Security News

Chinese state-sponsored hackers have breached the Dutch Ministry of Defense last year and deployed a new remote access trojan malware to serve as a backdoor. "The effects of the intrusion were limited because the victim network was segmented from the wider MOD networks," the Dutch Military Intelligence and Security Service and the General Intelligence and Security Service noted.

Dutch authorities are lifting the curtain on an attempted cyberattack last year at its Ministry of Defense, blaming Chinese state-sponsored attackers for the espionage-focused intrusion. Specialists from the Netherlands' Military Intelligence and Security Service and the General Intelligence and Security Service were called in to investigate an intrusion at an MOD network last year, uncovering a previously unseen malware they're calling Coathanger.

A zero-day vulnerability that, when triggered, could crash the Windows Event Log service on all supported versions of Windows could spell trouble for enterprise defenders. "I have only tested the whole thing a few times in a domain network consisting of a Windows 10 machine and a Windows Server 2022 domain controller. I was able to crash the event log service of the domain controller as an unprivileged user from the Windows 10 machine, and that was about it."

Medieval castles stood as impregnable fortresses for centuries, thanks to their meticulous design. Fast forward to the digital age, and this medieval wisdom still echoes in cybersecurity. Like...

In the cloud, offensive cybersecurity is less about brute force and more about strategic finesse. The approach to offensive cybersecurity becomes more proactive, intelligent, and nuanced.

Iranian cyberspies are targeting defense industrial base organizations with a new backdoor called FalseFont, according to Microsoft. "We identified APT33 malware tied to an Iranian persona who may have been employed by the Iranian government to conduct cyber threat activity against its adversaries," the threat hunters said in an alert updated in October.

Organizations in the Defense Industrial Base (DIB) sector are in the crosshairs of an Iranian threat actor as part of a campaign designed to deliver a never-before-seen backdoor called FalseFont....

Microsoft says the APT33 Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack defense contractors worldwide. "Microsoft has observed the Iranian nation-state actor Peach Sandstorm attempting to deliver a newly developed backdoor named FalseFont to individuals working for organizations in the Defense Industrial Base sector," the company said.

Hands-On Review: Memcyco’s Threat Intelligence Solution Website impersonation, also known as brandjacking or website spoofing, has emerged as a significant threat to online businesses. Malicious...

Instead of investing time in formulating non-binding pledges rather than working on actionable solutions, the US Government should adopt a more proactive stance by directly procuring advanced cybersecurity tools. By spearheading the implementation, through investment and education, the government can set a powerful example for the private sector to follow, thereby reinforcing the nation's cyber infrastructure.