Security News
The North Korea-linked nation-state group called BlueNoroff has been attributed to a previously undocumented macOS malware strain dubbed ObjCShellz. Jamf Threat Labs, which disclosed details of the malware, said it's used as part of the RustBucket malware campaign, which came to light earlier this year.
Although Åland is part of the Republic of Finland, it has its own autonomous parliament. In areas where Åland has its own legislation, the group of islands essentially operates as an independent nation.
Microsoft has published a detailed profile of a native English-speaking threat actor with advanced social engineering capabilities it tracks as Octo Tempest, that targets companies in data extortion and ransomware attacks. Microsoft says that Octo Tempest also used direct physical threats in some cases to obtain logins that would advance their attack.
Microsoft has published a detailed profile of a native English-speaking threat actor with advanced social engineering capabilities it tracks as Octo Tempest, that targets companies in data extortion and ransomware attacks. Microsoft says that Octo Tempest also used direct physical threats in some cases to obtain logins that would advance their attack.
Google says that several state-backed hacking groups have joined ongoing attacks exploiting a high-severity vulnerability in WinRAR, a compression software used by over 500 million users, aiming to gain arbitrary code execution on targets' systems. Google's Threat Analysis Group, a team of security experts who defend Google users from state-sponsored attacks, has detected state hackers from several countries targeting the bug, including the Sandworm, APT28, and APT40 threat groups from Russia and China.
Interesting New York Times article about high-school students hacking the grading system. What's not helping? The policies many school districts are adopting that make it nearly impossible for low-performing students to fail-they have a grading floor under them, they know it, and that allows them to game the system.
A threat actor has leaked the complete source code for the first version of the HelloKitty ransomware on a Russian-speaking hacking forum, claiming to be developing a new, more powerful encryptor. A threat actor named Gookee has been previously associated with malware and hacking activity, attempting to sell access to Sony Network Japan in 2020, linked to a Ransomware-as-a-Service operation called 'Gookee Ransomware,' and trying to sell malware source code on a hacker forum.
Turns out pumps at gas stations are controlled via Bluetooth, and that the connections are insecure. No details in the article, but it seems that it's easy to take control of the pump and have it dispense gas without requiring payment.
The pitfalls of neglecting security ownership at the design stageIn this Help Net Security interview, Nima Baiati, Executive Director and GM, Commercial Cybersecurity Solutions at Lenovo, discusses the disconnect between development and security teams and how companies need to prioritize security and why utilizing a multi-layered strategy is the best way to secure above and below the OS. The hidden costs of neglecting cybersecurity for small businessesIn this Help Net Security interview, Raffaele Mautone, CEO of Judy Security, talks about the cybersecurity problems that small businesses face and the need for prioritization to save businesses from potential fines and damage to their brand reputation. Network Flight Simulator: Open-source adversary simulation toolNetwork Flight Simulator is a lightweight utility that generates malicious network traffic and helps security teams evaluate security controls and network visibility.
Cybersecurity agencies from Japan and the U.S. have warned of attacks mounted by a state-backed hacking group from China to stealthily tamper with branch routers and use them as jumping-off points...