information security news – Search.AI.Wiki

China-linked Flax Typhoon APT targets Taiwan

China-linked APT group Flax Typhoon targeted dozens of organizations in Taiwan as part of a suspected espionage campaign.

Microsoft linked the Chinese APT Flax Typhoon (aka Ethereal Panda) to a cyber espionage campaign that targeted dozens of organizations in Taiwan.…

Whiffy Recon malware triangulates the position of infected systems via Wi-Fi

Experts observed the SmokeLoader malware delivering a new Wi-Fi scanning malware strain dubbed Whiffy Recon.

Secureworks Counter Threat Unit (CTU) researchers observed the Smoke Loader botnet dropping a new Wi-Fi scanning malware named Whiffy Recon. The malicious code triangulates the …

FBI: Patches for Barracuda ESG Zero-Day CVE-2023-2868 are ineffective

The FBI warned that patches for a critical Barracuda ESG flaw CVE-2023-2868 are “ineffective” and patched appliances are still being hacked.

The Federal Bureau of Investigation warned that security patches for critical vulnerability CVE-2023-2868 in Barracuda Email Security Gateway (ESG) …

Lazarus APT exploits Zoho ManageEngine flaw to target an Internet backbone infrastructure provider

The North Korea-linked Lazarus group exploits a critical flaw in Zoho ManageEngine ServiceDesk Plus to deliver the QuiteRAT malware.

The North Korea-linked APT group Lazarus has been exploiting a critical vulnerability, tracked as CVE-2022-47966, in Zoho’s ManageEngine ServiceDesk in attacks …

Lapsus$ member has been convicted of having hacked multiple high-profile companies

An 18-year-old member of the Lapsus$ gang has been convicted of having helped hack multiple high-profile companies.

A teenage member of the Lapsus$ data extortion group, Arion Kurtaj (18), was convicted by a London jury of having hacked multiple high-profile …

DoJ charged Tornado Cash founders with laundering more than $1 billion

The U.S. DoJ charged two men with operating the Tornado Cash service and laundering more than $1 Billion in criminal proceeds.

The U.S. Justice Department charged two Tornado Cash founders ROMAN STORM and ROMAN SEMENOV have been charged with one …

FBI identifies wallets holding cryptocurrency funds stolen by North Korea

The U.S. FBI warned that North Korea-linked threat actors may attempt to cash out stolen cryptocurrency worth more than $40 million.

The Federal Bureau of Investigation shared details about the activity of six cryptocurrency wallets operated by North Korea-linked threat …

Carderbee APT targets Hong Kong orgs via supply chain attacks

A previously unknown APT group, tracked as Carderbee, was behind a supply chain attack against Hong Kong organizations.

Symantec Threat Hunter Team reported that a previously unknown APT group, tracked as Carderbee, used a malware-laced version of the legitimate Cobra …

TP-Link Tapo L530E smart bulb flaws allow hackers to steal user passwords

Four vulnerabilities in the TP-Link Tapo L530E smart bulb and impacting the mobile app used to control them expose users to hack.

Researchers from the University of Catania (Italy) and the University of London (UK) have discovered four vulnerabilities impacting …

Defense contractor Belcan leaks admin password with a list of flaws

US Government and defense contractor Belcan left its super admin credentials open to the public, Cybernews research team reveals.

Belcan is a government, defense, and aerospace contractor offering global design, software, manufacturing, supply chain, information technology, and digital engineering solutions. …

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

The Akira ransomware gang targets Cisco VPN products to gain initial access to corporate networks and steal their data.

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple …

Snatch gang claims the hack of the Department of Defence South Africa

Snatch gang claims the hack of the Department of Defence South Africa and added the military organization to its leak site.

The Snatch ransomware group added the Department of Defence South Africa to its data leak site.

The mission of …

CISA adds critical Adobe ColdFusion flaw to its Known Exploited Vulnerabilities catalog

US CISA added critical vulnerability CVE-2023-26359 in Adobe ColdFusion to its Known Exploited Vulnerabilities catalog.

US Cybersecurity and Infrastructure Security Agency (CISA) added a critical flaw CVE-2023-26359 (CVSS score 9.8) affecting Adobe ColdFusion to its Known Exploited Vulnerabilities Catalog.

Adobe …

Ivanti fixed a new critical Sentry API authentication bypass flaw

Ivanti warned customers of a new critical Sentry API authentication bypass vulnerability tracked as CVE-2023-38035.

The software company Ivanti released urgent security patches to address a critical-severity vulnerability, tracked as CVE-2023-38035 (CVSS score 9.8), in the Ivanti Sentry (formerly MobileIron …

BlackCat ransomware group claims the hack of Seiko network

The BlackCat/ALPHV ransomware group claims to have hacked the Japanese maker of watches Seiko and added the company to its data leak site.

On August 10, 2023, the Japanese maker of watches Seiko disclosed a data breach following a cyber …

New HiatusRAT campaign targets Taiwan and U.S. military procurement system

HiatusRAT malware operators resurfaced with a new wave of attacks targeting Taiwan-based organizations and a U.S. military procurement system.

In March 2023, Lumen Black Lotus Labs researchers uncovered a sophisticated campaign called “HiatusRAT” that infected over 100 edge networking devices …

Spoofing an Apple device and tricking users into sharing sensitive data

White hat hackers at the recent hacking conference Def Con demonstrated how to spoof an Apple device and trick users into sharing their sensitive data.

At the recent Def Con hacking conference, white hat hackers demonstrated how to spoof an …

Israel and US to Invest $3.85 Million in projects for critical infrastructure protection through the BIRD Cyber Program

Israel and US government agencies announced the BIRD Cyber Program, an investment of roughly $4M in projects to enhance the cyber resilience of critical infrastructure.

The BIRD Cyber Program is a joint initiative from the Israel National Cyber Directorate (INCD), …

N. Korean Kimsuky APT targets S. Korea-US military exercises

North Korea-linked APT Kimsuky launched a spear-phishing campaign targeting US contractors working at the war simulation centre.

North Korea-linked APT group Kimsuky carried out a spear-phishing campaign against US contractors involved in a joint U.S.-South Korea military exercise.

The news …

Four Juniper Junos OS flaws can be chained to remotely hack devices

Juniper Networks addressed multiple flaws in the J-Web component of Junos OS that could be chained to achieve remote code execution.

Juniper Networks has released an “out-of-cycle” security update to address four vulnerabilities in the J-Web component of Junos OS. …