APT Campaign by Chinese Cyberspies Targeting Asian Governments

Critical Infrastructure Security , Cybercrime as-a-service , Cyberwarfare / Nation-State Attacks Kaspersky Ties Latest Hacking Campaign and Backdoor to Lazarus Group Doug Olenick (DougOlenick) • February 25, 2021     Lazarus, the North Korean-backed advanced persistent threat group, has been conducting a campaign striking defense industry targets in more than a dozen countries using a…

9 Android Apps On Google Play Caught Distributing AlienBot Banker and MRAT Malware | IT Security News 9. March 2021 Cybersecurity researchers have discovered a new malware dropper contained in as many as 9 Android apps distributed via Google Play Store that deploys a second stage malware capable of gaining intrusive access to the financial…

A newly published report form the U.S. Government Accountability Office (GAO) describes the risks of cyber-attacks on the electricity grid’s distribution systems, along with the scale of the potential impact of such attacks. Following a performance audit conducted between September 2019 and March 2021, GAO has discovered that the electricity grid’s distribution systems are increasingly…

Three former US intelligence and military operatives broke America’s weapons export and computer security laws by, among other things, helping the United Arab Emirates hijack and siphon data from people’s iPhones, it emerged on Tuesday. US citizens Marc Baier, 49, and Ryan Adams, 34, and ex-citizen Daniel Gericke, 40, were charged [PDF] with using “illicit,…

Executive Summary This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this. Informations Name CVE-2021-20236 First vendor Publication 2021-05-28 Vendor Cve Last vendor Modification 2021-05-28 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA impact SubScore NA…

What does your cloud security solution look like? That depends on you. Our extensive capabilities provide real-world recommendations tailored to your company’s unique initiatives – the result is an enterprise-grade, scalable cloud security program, modernized DevSecOps and consolidation of cloud tools. We assess, design, implement and manage an end-to-end cloud program that is security-focused and…