Tag Archive for: THREATS.

Cyber Security News Weekly Round-Up (Vulnerabilities, Threats & New Stories)

/in


The weekly cybersecurity news wrap-up provides readers with the latest information on emerging risks, vulnerabilities, ways to reduce them, and harmful schemes to help make defensive measures proactive.

A well-developed knowledge base is necessary for securing networks from the newest targets and vulnerabilities in the face of the changing risk landscape.

Staying updated with the latest trends, reports, and news is completely necessary nowadays.

Cyber Attacks

CoralRaider Hackers Steal Data

XClient stealer and RotBot are two attack tools that Vietnamese threat actor CoralRaider uses to steal financial data, login credentials, and social media information from victims in Asian and Southeast Asian countries.

Since 2023, the group has been operational with complex approaches where they would integrate Vietnamese vocabularies into their payloads as a sort of hard coding.

The most recent campaign by this threat group involves using Windows shortcut files to distribute malware targeting South Korean, Bangladeshi, and Chinese nationals. This is a significant threat to individuals and businesses in the region.

Chinese Hackers Using AI Tools To Influence Upcoming Elections

The report concerns how Chinese hackers could use AI to influence the elections. While no instances are specifically mentioned in the report, it cautions against this cyber risk. 

Not only that even AI can be used to generate deepfake videos, control social media sites and undertake highly developed cyber offences which makes it a very powerful tool to influence the elections. 

Moreover, the report stresses on increasing cybersecurity defenses against such threats including improvements in detection and response capabilities. 

While it highlights the need of remaining alert and proactive towards changing cyber risks especially in line with elections and politics at large.

Threat Actors Deliver Malware Via YouTube Video

The report highlights a recent malware campaign in which Vidar, StealC, and Lumma Stealer information-stealing malware are disseminated via YouTube videos by hackers. 

These videos that pretend to be guides for getting free software or game upgrades have links to cracked video games and pirated…

Source…

Sullivan County uses NYSSOC to combat cybersecurity threats

/in


Cybersecurity threats are a worldwide issue.

New York state is working to combat this with its New York State Security Operations Center (NYSSOC).

What You Need To Know

  • Sullivan County is the first county to start utilizing the NYSSOC

  • The NYSSOC facility is based in Brooklyn and dedicated to detecting and responding to real-time threats 24/7

  • Tompkins County will be the next to launch it, and 45 counties have shown interest in subscribing to NYSSOC

Sullivan County is the first county to start utilizing the NYSSOC.

It allows the state to monitor for cyber threats with a goals of preventing them and improving responses to incidents.

“The county, as well as the state, as well as the nation, are under attack constantly from foreign adversaries just looking to wreak havoc on the infrastructure and environment that we work in and with. So, it’s important for us to know what’s happening quickly, to be able to respond quickly, and to mitigate those risks as quickly as possible,” said Commissioner of Information Technology Services and CIO for Sullivan County Lorne Green.

The NYSSOC facility is based in Brooklyn and is dedicated to detecting and responding to real-time threats 24/7.

“Anything that they see that, you know, red flags, anything, even some minor occurrences that go through, they will alert us. And then, we can take action on those to either let them know that this is a low priority, high priority, medium, and then, whatever that comes through as, we can take action,” said Deputy CIO for Sullivan County Dan Smith.

Officials said Sullivan County went live with NYSSOC in late March. It was selected due to relationships with New York State Homeland Security and the State’s Center for Internet Security.

Officials collected log data from security appliances and servers to feed to NYSSOC to get the project rolling.

“They then parch that data and put it into their recording solution for analysis and further determination as to whether or not there are any incidents that need to be addressed,” Green said.

One of the major aspects of this effort is ensuring threats are being tracked even when local information technology services staff members are not…

Source…

Brit magazine sent death threats after joking that Vladimir Putin has tiny todger

/in


A BRITISH satirical magazine has been sent death threats after printing a story saying Vladimir Putin has a tiny todger.

The Daily Squib published a “tongue in cheek” article suggesting the  Russian leader invaded Ukraine because he has a “micro penis”.

The magazine claimed in a jokey article that Putin, pictured in 2017, has a tiny todger

10

The magazine claimed in a jokey article that Putin, pictured in 2017, has a tiny todgerCredit: AFP
Putin relaxes after fishing during the hunting and fishing trip in 2017

10

Putin relaxes after fishing during the hunting and fishing trip in 2017Credit: Reuters
Putin taking part in training with Russia's national judo team in 2019

10

Putin taking part in training with Russia’s national judo team in 2019Credit: AFP

The editor, Aur Esenbel, claims writers at the 17-year-old site have since been told they would be stabbed, shot and run over for mocking the despot.

In a jokey editorial, “experts” said the debilitating impediment made Putin “constantly angry”.

It read: “You ever wonder why Putin is so angry and aggressive all the time?

“According to medical experts, it is because he has micropenis syndrome.

“It is common knowledge within the ranks that Putin’s penis measures 1.2cm in length even when erect.

“Psychologically, this impediment is presumed to affect his general nature as it is practically impossible to make love to a woman or carry out other functions normally.”

The story sparked fury from irate Russian readers, who vowed to murder the journalists involved.

In a string of terrifying website comments, reporters were told they would be shot, stabbed and run over for daring to mock the tyrant.

An investigation by The Daily Squib suggested the threats originated in Russia.

The magazine has since added additional security measures to its website and its writers no longer have direct email addresses to stop them being “harassed by overseas mobsters”.

Blow for the West as pro-Putin candidate elected as president in key Ukraine ally & Nato nation Slovakia

The Daily Squib was also targeted in three separate Denial-of-Service (DoS) attacks, which aim to cripple a website by overwhelming it with huge volumes of internet traffic.

Two of the attacks failed, but one was successful and took it offline for seven days.

Editor Aur Esenbel said: “Like all satirical news outlets, The Daily Squib is no stranger to criticism and the odd ‘strongly worded…

Source…

Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)

/in


Welcome to the Cyber Security News Weekly Round-Up. Each week, we will explore the latest cyber threats, vulnerabilities, and notable stories that have shaped the cybersecurity landscape.

From sophisticated malware attacks to innovative phishing schemes, we cover the crucial updates you need to stay informed and protected.

Threats

Notepad++ Plugin Compromised by Hackers

Hackers have targeted a widely used Notepad++ plugin, “mimeTools.dll,” injecting malicious code that compromises users’ systems upon execution. The attack, discovered by the AhnLab Security Intelligence Center, leverages DLL Hijacking to execute encrypted malicious Shell Code, posing a significant threat to programmers and writers who rely on Notepad++ for its versatility and plugin support; read more.

Weaponized PDF Files Deliver Byakugan Malware

Cybersecurity researchers at Fortinet have uncovered a new attack vector involving weaponized PDF files used to deliver the multi-functional Byakugan malware. By exploiting the trust and popularity of PDFs, hackers have been able to infiltrate systems through malicious codes embedded in seemingly innocuous documents, highlighting the need for heightened awareness and protection against such files.

Fake E-Shopping Attack Targets Banking Credentials

A sophisticated fake e-shop scam campaign has been targeting users in Southeast Asia, hijacking banking credentials through phishing emails and malicious APKs. The attackers have expanded their operations, utilizing screen-sharing and exploiting accessibility services to gain more control over victims’ devices. This campaign underscores the evolving tactics of cybercriminals in their efforts to steal sensitive information.

Rhadamanthys Stealer Targets Oil and Gas Sector

The oil and gas sector has become the latest target of the Rhadamanthys Stealer malware, delivered through weaponized PDF files. This attack emphasizes the ongoing threat to critical infrastructure sectors and the importance of robust cybersecurity measures to protect against such sophisticated threats.

Ransomware Exploits Unpatched Vulnerabilities

A recent report highlights the increasing trend of ransomware attacks exploiting unpatched…

Source…