A group of threat actors previously associated with the ShadowPad remote access Trojan (RAT) has adopted a new toolset to conduct campaigns against various government and state–owned organizations across multiple Asian countries.
The news comes from the Threat Hunter Team at Symantec , who published a new advisory about the threats earlier today.
Iranian Hackers Launch Renewed Attack on Albania - Infosecurity Magazine
Iranian hackers have been blamed for launching further cyber-attacks on the Albanian authorities, this time taking border control systems offline.
Albanian Prime Minister Edi Rama’s office tweeted over the weekend that the attacks hit the Total Information Management System (TIMS), which helps to track individuals coming in and out of the country.
Hackers Steal Steam Credentials With 'Browser-in-the-Browser' Technique - Infosecurity Magazine
In cases where two–factor authentication (2FA) is enabled, the resource returns a code request. The code is created using a separate program, which sends a push notification to the user’s device.
“A researcher with the moniker mr.d0x was the first to describe this phishing technique, in Spring 2022,” reads the advisory. “Threat actors decided to take advantage of the fact that Steam uses a pop–up window for user authentication instead of a new tab.”
Iranian Hackers Target High-Value Targets in Nuclear Security and Genomic Research
Hackers tied to the Iranian government have been targeting individuals specializing in Middle Eastern affairs, nuclear security, and genome research as part of a new social engineering campaign designed to hunt for sensitive information.
Enterprise security firm Proofpoint attributed the targeted attacks to a threat actor named TA453 , which broadly overlaps with cyber activities monitored under the monikers APT42, Charming Kitten, and Phosphorus.
Iran hackers ‘access database’ with records of 9.5m Israelis – Middle East Monitor
Israeli media reported yesterday that an Iranian group of hackers said that they had seized the data of millions of Israelis, including Prime Minister Yair Lapid and opposition leader Benjamin Netanyahu, and taken down the website of the Israeli broadcaster Kan .
According to the news website Walla , the Iranian hacker group war_dark said it managed to hack a database containing the details of about 9.5 million Israeli residents, including Lapid and Netanyahu.
Marine Officer Leads Joint-Service Team of Hackers in an IT Competition > United States Marine ...
During the week of July 18-22, 2022, U.S. Marine Corps 1st Lt. Anthony Rosa, an unmanned-aerial surveillance electronic warfare officer with Marine Unmanned Aerial Vehicle Squadron 2, and his team competed in the BRAVO Hackathon.
AI has bigger role in cybersecurity, but hackers may benefit the most
Artificial intelligence is playing an increasingly important role in cybersecurity — for both good and bad. Organizations can leverage the latest AI-based tools to better detect threats and protect their systems and data resources.
The rise in cyberattacks is helping to fuel growth in the market for AI-based security products. A July 2022 report by Acumen Research and Consulting says the global market was $14.9 billion in 2021 and is estimated to reach $133.8 billion by 2030.
Hackers breach software vendor for Magento supply-chain attacks
Magento is a popular open-source eCommerce platform used for building electronic shops, supporting the sale of tens of billions USD worth of goods annually.
The intruders took control of FishPig's server infrastructure and added malicious code to the vendor's software to gain access to websites using the products, in what is described as a supply-chain attack.
New PsExec spinoff lets hackers bypass network security defenses
Security researchers have developed an implementation of the Sysinternals PsExec utility that allows moving laterally in a network using a single, less monitored port, Windows TCP port 135.
PsExec is designed to help administrators execute processes remotely on machines in the network without the need to install a client.
SparklingGoblin APT Hackers Using New Linux Variant of SideWalk Backdoor
A Linux variant of a backdoor known as SideWalk was used to target a Hong Kong university in February 2021, underscoring the cross-platform abilities of the implant.
Slovak cybersecurity firm ESET, which detected the malware in the university's network, attributed the backdoor to a nation-state actor dubbed SparklingGoblin . The unnamed university is said to have been already targeted by the group in May 2020 during the student protests .
Broadcom's Symantec has new research out on some new ShadowPad attacks https://t.co/3hkFlwVYjU https://t.co/UJOhVk4N4U campuscodi (from EU/RO) Wed Sep 14 02:54:00 +0000 2022
https://sypuber.page.link/reddcct
REDACTED ID. Click here.
No comments:
Post a Comment