InfoSecBulletin Cybersecurity for mankind
Vixen Panda APT Group suspected of targeting foreign ministry in cyberattack
A Chinese hacker group, Vixen Panda, is suspected of targeting the Foreign Ministry in a recent cyberattack. As per a new report by Euractiv, the hackers showed a keen interest in policy documents.
German Arms Manufacturer Rheinmetall Targeted in Cyberattack
Over the weekend, Rheinmetall, a leading German armaments and technology company, was the victim of a cyberattack that targeted all three of its divisions. However, company officials have stated that the attack did not impact operations.
NCR Says it was hit by BlackCat Ransomware Attack
NCR is suffering an outage on its Aloha point of sale (PoS) platform since Wednesday after it was hit by a ransomware attack conducted by the BlackCat/ALPHV ransomware group.
US extradites Nigerian charged over $6m email fraud scam
They used a technique dubbed Business Email Compromise (BEC). As part of this, it’s claimed, the fraudsters broke into people’s email accounts, too, and chatted via mobile apps to organize their crimes.
Hackers Start Abusing Action1 RMM in Ransomware Attacks
Action1 is a remote monitoring and management (RMM) product that is commonly used by managed service providers (MSPs) and the enterprise to remotely manage endpoints on a network.
Australians report record $3.1bn losses to scams, with real amount even higher, ACCC says
This was found in the Targeting Scams report from the Australian Competition and Consumer Commission, which compiles data from Scamwatch, ReportCyber, major banks, and money remitters, based on an analysis of more than 500,000 reports.
Volvo’s Brazil Retailer Exposed Sensitive Database Credentials, Laravel App Key, Git Repository Link
On February 17, 2023, the Cybernews research team discovered public access to sensitive files hosted on dimasvolvo.com.br website, belonging to an independent Volvo retailer in the Santa Catarina region of Brazil.
What it will look like if China launches cyberattacks in the U.S.
While much of the cybersecurity world’s attention is on fending off Russian hacks against Ukraine, American officials are increasingly worried about another growing threat: attacks by China on U.S. soil.
New Zaraza Bot Credential-Stealer Sold on Telegram Targeting 38 Web Browsers
“Zaraza bot targets a large number of web browsers and is being actively distributed on a Russian Telegram hacker channel popular with threat actors,” cybersecurity company Uptycs said in a report published last week.
CYFIRMA raises an undisclosed amount in Pre-Series B funding for product innovation
The funds raised will be used for product innovation and entering new global markets in North America, Europe, and MENA region in addition to growing the existing markets in SEA, including India, Singapore, and Japan.
Experts found the first LockBit encryptor that targets macOS systems
The LockBit group is the first ransomware gang that has created encryptors to target macOS systems, MalwareHunterTeam warns. The researchers discovered the LockBit encryptors in a ZIP archive uploaded to VirusTotal.
Federal, International Agencies Release Principles to Enhance Security of Tech Products
The authoring agencies urged technology and software manufacturers “to revamp their design and development programs to permit only secure-by-design and -default products to be shipped to customers.”
Beware of Movie365 and Similar Sites Offering Free Movies Online
If you’ve ever searched for free online movie streaming sites, you’ve probably come across Movie365 and other similar sites. While these sites promise access to the latest movies, they’re often not what they seem.
Google Launches New Cybersecurity Initiatives to Strengthen Vulnerability Management
The company further emphasized that it’s committing to publicly disclose incidents when it finds evidence of active exploitation of vulnerabilities across its product portfolio.
Russia accuses NATO of launching 5,000 cyberattacks since 2022
The FSB claims that despite many of the attacks being presented as activities by the “IT Army of Ukraine,” it was able to discern the involvement of pro-west hacker groups like “Anonymous,” “Sailens,” “Goast clan,” “Ji-En-Ji,” “SquadZOZ,” and others.
Vice Society Ransomware Using Stealthy PowerShell Tool for Data Exfiltration
Threat actors associated with the Vice Society ransomware gang have been observed using a bespoke PowerShell-based tool to fly under the radar and automate the process of exfiltrating data from compromised networks.
Microsoft shares guidance to detect BlackLotus UEFI bootkit attacks
Analyzing devices compromised with BlackLotus, the Microsoft Incident Response team identified several points in the malware installation and execution process that allow its detection
