Daily Cyber Brief
A Chinese APT targeted over a dozen government agencies and defense firms in Eastern Europe, the Finnish Parliament suffered a cyberattack, and CISA adds two more vulnerabilities to its catalog...
Cybersecurity
U.S. officials warned that North Korea is increasingly using crypto heists to fund nuclear weapons programs. Meanwhile, Facebook’s parent company Meta is changing course with new product features and a focus on the metaverse as the tech giant vies to maintain its…
Finland's parliament said Tuesday its website came under cyber attack, as the Nordic country applies for NATO membership following Moscow's invasion of Ukraine. "A denial of service attack is taking place against the parliament's external website," parliament said in a…
Today is Microsoft's August 2022 Patch Tuesday, and with it comes fixes for the actively exploited 'DogWalk' zero-day vulnerability and a total of 121 flaws. Seventeen of the 121 vulnerabilities fixed in today's update are classified as 'Critical' as they allow remote code…
More than a dozen organizations in Eastern Europe and Afghanistan, including industrial plants, research institutes and government agencies, were targeted by a suspected Chinese-speaking hacking group earlier this year, according to new research. The attacks, which…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two more flaws to its catalog of Known Exploited Vulnerabilities, based on evidence of active exploitation. One of them has spent more than two years as a zero-day bug in the Windows Support…
In what's yet another instance of malicious packages creeping into public code repositories, 10 modules have been removed from the Python Package Index (PyPI) for their ability to harvest critical data points such as passwords and Api tokens. The packages "install info-stealers…
Cloudflare says some of its employees' credentials were also stolen in an SMS phishing attack similar to the one that led to Twilio's network being breached last week. However, although the attackers got their hands on Cloudflare employees' accounts, they failed to breach its…
Cybersecurity researchers from Kaspersky have published a new advisory providing additional technical details and attribution findings regarding the Maui ransomware incident unveiled by the Cybersecurity and Infrastructure Security Agency (CISA) in July. The report also extends…
A new credit card stealing campaign is underway in Singapore, snatching the payment details of sellers on classifieds sites through an elaborate phishing trick. The scammers also attempt to transfer the funds directly to their accounts using valid one-time passcodes (OTPs) on the…
Researchers have discovered more details on the newly discovered Android spyware 'Dracarys,' used by the Bitter APT group in cyberespionage operations targeting users from New Zealand, India, Pakistan, and the United Kingdom. Meta (Facebook) first reported the new Android…