Aanvallers tonen inventiviteit in DuneQuixote post, mei 2, 2024 De afgelopen maand ontdekte DuneQuixote malware campaign laat eens te meer zien hoe inventief aanvallers zijn. DuneQuixote maakt gebruik van twee verschillende ‘droppers’ en twee verschillende ‘payloads’. De dropper wordt gebruik voor de initiele toegang en zet de communicatie met de command&control infrastructuur op. De aanvallers gebruiken delen van Spaanse… Continue Reading
Terug van weggeweest: USB post, mei 1, 2024 De aanval met de USB-stick is nooit helemaal weggeweest, maar in IT-netwerken zagen we de laatste jaren dat beveiligingsmaatregelen succesvolle aanvallen steeds moeilijker maakten. In hun onderzoek laat Honeywell terecht zien dat USB-apparatuur in aanvallen op OT-infrastructuren door aanvallers nog steeds wordt gezien als een belangrijk middel. Hiermee wordt het… Continue Reading
US Post Office phishing sites get as much traffic as the real one post, april 28, 2024april 30, 2024 Security researchers analyzing phishing campaigns that target United States Postal Service (USPS) saw that the traffic to the fake domains is typically similar to what the legitimate site records and it is even higher during holidays. […] The total queries generated by all malicious websites uncovered by Akamai’s research during… Continue Reading
Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw post, april 27, 2024april 30, 2024 Cybersecurity researchers have discovered a targeted operation against Ukraine that has been found leveraging a nearly seven-year-old flaw in Microsoft Office to deliver Cobalt Strike on compromised systems. The attack chain, which took place at the end of 2023 according to Deep Instinct, employs a PowerPoint slideshow file (“signal-2023-12-20-160512.ppsx”) as… Continue Reading
Suddenly, Chinese Spies Seem to Be Popping Up All Over Europe post, april 27, 2024april 30, 2024 One of the men, a young Briton known for his hawkish views on China, worked as an aide to a prominent member of the British Parliament. Another, a German citizen of Chinese descent, was an assistant to a member of the European Parliament representing Germany’s far right. While from different… Continue Reading
Kaiser Permanente: Data breach may impact 13.4 million patients post, april 26, 2024april 26, 2024 Healthcare service provider Kaiser Permanente disclosed a data security incident that may impact 13.4 million people in the United States. Kaiser Permanente is an integrated managed care consortium and one of the largest nonprofit health plans in the U.S. Continue Reading
Russian hacking group claims responsibility for cyberattack on Indiana wastewater plant post, april 25, 2024april 26, 2024 The “People’s Cyber Army of Russia” took credit last Saturday for the incident on the messaging app Telegram. A message accompanying the video read: “We continue to look partially cover our series of work on US infrastructure. Today, we’ll look at Indiana. Let’s consider the work on municipal water treatment… Continue Reading
Governments issue alerts after ‘sophisticated’ state-backed actor found exploiting flaws in Cisco security boxes post, april 24, 2024april 26, 2024 A previously unknown and “sophisticated” nation-state group compromised Cisco firewalls as early as November 2023 for espionage purposes — and possibly attacked network devices made by other vendors including Microsoft, according to warnings from the networking giant and three Western governments. Continue Reading
Iran Dupes US Military Contractors, Gov’t Agencies in Cyber Campaign post, april 24, 2024april 26, 2024 The US Departments of Treasury and State are among those compromised in the elaborate campaign, which lasted from 2016 to 2021 according to a US Justice Department indictment unsealed this week. Various defense contractors with high-level security clearances, a New York-based accounting firm, and a New York-based hospitality company were… Continue Reading
MITRE admits ‘nation state’ attackers touched its NERVE R&D operation post, april 22, 2024april 26, 2024 In a cautionary tale that no one is immune from attack, the security org MITRE has admitted that it got pwned.… Continue Reading