Beijing’s compromise of Tokyo’s classified cyber networks could prevent greater strategic coordination between Japan’s Defense Ministry and the Pentagon.
Category: cybercrime/malcode – Page 65
The Clop ransomware gang has once again altered extortion tactics and is now using torrents to leak data stolen in MOVEit attacks.
Starting on May 27th, the Clop ransomware gang launched a wave of data-theft attacks exploiting a zero-day vulnerability in the MOVEit Transfer secure file transfer platform.
Exploiting this zero-day allowed the threat actors to steal data from almost 600 organizations worldwide before they realized they were hacked.
In collaboration with CISA, the NSA, and the FBI, Five Eyes cybersecurity authorities have issued today a list of the 12 most exploited vulnerabilities throughout 2022.
Cybersecurity agencies in the United States, Australia, Canada, New Zealand, and the United Kingdom called on organizations worldwide to address these security flaws and deploy patch management systems to minimize their exposure to potential attacks.
Threat actors increasingly focused their attacks on outdated software vulnerabilities rather than recently disclosed ones during the previous year, specifically targeting systems left unpatched and exposed on the Internet.
This post is also available in: 
עברית (Hebrew)
A hacktivist group called “Mysterious Team Bangladesh” attacked over 750 times this year using the DDoS (Distributed Denial of Service) method and defaced over 70 websites. According to research performed by cyber security firm Group-IB, they seem to be driven by political and religious reasons.
“Mysterious Team Bangladesh” was founded in 2020 by a threat actor nicknamed “D4RK TSN” and is it unclear whether it originates from Bangladesh. Their activity peaked in May of 2023 after announcing a large-scale campaign against India.
Beware of CherryBlos: the new Android malware that’s out to steal your cryptocurrency!
The Abyss Locker operation is the latest to develop a Linux encryptor to target VMware’s ESXi virtual machines platform in attacks on the enterprise.
As the enterprise shifts from individual servers to virtual machines for better resource management, performance, and disaster recovery, ransomware gangs create encryptors focused on targeting the platform.
With VMware ESXi being one of the most popular virtual machine platforms, almost every ransomware gang has begun to release Linux encryptors to encrypt all virtual servers on a device.
“Guarding The Digital Frontier. AI As A Cyber Weapon”
Thank you!
Chuck Brooks is an Adjunct Faculty at Georgetown University’s Graduate Cybersecurity Risk Management Program, where he has taught courses on risk management, emerging technologies, and cybersecurity.
Cybersecurity researchers said they have discovered what they say is the first open-source software supply chain attacks specifically targeting the banking sector.
“These attacks showcased advanced techniques, including targeting specific components in web assets of the victim bank by attaching malicious functionalities to it,” Checkmarx said in a report published last week.
“The attackers employed deceptive tactics such as creating a fake LinkedIn profile to appear credible and customized command-and-control (C2) centers for each target, exploiting legitimate services for illicit activities.”
The Chinese state-backed APT41 hacking group is targeting Android devices with two newly discovered spyware strains dubbed WyrmSpy and DragonEgg by Lookout security researchers.
APT41 is one of the oldest state hacking groups with a history of targeting various industries in the USA, Asia, and Europe.
They are known for conducting cyber-espionage operations against entities across various industry sectors, including software development, hardware manufacturing, think tanks, telcos, universities, and foreign governments.
While Tesla famously won’t support CarPlay, code found in its iOS app update points to at least testing of AirPlay in its cars.
It’s never been possible to use Apple’s CarPlay in Teslas — not without a hack, and a convoluted one at that — but CEO Elon Musk has previously hinted at AirPlay support.
Now according to the unofficial “Tesla App Updates (iOS)” account on Twitter, the latest version of Tesla’s iPhone app includes a mention of AirPlay in its code.