Security News
The recent attacks were discovered by researchers at cybersecurity company CrowdStrike, who made the attribution based on infrastructure overlaps with past campaigns, observed tactics, techniques, and procedures, the use of the IMAPLoader malware, phishing lures. In a report published earlier this week, researchers say that Imperial Kitten launched phishing attacks in October using a 'job recruitment' theme in emails carrying a malicious Microsoft Excel attachment.
A group with links to Iran targeted transportation, logistics, and technology sectors in the Middle East, including Israel, in October 2023 amid a surge in Iranian cyber activity since the onset of the Israel-Hamas war. The attacks have been attributed by CrowdStrike to a threat actor it tracks under the name Imperial Kitten, and which is also known as Crimson Sandstorm, TA456, Tortoiseshell, and Yellow Liderc.
New data reveals artificial intelligence is challenging organizations in significant ways, with only 15% of global tech leaders reporting they are prepared for the demands of generative AI and 88% saying stronger regulation of AI is essential, according to Harvey Nash. Concerns around the effective application of AI are significant, with almost 9 in 10 global leaders saying stronger regulation of AI is critical, yet 61% say it won't be effective, compared to 54% in the US who say the same.
The UK government has set in train plans to introduce legislation requiring tech companies to let it know when they plan to introduce new security technologies and could potentially force them to disable when required. They could mean the Home Office get advance access to technical details of security measures employed by popular big tech platforms so it can access user data and monitor nefarious activity.
Israeli higher education and tech sectors have been targeted as part of a series of destructive cyber attacks that commenced in January 2023 with an aim to deploy previously undocumented wiper malware. "The attacks are characterized by attempts to steal sensitive data, such as personally identifiable information and intellectual property," Palo Alto Networks Unit 42 said in a new report shared with The Hacker News.
Three Russian nationals were arrested in New York yesterday on charges of moving electronics components worth millions to sanctioned entities in Russia, pieces of which were later recovered on battlefields in Ukraine. Components "With the same make, model and part number shipped by defendants have been found in seized Russian weapons platforms and signals intelligence equipment in Ukraine," the government alleged.
A UK minister for policing has called for forces to double their use of algorithmic-assisted facial recognition in a bid to snare more criminals. Chris Philp MP, Minister of State for Crime, Policing and Fire, said both the use of live and retrospective facial recognition should increase following a commitment to spend £17.5 million on "a resilient and highly accurate system" to search all databases of images the police can access.
India's Central Bureau of Investigation raided 76 locations in a nationwide crackdown on cybercrime operations behind tech support scams and cryptocurrency fraud. The police operation, part of Operation Chakra-II, aims to dismantle cyber-enabled financial crime rings and is a collaborative effort involving international law enforcement agencies and tech companies such as Microsoft and Amazon, working alongside the Indian federal enforcement agency.
Citrix is warning of exploitation of a recently disclosed critical security flaw in NetScaler ADC and Gateway appliances that could result in exposure of sensitive information. Tracked as...
As Australian organisations and government departments continue to struggle with IT resourcing, a new wave of collaboration potentially represents the solution. Collaboration allows departments to address challenges together.