#Malware

By Jung soo An and Asheer Malhotra, with contributions from Kendall McKay. Cisco Talos has observed a new malware campaign operated by the Kimsuky APT group since June 2021.Kimsuky, also known as Thallium and Black Banshee, is a North Korean state-sponsored advanced... [[ This is only the beginning! Please visit the blog for the complete entry ]]

PhoneSpy already has stolen data and tracked the activity of targets in South Korea, disguising itself as legitimate lifestyle apps.

Experts urged users to prioritize patches for Microsoft Exchange and Excel, those favorite platforms so frequently targeted by cybercriminals and nation-state actors.

A U.K. fishing retailer’s site has been hijacked and redirected to Pornhub.

The Q3 2021 report revealed a 4.5% increase in CVEs associated with ransomware and a 3.4% increase in ransomware families compared with Q2 2021.

The average number of vulnerabilities discovered in a Cyberpion scan of external Fortune 500 networks (such as cloud systems) was 296, many critical (with the top of the scale weighing in at a staggering 7,500).

Yaron Kassner, CTO of Silverfort, delves into the pros and cons of transparency when it comes to cybersecurity tools’ algorithms.

The cyberattacker attempted to extort the company after socially engineering a customer service employee to gain access to email addresses and more.

Researchers discovered 14 vulnerabilities in the ‘Swiss Army Knife’ of the embedded OS used in many OT and IoT environments. They allow RCE, denial of service and data leaks.

The U.S. is seeking the extradition of a Ukrainian man, Yaroslav Vasinskyi, whom they suspect is behind the Kaseya supply-chain attacks and other REvil attacks.