Cross-Chain Crime: A Sneaky $7 Billion in Crypto Washed Whiter than your Dad’s New Sneakers Main Points: Up to $7 billion in cryptocurrency has been illicitly laundered through cross-chain crime. The North Korea-associated Lazarus Group is connected to approximately $900 million of the stolen funds between July 2022 and July of this year. Crypto crime
Read More
Semiconductor Companies in East Asia Targeted by Doppelgänger Threat actors are presently baiting semiconductor companies in East Asia using decoys pretending to be Taiwan Semiconductor Manufacturing Company (TSMC). This tactic, called Cobalt Strike beacons, is designed to lure their targets in. The scheme has been observed and analyzed by EclecticIQ, who reveals that it employs
Read More
**Main Points:** – The importance of safeguarding sensitive data to ensure confidentiality, protection from unauthorized access and compliance with data privacy regulations – Consequences of data breaches including financial and reputational damage, as well as potential legal issues – The role of robust data access security measures in protecting an organization’s assets, maintaining customer trust,
Read More
Main Points: – GitHub announced an improvement to its secret scanning feature. – The improvement extends validity checks to popular services such as Amazon Web Services (AWS), Google, Microsoft, and Slack. – Validity checks alert users to whether exposed tokens found by secret scanning are active. – This enables users to take effective remediation measures.
Read More
Summary of Security Vulnerabilities in Supermicro’s IPMI Firmware Main Points: – Multiple security vulnerabilities have been revealed in the Intelligent Platform Management Interface (IPMI) firmware for Supermicro baseboard management controllers (BMCs). – These vulnerabilities could lead to privilege escalation and the execution of malicious code on affected systems. – The seven flaws range from high
Read More
QakBot Malware Operators Tenacious Despite Setbacks • QakBot malware operators have continued to conduct their phishing campaigns despite disruptions. • Since early August 2023, these phishers are responsible for delivering the Ransom Knight (aka Cyclops) ransomware and Remcos RAT. • These recent events suggest the law enforcement operations only impacted a portion of the QakBot
Read More
Cisco Patches Critical Flaw in Emergency Responder Key Points The tech giant Cisco has released updates to rectify a serious security flaw in its Emergency Responder system. The vulnerability, referred to as CVE-2023-20101 with a CVSS score of 9.8, enables unverified, distant attackers to log into vulnerable systems utilizing hard-coded credentials. The root of this
Read More
Programmers Get Creative: Malware Edition Meet Lu0Bot: The Newest Threat Malware programmers are getting innovative with unconventional programming languages, like Node.js, to dodge detection systems. Lu0Bot, the recent addition to this array of malware, targets platform-agnostic runtime environments routine in modern web applications. This new breed of malware employs multilayer obfuscation, making it a grave
Read More
When Hackers Have a Field Day: Operation Jacana Targets Guyana’s Government Operation Jacana Takes Aim In quite an eye-opening development, it seems the government wasn’t busy bickering just among themselves, but were also dealing with an unwelcome guest, a cyber espionage campaign known as Operation Jacana. I tell ya, those cyber shenanigans never take a
Read More
Android Banking Trojan GoldDigger Stirs Pot A Shiny New Android Trojan Drains Bank Accounts In keeping with the true digital gold rush that is lined with danger and mystery, a new Android banking trojan, fittingly named GoldDigger, has been discovered. Just like its namesake, it’s not here to make friends. It has its eyes on
Read MoreNo products in the cart.