SPECTR Malware Targets Ukraine Defense Forces in SickSync Campaign
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks targeting defense forces in the country with a malware called SPECTR as part of an espionage campaign dubbed SickSync. The agency attributed the attacks to a threat actor it tracks under the moniker UAC-0020, which is also called Vermin and is assessed […]
Commando Cat Cryptojacking Attacks Target Misconfigured Docker Instances
The threat actor known as Commando Cat has been linked to an ongoing cryptojacking attack campaign that leverages poorly secured Docker instances to deploy cryptocurrency miners for financial gain. « The attackers used the cmd.cat/chattr docker image container that retrieves the payload from their own command-and-control (C&C) infrastructure, » Trend Micro researchers Sunil Bharti and Shubham
Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks
The distributed denial-of-service (DDoS) botnet known as Muhstik has been observed leveraging a now-patched security flaw impacting Apache RocketMQ to co-opt susceptible servers and expand its scale. « Muhstik is a well-known threat targeting IoT devices and Linux-based servers, notorious for its ability to infect devices and utilize them for cryptocurrency mining and launching Distributed Denial
Third-Party Cyber Attacks: The Threat No One Sees Coming – Here’s How to Stop Them
Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill’s threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk. In an increasingly interconnected world, supply chain attacks have emerged […]
Prevent Account Takeover with Better Password Security
Tom works for a reputable financial institution. He has a long, complex password that would be near-impossible to guess. He’s memorized it by heart, so he started using it for his social media accounts and on his personal devices too. Unbeknownst to Tom, one of these sites has had its password database compromised by hackers […]
Hackers Exploit Legitimate Packer Software to Spread Malware Undetected
Threat actors are increasingly abusing legitimate and commercially available packer software such as BoxedApp to evade detection and distribute malware such as remote access trojans and information stealers. « The majority of the attributed malicious samples targeted financial institutions and government industries, » Check Point security researcher Jiri Vinopal said in an analysis. The volume of
Google Maps Timeline Data to be Stored Locally on Your Device for Privacy
Google has announced plans to store Maps Timeline data locally on users’ devices instead of their Google account effective December 1, 2024. The changes were originally announced by the tech giant in December 2023, alongside changes to the auto-delete control when enabling Location History by setting it to three months by default, down from the […]
Hackers Target Python Developers with Fake « Crytic-Compilers » Package on PyPI
Cybersecurity researchers have discovered a malicious Python package uploaded to the Python Package Index (PyPI) repository that’s designed to deliver an information stealer called Lumma (aka LummaC2). The package in question is crytic-compilers, a typosquatted version of a legitimate library named crytic-compile. The rogue package was downloaded 441 times before it was taken down by […]
Chinese State-Backed Cyber Espionage Targets Southeast Asian Government
An unnamed high-profile government organization in Southeast Asia emerged as the target of a « complex, long-running » Chinese state-sponsored cyber espionage operation codenamed Crimson Palace. « The overall goal behind the campaign was to maintain access to the target network for cyberespionage in support of Chinese state interests, » Sophos researchers Paul Jaramillo, Morgan Demboski, Sean
Unpacking 2024’s SaaS Threat Predictions
Early in 2024, Wing Security released its State of SaaS Security report, offering surprising insights into emerging threats and best practices in the SaaS domain. Now, halfway through the year, several SaaS threat predictions from the report have already proven accurate. Fortunately, SaaS Security Posture Management (SSPM) solutions have prioritized mitigation capabilities to address many […]