Security News

The North Korean state-sponsored threat actors have been attributed to a cyber espionage campaign targeting the defense sector across the world. In a joint advisory published by Germany's Federal...

In an advisory today Germany's federal intelligence agency and South Korea's National Intelligence Service warn of an ongoing cyber-espionage operation targeting the global defense sector on behalf of the North Korean government. Today's joint cybersecurity advisory highlights two cases attributed to North Korean actors, one of them the Lazarus group, to provide the tactics, techniques, and procedures used by the attackers.

Chinese state-sponsored hackers have breached the Dutch Ministry of Defense last year and deployed a new remote access trojan malware to serve as a backdoor. "The effects of the intrusion were limited because the victim network was segmented from the wider MOD networks," the Dutch Military Intelligence and Security Service and the General Intelligence and Security Service noted.

Dutch authorities are lifting the curtain on an attempted cyberattack last year at its Ministry of Defense, blaming Chinese state-sponsored attackers for the espionage-focused intrusion. Specialists from the Netherlands' Military Intelligence and Security Service and the General Intelligence and Security Service were called in to investigate an intrusion at an MOD network last year, uncovering a previously unseen malware they're calling Coathanger.

A zero-day vulnerability that, when triggered, could crash the Windows Event Log service on all supported versions of Windows could spell trouble for enterprise defenders. "I have only tested the whole thing a few times in a domain network consisting of a Windows 10 machine and a Windows Server 2022 domain controller. I was able to crash the event log service of the domain controller as an unprivileged user from the Windows 10 machine, and that was about it."

Medieval castles stood as impregnable fortresses for centuries, thanks to their meticulous design. Fast forward to the digital age, and this medieval wisdom still echoes in cybersecurity. Like...

In the cloud, offensive cybersecurity is less about brute force and more about strategic finesse. The approach to offensive cybersecurity becomes more proactive, intelligent, and nuanced.

Iranian cyberspies are targeting defense industrial base organizations with a new backdoor called FalseFont, according to Microsoft. "We identified APT33 malware tied to an Iranian persona who may have been employed by the Iranian government to conduct cyber threat activity against its adversaries," the threat hunters said in an alert updated in October.

Organizations in the Defense Industrial Base (DIB) sector are in the crosshairs of an Iranian threat actor as part of a campaign designed to deliver a never-before-seen backdoor called FalseFont....

Microsoft says the APT33 Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack defense contractors worldwide. "Microsoft has observed the Iranian nation-state actor Peach Sandstorm attempting to deliver a newly developed backdoor named FalseFont to individuals working for organizations in the Defense Industrial Base sector," the company said.