Security News

The Treasury Department's Office of Foreign Assets Control has sanctioned four Iranian nationals for their involvement in cyberattacks against the U.S. government, defense contractors, and private companies. Entities at least 50% owned by blocked persons are also subject to freeze, and transactions involving their assets are prohibited without OFAC authorization, while financial institutions and other organizations dealing with sanctioned individuals and companies also risk exposure to sanctions or enforcement actions.

The National Police Agency in South Korea issued an urgent warning today about North Korean hacking groups targeting defense industry entities to steal valuable technology information. The police discovered several instances of successful breaches of defense companies in South Korea involving the hacking groups Lazarus, Andariel, and Kimsuky, all part of the North Korean hacking apparatus.

The Department of State has started imposing visa restrictions on mercenary spyware makers and peddlers, prohibiting their entry into the United States, as announced earlier in February. The crackdown has begun with 13 individuals and their close families linked to commercial spyware operations.

North Korean hackers have been exploiting the updating mechanism of the eScan antivirus to plant backdoors on big corporate networks and deliver cryptocurrency miners through GuptiMiner malware. Researchers describe GuptiMiner as "a highly sophisticated threat" that can perform DNS requests to the attacker's DNS servers, extract payloads from images, sign its payloads, and perform DLL sideloading.

The UnitedHealth Group has confirmed that it paid a ransom to cybercriminals to protect sensitive data stolen during the Optum ransomware attack in late February. The BlackCat/ALPHV ransomware gang claimed the attack, alleging to have stolen 6TB of sensitive patient data.

Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness. Dependency confusion attacks take place owing to the fact...

For nearly four years and perhaps even longer, Forest Blizzard has been using a custom tool that exploits a specific vulnerability in Windows Print Spooler service. Dubbed GooseEgg, the tool is a launcher application that can spawn other applications with SYSTEM-level permissions, thus helping the hackers to perform remote code execution, install backdoors, steal credentials, and more.

Mandiant says the small increase over last year's figures, which were the lowest ever recorded for the region, could be due to data normalizing after Mandiant's work in Ukraine. Its own red teamers are able to achieve their objectives within five to seven days, it said, and given that equally capable enemies are carrying out their attacks regularly, these times need to drop if the number of successful attacks are too.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

TL;DR: If you want to improve your knowledge of cybersecurity, The All-in-One Ethical Hacking & Penetration Testing Bundle is available for $29.99. The All-in-One Ethical Hacking & Penetration Testing Bundle includes nine courses that are perfect for cybersecurity beginners and improvers alike.