Tag: attack
-
Russia focuses cyber attacks on Ukraine rather than West despite rising tension
Computer Weekly talks to GCHQ’s National Cyber Security Centre operations director Paul Chichester and former NCSC chief executive Ciaran Martin on Russia, China and Salt Typhoon First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366617232/Russia-focuses-cyber-attacks-on-Ukraine-rather-than-West-despite-rising-tension
-
BadRAM Attack Breaches AMD Secure VMs with $10 Device
by
in SecurityNewsResearchers have uncovered a vulnerability that allows attackers to compromise AMD’s Secure Encrypted Virtualization (SEV) technology using a $10 device. This breakthrough exposes a previously underexplored weakness in memory module security, specifically in cloud computing environments where SEV is widely used to protect sensitive data, which is shared on the BadRAM page. Modern computers depend…
-
Europol Dismantles 27 DDoS Attack Platforms Across 15 Nations; Admins Arrested
by
in SecurityNewsA global law enforcement operation has failed 27 stresser services that were used to conduct distributed denial-of-service (DDoS) attacks and took them offline as part of a multi-year international exercise called PowerOFF.The effort, coordinated by Europol and involving 15 countries, dismantled several booter and stresser websites, including zdstresser.net, orbitalstress.net, and First seen on thehackernews.com Jump…
-
Attackers can abuse the Windows UI Automation framework to steal data from apps
by
in SecurityNewsAn accessibility feature built into Windows to facilitate the use of computers by people with disabilities can be abused by malware to steal data from other applications or control them in malicious ways that evades detection by most endpoint protection systems.The Windows UI Automation framework has existed since the days of Windows XP and provides…
-
AMD data center chips vulnerable to revealing data through ‘BadRAM’ attack
by
in SecurityNews
Tags: access, advisory, attack, best-practice, cloud, cve, data, encryption, exploit, finance, firmware, flaw, germany, Hardware, mitigation, monitoring, reverse-engineering, software, update, vulnerabilityAMD’s Secure Encrypted Virtualization (SEV), meant to protect processor memory from prying eyes in virtual machine (VM) environments, can be tricked into giving access to its encrypted memory contents using a test rig costing less than $10, researchers have revealed.Dubbed “BadRAM” by researchers from the University of Lübeck in Germany, KU Leven in Belgium, and…
-
North Korean hackers behind $50 million crypto heist of Radiant Capital
by
in SecurityNewsResearchers attributed the attack on the cryptocurrency platform to a group housed within North Korea’s Reconnaissance General Bureau (RGB).]]> First seen on therecord.media Jump to article: therecord.media/radiant-capital-heist-north-korea
-
Ransomware Hackers Exploiting Cleo Software Zero-Day
by
in SecurityNews
Tags: attack, communications, exploit, flaw, hacker, ransomware, software, update, vulnerability, zero-dayAttackers Target Managed File Transfer Software Vulnerabilities. File transfer software made by Cleo Communications is under active attack and a patch meant to stymie hackers doesn’t fix the flaw, say security researchers from Huntress. Hackers exploit an arbitrary file-write vulnerability along with a feature that automatically executes files. First seen on govinfosecurity.com Jump to article:…
-
The imperative for governments to leverage genAI in cyber defense
by
in SecurityNews
Tags: ai, attack, cyber, cyberattack, cybersecurity, dark-web, data, deep-fake, defense, detection, email, endpoint, gartner, government, incident response, infrastructure, intelligence, LLM, malicious, malware, microsoft, strategy, tactics, threat, tool, training, vulnerabilityIn an era where cyber threats are evolving at an unprecedented pace, the need for robust cyber defense mechanisms has never been more critical. Sixty-two percent of all cyberattacks focus on public sector organizations directly and indirectly. Nation-state actors, equipped with generative artificial intelligence (genAI) sophisticated tools and techniques, pose significant threats to national security,…
-
Krispy Kreme Cyber Attack Disrupted Online Ordering in the US
by
in SecurityNewsSUMMARY Popular doughnut chain Krispy Kreme has become the latest victim of a cyber attack. The incident, which… First seen on hackread.com Jump to article: hackread.com/krispy-kreme-cyber-attack-disrupted-online-order-us/
-
Cardiac surgery device manufacturer falls prey to ransomware
by
in SecurityNews
Tags: attack, breach, business, cyber, cyberattack, cybercrime, data, group, hacker, healthcare, ransom, ransomware, service, supply-chainThe healthcare industry has been increasingly in the crosshairs of cyberattackers this year, with ransomware near the top of the sector’s biggest cyber threats. Hackers are attacking IT systems and personal data, among other things, with the aim of manipulation or theft. But it’s not just hospitals that are affected by cyberattacks; their suppliers are under attack as well.…
-
US moves against Chinese cybersecurity firm over sweeping Ragnarok ransomware attack
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/us-moves-against-chinese-cybersecurity-firm-over-sweeping-ragnarok-ransomware-attack
-
Spearphishing, rising ransomware attacks threaten utilities sectors
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/spearphishing-rising-ransomware-attacks-threaten-utilities-sectors
-
Electrica Group impacted by ongoing ransomware attack
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/electrica-group-impacted-by-ongoing-ransomware-attack
-
Separate ransomware attacks hit Japanese firms’ US subsidiaries
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/separate-ransomware-attacks-hit-japanese-firms-us-subsidiaries
-
US names Chinese national it alleges was behind 2020 attack on Sophos firewalls
by
in SecurityNewsAlso sanctions his employer an outfit called Sichuan Silence linked to Ragnarok ransomware First seen on theregister.com Jump to article: www.theregister.com/2024/12/11/sichuan_silence_sophos_zeroday_sanctions/
-
US sanctions Chinese cybersecurity firm over global malware campaign
by
in SecurityNews
Tags: attack, breach, china, computer, control, corporate, credentials, cve, cyber, cyberattack, cybersecurity, email, encryption, exploit, finance, firewall, fraud, government, group, healthcare, identity, infection, infrastructure, intelligence, international, malicious, malware, monitoring, network, office, password, ransomware, risk, service, software, sophos, technology, terrorism, threat, tool, vulnerability, zero-dayThe US government has imposed sanctions on Chinese cybersecurity firm Sichuan Silence Information Technology and one of its employees, Guan Tianfeng, for their alleged involvement in a 2020 global cyberattack that exploited zero day vulnerabilities in firewalls.The actions were announced by the US Department of the Treasury and the Department of Justice (DOJ), which also…
-
Attackers exploit zero-day RCE flaw in Cleo managed file transfer
by
in SecurityNews
Tags: advisory, attack, cve, edr, exploit, firewall, flaw, group, Internet, malicious, mitigation, moveIT, powershell, ransomware, rce, remote-code-execution, software, tool, update, vulnerability, vulnerability-management, windows, zero-daySecurity researchers have warned about in-the-wild attacks that exploit a remote code execution vulnerability in managed file transfer (MFT) solutions developed by enterprise software vendor Cleo Communications.The impacted products include the latest versions of Cleo LexiCom, Cleo VLTrader and Cleo Harmony, with experts advising to temporarily disconnect these systems from the internet until a patch…
-
‘Termite’ Ransomware Likely Behind Cleo Zero-Day Attacks
by
in SecurityNewsThe threat actor group recently took credit for a similar attack on Blue Yonder that affected multiple organizations, including Starbucks. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/termite-ransomware-behind-cleo-zero-day-attacks
-
US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks
by
in SecurityNewsThe Department of the Treasury is sanctioning Chinese cybersecurity company Sichuan Silence, and one of its employees, Guan Tianfeng, for their roles in the April 2020 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/10/us-sanctions-sichuan-silence-guan-tianfeng/
-
New attack techniques leveraged by Black Basta
by
in SecurityNews
Tags: attackFirst seen on scworld.com Jump to article: www.scworld.com/brief/new-attack-techniques-leveraged-by-black-basta
-
Romanian energy supplier Electrica hit by ransomware
by
in SecurityNews
Tags: attack, ceo, cyberattack, cybersecurity, election, group, hacker, identity, infrastructure, ransomware, russiaFirst, the Romanian presidential election was annulled after being targeted with cyberattacks from foreign state-sponsored actors and a suspected Russian-controlled massive TikTok influence campaign. Now the Electrica Group, a major electricity provider with 3.8 million customers in Romania, has fallen victim to a ransomware attack.The company told investors on Dec. 9 that it is working with national cybersecurity authorities…
-
Black Hat: Latest news and insights
by
in SecurityNewsThe infosecurity world decamps to London this week, with research on vulnerabilities in AI systems at the fore of the latest edition of Black Hat Europe.The four-day program runs from Dec. 9-12, with two-and four-day options of hands-on trainings, but the main event at ExCeL London occurs on Dec. 11 and 12 featuring the latest research, developments,…
-
AMD’s trusted execution environment blown wide open by new BadRAM attack
by
in SecurityNews
Tags: attackAttack bypasses AMD protection promising security, even when a server is compromised. First seen on arstechnica.com Jump to article: arstechnica.com/information-technology/2024/12/new-badram-attack-neuters-security-assurances-in-amd-epyc-processors/
-
Black Hat Europe preview: Cryptographic protocol attacks and AI in the spotlight
by
in SecurityNews
Tags: access, ai, application-security, attack, authentication, backdoor, best-practice, computer, conference, control, cybercrime, cybersecurity, data, dns, encryption, exploit, finance, github, government, hacker, healthcare, identity, injection, Internet, LLM, malicious, microsoft, mitigation, office, open-source, radius, RedTeam, risk, service, sophos, technology, tool, training, vulnerability, vulnerability-management, windowsThis week in London Black Hat Europe will feature a diverse range of talks and presentations covering the latest developments in cybersecurity.The opening keynote on Wednesday will be delivered by Frédérick Douzet, a professor of geopolitics at the University of Paris 8, and director of the French Institute of Geopolitics research team. No preview is…
-
Treasury sanctions Chinese cyber company, employee for 2020 global firewall attack
by
in SecurityNewsThe department’s Office of Foreign Assets Control said Guan Tianfeng used a zero-day exploit to deploy malware on 81,000 firewalls. First seen on cyberscoop.com Jump to article: cyberscoop.com/treasury-sanctions-chinese-cyber-company-2020-firewall-attack/
-
Microsoft Challenge Will Test LLM Defenses Against Prompt Injections
Microsoft is calling out to researchers to participate in a competition that is aimed at testing the latest protections in LLMs against prompt injection attacks, which OWASP is calling the top security risk facing the AI models as the industry rolls into 2025. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/microsoft-challenge-will-test-llm-defenses-against-prompt-injections/
-
Snowflake to phase out single-factor authentication by late 2025
by
in SecurityNewsThe security policy change starts one year after a wave of attacks targeted more than 100 Snowflake customer environments without MFA. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/snowflake-authentication-policy-change/735099/
-
AMD secure VM tech undone by DRAM meddling
by
in SecurityNews
Tags: attackBoffins devise BadRAM attack to pilfer secrets from SEV-SNP encrypted memory First seen on theregister.com Jump to article: www.theregister.com/2024/12/10/amd_secure_vm_tech_undone/
-
SPA is for Single-Page Abuse! Using Single-Page Application Tokens to Enumerate Azure
by
in SecurityNewsAuthor: Lance B. Cain Overview Microsoft Azure is a leading cloud provider offering technology solutions to companies, governments, and other organizations around the globe. As such, many entitles have begun adopting Azure for their technology needs to include identity, authentication, storage, application management, and web services. One of the most common methods for organizations to begin…