FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT
Sat, 11 May 2024 12:59:00 +0530
The financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to deliver MSIX installers that culminate in the deployment of NetSupport RAT.
“The threat actors used malicious websites to impersonate well-known brands, including AnyDesk, WinSCP, BlackRock, Asana, Concur, The Wall
https://thehackernews.com/2024/05/fin7-hacker-group-leverages-malicious.html
North Korean Hackers Deploy New Golang Malware ‘Durian’ Against Crypto Firms
Fri, 10 May 2024 20:24:00 +0530
The North Korean threat actor tracked as Kimsuky has been observed deploying a previously undocumented Golang-based malware dubbed Durian as part of highly-targeted cyber attacks aimed at two South Korean cryptocurrency firms.
“Durian boasts comprehensive backdoor functionality, enabling the execution of delivered commands, additional file downloads, and exfiltration of files,”
https://thehackernews.com/2024/05/north-korean-hackers-deploy-new-golang.html
Healthcare Giant Ascension Hacked, Hospitals Diverting Emergency Service
Fri, 10 May 2024 13:33:33 +0000
One of the largest healthcare systems in the United States is scrambling to contain a hack that’s causing disruption and “downtime procedures” at hospitals around the country.
The post Healthcare Giant Ascension Hacked, Hospitals Diverting Emergency Service appeared first on SecurityWeek.
https://www.securityweek.com/healthcare-giant-ascension-hacked-hospitals-diverting-emergency-service/
CensysGPT: AI-Powered Threat Hunting for Cybersecurity Pros (Webinar)
Fri, 10 May 2024 18:22:00 +0530
Artificial intelligence (AI) is transforming cybersecurity, and those leading the charge are using it to outsmart increasingly advanced cyber threats.
Join us for an exciting webinar, “The Future of Threat Hunting is Powered by Generative AI,” where you’ll explore how AI tools are shaping the future of cybersecurity defenses.
During the session, Censys Security Researcher Aidan Holland will
https://thehackernews.com/2024/05/censysgpt-ai-powered-threat-hunting-for.html
In Other News: European Parliament Breach, DocGo Hack, VMware Advisories Moved
Fri, 10 May 2024 12:02:40 +0000
Noteworthy stories that might have slipped under the radar: European Parliament application breached, DocGo hacked, VMware advisories moved to Broadcom portal.
The post In Other News: European Parliament Breach, DocGo Hack, VMware Advisories Moved appeared first on SecurityWeek.
https://www.securityweek.com/in-other-news-european-parliament-breach-docgo-hack-vmware-advisories-moved/
Exploited Chrome Zero-Day Patched by Google
Fri, 10 May 2024 11:29:11 +0000
A Chrome 124 update patches the second Chrome zero-day that has been found to be exploited in malicious attacks in 2024.
The post Exploited Chrome Zero-Day Patched by Google appeared first on SecurityWeek.
https://www.securityweek.com/exploited-chrome-zero-day-patched-by-google/
Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability
Fri, 10 May 2024 15:53:00 +0530
Google on Thursday released security updates to address a zero-day flaw in Chrome that it said has been actively exploited in the wild.
Tracked as CVE-2024-4671, the high-severity vulnerability has been described as a case of use-after-free in the Visuals component. It was reported by an anonymous researcher on May 7, 2024.
Use-after-free bugs, which arise when a program
https://thehackernews.com/2024/05/chrome-zero-day-alert-update-your.html
What’s the Right EDR for You?
Fri, 10 May 2024 15:52:00 +0530
A guide to finding the right endpoint detection and response (EDR) solution for your business’ unique needs.
Cybersecurity has become an ongoing battle between hackers and small- and mid-sized businesses. Though perimeter security measures like antivirus and firewalls have traditionally served as the frontlines of defense, the battleground has shifted to endpoints. This is why endpoint
https://thehackernews.com/2024/05/whats-right-edr-for-you.html
Malicious Android Apps Pose as Google, Instagram, WhatsApp to Steal Credentials
Fri, 10 May 2024 15:51:00 +0530
Malicious Android apps masquerading as Google, Instagram, Snapchat, WhatsApp, and X (formerly Twitter) have been observed to steal users’ credentials from compromised devices.
“This malware uses famous Android app icons to mislead users and trick victims into installing the malicious app on their devices,” the SonicWall Capture Labs threat research team said in a recent report.
The
https://thehackernews.com/2024/05/malicious-android-apps-pose-as-google.html
500,000 Impacted by Ohio Lottery Ransomware Attack
Fri, 10 May 2024 09:37:40 +0000
The Ohio Lottery cyberattack conducted by the DragonForce ransomware group has impacted more than 500,000 individuals.
The post 500,000 Impacted by Ohio Lottery Ransomware Attack appeared first on SecurityWeek.
https://www.securityweek.com/500000-impacted-by-ohio-lottery-ransomware-attack/
RSA Conference 2024 – Announcements Summary (Day 4)
Fri, 10 May 2024 08:34:21 +0000
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
The post RSA Conference 2024 – Announcements Summary (Day 4) appeared first on SecurityWeek.
https://www.securityweek.com/rsa-conference-2024-announcements-summary-day-4/
Researchers Uncover ‘LLMjacking’ Scheme Targeting Cloud-Hosted AI Models
Fri, 10 May 2024 13:11:00 +0530
Cybersecurity researchers have discovered a novel attack that employs stolen cloud credentials to target cloud-hosted large language model (LLM) services with the goal of selling access to other threat actors.
The attack technique has been codenamed LLMjacking by the Sysdig Threat Research Team.
“Once initial access was obtained, they exfiltrated cloud credentials and gained
https://thehackernews.com/2024/05/researchers-uncover-llmjacking-scheme.html
Accenture Lands $789 Million Contract to Bolster U.S. Navy Cybersecurity
Thu, 09 May 2024 19:26:40 +0000
Accenture Federal Services wins $789 million U.S. Navy SHARKCAGE cybersecurity contract.
The post Accenture Lands $789 Million Contract to Bolster U.S. Navy Cybersecurity appeared first on SecurityWeek.
https://www.securityweek.com/accenture-lands-789-million-contract-to-bolster-u-s-navy-cybersecurity/
New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation
Thu, 09 May 2024 23:25:00 +0530
Researchers have detailed a Virtual Private Network (VPN) bypass technique dubbed TunnelVision that allows threat actors to snoop on victim’s network traffic by just being on the same local network.
The “decloaking” method has been assigned the CVE identifier CVE-2024-3661 (CVSS score: 7.6). It impacts all operating systems that implement a DHCP client and has
https://thehackernews.com/2024/05/new-tunnelvision-attack-allows.html
Dell Says Customer Names, Addresses Stolen in Database Breach
Thu, 09 May 2024 17:04:41 +0000
Tech giant notifies millions of customers that full names and physical mailing addresses were stolen during a security incident.
The post Dell Says Customer Names, Addresses Stolen in Database Breach appeared first on SecurityWeek.
https://www.securityweek.com/dell-says-customer-names-addresses-stolen-in-database-breach/
Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign
Thu, 09 May 2024 20:50:00 +0530
Polish government institutions have been targeted as part of a large-scale malware campaign orchestrated by a Russia-linked nation-state actor called APT28.
“The campaign sent emails with content intended to arouse the recipient’s interest and persuade him to click on the link,” the computer emergency response team, CERT Polska, said in a Wednesday bulletin.
Clicking on the link
https://thehackernews.com/2024/05/kremlin-backed-apt28-targets-polish.html
Criminal Use of AI Growing, But Lags Behind Defenders
Thu, 09 May 2024 14:48:31 +0000
When not scamming other criminals, criminals are concentrating on the use of mainstream AI products rather than developing their own AI systems.
The post Criminal Use of AI Growing, But Lags Behind Defenders appeared first on SecurityWeek.
https://www.securityweek.com/criminal-use-of-ai-growing-but-lags-behind-defenders/
LockBit Takes Credit for City of Wichita Ransomware Attack
Thu, 09 May 2024 13:31:44 +0000
The LockBit cybercrime group has taken credit for the recent ransomware attack that disrupted City of Wichita systems.
The post LockBit Takes Credit for City of Wichita Ransomware Attack appeared first on SecurityWeek.
https://www.securityweek.com/lockbit-takes-credit-for-city-of-wichita-ransomware-attack/
CISA Announces CVE Enrichment Project ‘Vulnrichment’
Thu, 09 May 2024 12:26:53 +0000
CISA’s Vulnrichment project is adding important information to CVE records to help improve vulnerability management processes.
The post CISA Announces CVE Enrichment Project ‘Vulnrichment’ appeared first on SecurityWeek.
https://www.securityweek.com/cisa-announces-cve-enrichment-project-vulnrichment/
New Guide: How to Scale Your vCISO Services Profitably
Thu, 09 May 2024 16:35:00 +0530
Cybersecurity and compliance guidance are in high demand among SMEs. However, many of them cannot afford to hire a full-time CISO. A vCISO can answer this need by offering on-demand access to top-tier cybersecurity expertise. This is also an opportunity for MSPs and MSSPs to grow their business and bottom line.
MSPs and MSSPs that expand their offerings and provide vCISO services
https://thehackernews.com/2024/05/new-guide-how-to-scale-your-vciso.html