitter after the LockBit operator had a falling out with his developer…