Microsoft warn Iranian threat actor has targeted organizations in the Defense Industrial Base (DIB) sector with a campaign involving a new type of backdoor called FalseFont. Microsoft found the activity related to Peach Sandstorm (previously known as Holmium), also called APT33, Elfin, and Refined Kitten. FalseFont is a type of …
Read More »
Researchers found two new techniques on GitHub. One uses GitHub Gists, and the other uses Git commit messages to send commands. Malware creators sometimes upload their malware to Dropbox, Google Drive, OneDrive, and Discord to hide it and avoid being detected. ALSO READ: Fake security researchers push malware files on …
Read More »
Research indicates that although cloud transformation is considered a top-three critical investment for 60% of enterprises, only 1 in 4 can show a positive return on investment from their initiatives. ALSO READ: FBI Seized ALPHV/Blackcat Ransomware Dark web Site HFS and IBM Consulting report that enterprise technology is constantly changing, …
Read More »
The FBI and European security organizations working under Europol have seized ALPHV’s website also known as Blackcat. ALPHV ransomware has infected over 1,000 victims worldwide. Cybercrime has a popular model called ransomware-as-a-service. This model involves a group of developers who create and update ransomware. They also maintain the necessary internet …
Read More »
Iran’s Oil Minister, Javad Owji, confirmed on Monday that a cyberattack caused a widespread disruption to petrol stations. A hacking group Iran blames Israel for claimed it caused the attack that disrupted petrol stations across the country on Monday, according to Iranian state TV and Israeli local media. ALSO READ: …
Read More »
In Malaysia, the cybersecurity situation is changing as organizations deal with an increase in cyber threats. A recent survey by IDC shows that phishing is the main concern, with 54% of organizations ranking it as the biggest threat. The top five risks in Malaysia are ransomware, unpatched vulnerabilities, identity theft, …
Read More »
China proposed a four-tier classification to respond to data security incidents, showing its concern about data leaks and hacking in the country. The plan is due to increased tensions with the United States and its allies. It follows an incident where a hacker claimed to have gotten a large amount …
Read More »
The Indian government urgently asked Samsung smartphone users to update their devices due to security vulnerabilities. CERT-In issued a warning about a threat to certain Samsung devices running on Android versions 11, 12, 13, and 14. These vulnerabilities could be exploited to gain unauthorized access to sensitive data on these …
Read More »
Red Balloon Security, Narf Industries, and MITRE worked together to develop the EMB3D Threat Model. This model helps us understand the risks that embedded devices face and the security measures they require. The EMB3D model is a framework that focuses on embedded devices. “It considers the specific risks presented by …
Read More »
In December 2023, Microsoft released security updates for multiple products, addressing 33 vulnerabilities. The company’s vulnerabilities affect several Microsoft products, including Windows, Office, Azure, Microsoft Edge, Windows Defender, Windows DNS and DHCP server, and Microsoft Dynamic. The IT giant also addressed several Chromium issues. ALSO READ: Bypassing major EDRS using …
Read More »
InfoSecBulletin Cybersecurity for mankind
