New Malware Campaign Targets Diplomatic Entities Worldwide Recent findings from cybersecurity firm ESET reveal a sophisticated malware campaign that has been orchestrating attacks on consulates, ministries, and embassies across the globe in a bid to gather intelligence on governmental operations and diplomats. This campaign, which has reportedly been active since…
Malware Incident at Japan’s Monju Nuclear Power Plant Raises Cybersecurity Concerns In a recent incident, Japan’s Monju Nuclear Power Plant became the unwitting target of a malware attack due to a routine software update on January 2. A plant employee inadvertently installed malicious software while updating a video playback program.…
A new ransomware attack, referred to as “Bad Rabbit,” has globally spread, impacting over 200 organizations, with major consequences noted in Russia, Ukraine, Turkey, and Germany within a short timeframe. This targeted attack closely resembles the Petya ransomware, demanding a ransom of 0.05 bitcoin, approximately $285, to restore access to…
Recent Surge in Memcached-Based DDoS Attacks Targets Major Online Services A new report indicates a dramatic rise in cyber attacks leveraging Memcached reflections, sparking concern across the cybersecurity community. In just ten days, nearly 15,000 attacks have targeted 7,131 unique online entities, marking one of the largest spikes in DDoS…
Kaspersky researchers have uncovered a sophisticated advanced persistent threat (APT) group that has remained under the radar since at least 2012, using complex techniques that have allowed them to execute extensive cyber intrusions. This group has leveraged a sophisticated malware variant known as **Slingshot**, which has reportedly compromised hundreds of…
New Cybersecurity Vulnerability Discovered in MOVEit Transfer Application Progress Software announced on Thursday that a newly identified security vulnerability, tracked as CVE-2023-35708, affects its MOVEit Transfer application. This revelation comes amidst ongoing cyber extortion efforts by the Cl0p ransomware group, targeting various companies utilizing this application. The vulnerability presents an…
On Wednesday, Apple announced a comprehensive series of updates for its iOS, iPadOS, macOS, watchOS, and Safari browser, addressing vulnerabilities that were stated to be actively exploited in the wild. Among these updates are two critical zero-day flaws involved in a mobile surveillance effort dubbed Operation Triangulation, which has been…
A new report has unveiled a previously undocumented malware variant, named EarlyRat, which has been utilized by the North Korean-aligned threat actor known as Andariel in targeted phishing campaigns. This addition enhances Andariel’s already diverse toolkit, marking a notable shift in their operational capabilities. Kaspersky’s latest findings reveal that Andariel…
Recent findings from cybersecurity firm Mandiant reveal significant zero-day vulnerabilities in Windows Installers associated with Atera’s remote monitoring and management software. These vulnerabilities could potentially be exploited to initiate privilege escalation attacks against affected systems. Identified on February 28, 2023, these vulnerabilities have been allocated the identifiers CVE-2023-26077 and CVE-2023-26078.…
