A hacking group related to a Chinese-speaking threat actor has been linked to an advanced cyberespionage campaign targeting government and military organizations in Vietnam. The attacks have been attributed with low confidence to the advanced persistent threat (APT) called Cycldek (or Goblin Panda, Hellsing, APT 27, and Conimes), which is known for using spear-phishing techniques…
A new spear-phishing campaign is targeting professionals on LinkedIn with weaponized job offers in an attempt to infect targets with a sophisticated backdoor trojan called “more_eggs.” To increase the odds of success, the phishing lures take advantage of malicious ZIP archive files that have the same name as that of the victims’ job titles taken…
A hacking group related to a Chinese-speaking threat actor has been linked to an advanced cyberespionage campaign targeting government and military organizations in Vietnam.The attacks have been attributed with low confidence to the advanced persistent threat (APT) called Cycldek (or Goblin Panda, Hellsing, APT 27, and Conimes), which is known for using spear-phishing techniques to compromise
A malware cyberattack on emissions testing company Applus Technologies is preventing vehicle inspections in eight states, including Connecticut, Georgia, Idaho, Illinois, Massachusetts, Utah, and Wisconsin. On Tuesday, March 30th, vehicle emissions testing platform Applus Technologies suffered a “malware” attack that caused them to disconnect their IT systems. “Unfortunately, incidents such as this are fairly common and…
In what’s likely to be a goldmine for bad actors, personal information associated with approximately 533 million Facebook users worldwide has been leaked on a popular cybercrime forum for free—which was harvested by hackers in 2019 using a Facebook vulnerability.The leaked data includes full names, Facebook IDs, mobile numbers, locations, email addresses, gender, occupation, city, country,
Google believes the hackers are backed by the North Korean government. In January 2020, Google revealed that cyber criminals have been targeting IT security researchers around the world. Now, according to the latest update from Google’s Threat Analysis Group (TAG), a North Korean government-backed hacking group is targeting security researchers with fake social media (Twitter…
Governance & Risk Management , Identity & Access Management , IT Risk Management Experts Advise Organizations to Check Password Reset Policies, Take Other Steps Doug Olenick (DougOlenick) • April 5, 2021 The revelation that 533 million previously stolen Facebook account records have been made public on a darknet forum should inspire organizations to…
CISA, FBI Warn of Attacks Targeting Fortinet FortiOS | IT Security News 5. April 2021 The U.S. government is warning that Advanced Persistent Threat (APT) actors are exploiting vulnerabilities in Fortinet FortiOS in ongoing attacks targeting commercial, government, and technology services networks. read more Like this: Like Loading… Related Tags: SecurityWeek RSS Feed Sponsors Endpoint…
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) warn of advanced persistent threat (APT) actors targeting Fortinet FortiOS servers using multiple exploits. In the Joint Cybersecurity Advisory (CSA) published today, the agencies warn admins and users that the state-sponsored hacking groups are “likely” exploiting Fortinet FortiOS vulnerabilities CVE-2018-13379, CVE-2020-12812, and CVE-2019-5591. The attackers are…
A group of threat actors maintains an active attack targeting GitHub Actions systems with the intention of extracting cryptocurrency in a hacking variant known as cryptojacking. As you may remember, GitHub Actions is a CI/CD solution that makes it easier to automate particular resource flows, as well as allow for periodic task configuration. Apparently, this…
