What is Data Security Posture Management (DSPM)?
Data Security Posture Management is an approach to securing cloud data by ensuring that sensitive data always has the correct security posture – regardless of where it’s been duplicated or moved to. So, what is DSPM? Here’s a quick example: Let’s say you’ve built an excellent security posture for your cloud data. For the sake of this […]
Researchers Expose Space Pirates’ Cyber Campaign Across Russia and Serbia
The threat actor known as Space Pirates has been linked to attacks against at least 16 organizations in Russia and Serbia over the past year by employing novel tactics and adding new cyber weapons to its arsenal. « The cybercriminals’ main goals are still espionage and theft of confidential information, but the group has expanded its interests and […]
China’s APT31 Suspected in Attacks on Air-Gapped Systems in Eastern Europe
A nation-state actor with links to China is suspected of being behind a series of attacks against industrial organizations in Eastern Europe that took place last year to siphon data stored on air-gapped systems. Cybersecurity company Kaspersky attributed the intrusions with medium to high confidence to a hacking crew called APT31, which is also tracked under […]
Cybercriminals Renting WikiLoader to Target Italian Organizations with Banking Trojan
Organizations in Italy are the target of a new phishing campaign that leverages a new strain of malware called WikiLoader with an ultimate aim to install a banking trojan, stealer, and spyware called Ursnif (aka Gozi). « It is a sophisticated downloader with the objective of installing a second malware payload, » Proofpoint said in a technical report. « The malware uses multiple mechanisms […]
New P2PInfect Worm Targets Redis Servers with Undocumented Breach Methods
The P2PInfect peer-to-peer (P2) worm has been observed employing previously undocumented initial access methods to breach susceptible Redis servers and rope them into a botnet. « The malware compromises exposed instances of the Redis data store by exploiting the replication feature, » Cado Security researchers Nate Bill and Matt Muir said in a report shared with The Hacker News. […]
CERTFR-2023-ACT-033 : Bulletin d’actualité CERTFR-2023-ACT-033 (31 juillet 2023)
Ce bulletin d’actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas …
Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor
Threat actors associated with the hacking crew known as Patchwork have been spotted targeting universities and research organizations in China as part of a recently observed campaign. The activity, according to KnownSec 404 Team, entailed the use of a backdoor codenamed EyeShell. Patchwork, also known by the names Operation Hangover and Zinc Emerson, is suspected to be […]
Webinar: Riding the vCISO Wave: How to Provide vCISO Services
Demand for Virtual CISO services is soaring. According to Gartner, the use of vCISO services among small and mid-size businesses and non-regulated enterprises was expected to grow by a whopping 1900% in just one year, from only 1% in 2021 to 20% in 2022! Offering vCISO services can be especially attractive for MSPs and MSSPs. […]
AVRecon Botnet Leveraging Compromised Routers to Fuel Illegal Proxy Service
More details have emerged about a botnet called AVRecon, which has been observed making use of compromised small office/home office (SOHO) routers as part of a multi-year campaign active since at least May 2021. AVRecon was first disclosed by Lumen Black Lotus Labs earlier this month as malware capable of executing additional commands and stealing victim’s bandwidth for […]
Fruity Trojan Uses Deceptive Software Installers to Spread Remcos RAT
Threat actors are creating fake websites hosting trojanized software installers to trick unsuspecting users into downloading a downloader malware called Fruity with the goal of installing remote trojans tools like Remcos RAT. « Among the software in question are various instruments for fine-tuning CPUs, graphic cards, and BIOS; PC hardware-monitoring tools; and some other apps, » cybersecurity