A US Bill Would Ban Kids Under 13 From Joining Social Media

The legislation would insert the government into online platforms’ age-verification efforts—a move that makes some US lawmakers queasy...

Chinese Hackers Spotted Using Linux Variant of PingPull in Targeted Cyberattacks

The Chinese nation-state group dubbed Alloy Taurus is using a Linux variant of a backdoor called PingPull as well as a new undocumented tool codenamed Sword2033. That's according to findings from Palo Alto Networks Unit 42, which discovered recent malicious cyber activity carried out by the group...

Chinese Hackers Spotted Using Linux Variant of PingPull in Targeted Cyberattacks

The Chinese nation-state group dubbed Alloy Taurus is using a Linux variant of a backdoor called PingPull as well as a new undocumented tool codenamed Sword2033. That's according to findings from Palo Alto Networks Unit 42, which discovered recent malicious cyber activity carried out by the group...

Keysight N8844A Data Analytics Web Service (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Keysight Equipment : N8844A Data Analytics Web Service Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to remote code...

Russian Hackers Tomiris Targeting Central Asia for Intelligence Gathering

The Russian-speaking threat actor behind a backdoor known as Tomiris is primarily focused on gathering intelligence in Central Asia, fresh findings from Kaspersky reveal. "Tomiris's endgame consistently appears to be the regular theft of internal documents," security researchers Pierre Delcher an...

Tomiris called, they want their Turla malware back

Introduction We introduced Tomiris to the world in September 2021, following our investigation of a DNS-hijack against a government organization in the Commonwealth of Independent States CIS. Our initial report described links between a Tomiris Golang implant and SUNSHUTTLE which has been...

Google TAG Warns of Russian Hackers Conducting Phishing Attacks in Ukraine

Elite hackers associated with Russia's military intelligence service have been linked to large-volume phishing campaigns aimed at hundreds of users in Ukraine to extract intelligence and influence public discourse related to the war. Google's Threat Analysis Group TAG, which is monitoring the...

Google TAG Warns of Russian Hackers Conducting Phishing Attacks in Ukraine

Elite hackers associated with Russia's military intelligence service have been linked to large-volume phishing campaigns aimed at hundreds of users in Ukraine to extract intelligence and influence public discourse related to the war. Google's Threat Analysis Group TAG, which is monitoring the...

CISA and Partners Release Cybersecurity Best Practices for Smart Cities

Today, CISA, NSA, FBI, NCSC-UKlink is external, ACSClink is external, CCCSlink is external and NCSC-NZlink is external released a joint guide: Cybersecurity Best Practices for Smart Cities. Smart cities may create safer, more efficient, resilient communities through technological innovation and...

Pakistani Hackers Use Linux Malware Poseidon to Target Indian Government Agencies

The Pakistan-based advanced persistent threat APT actor known as Transparent Tribe used a two-factor authentication 2FA tool used by Indian government agencies as a ruse to deliver a new Linux backdoor called Poseidon. "Poseidon is a second-stage payload malware associated with Transparent Tribe,...

Pakistani Hackers Use Linux Malware Poseidon to Target Indian Government Agencies

The Pakistan-based advanced persistent threat APT actor known as Transparent Tribe used a two-factor authentication 2FA tool used by Indian government agencies as a ruse to deliver a new Linux backdoor called Poseidon. "Poseidon is a second-stage payload malware associated with Transparent Tribe,...

Iranian Government-Backed Hackers Targeting U.S. Energy and Transit Systems

An Iranian government-backed actor known as Mint Sandstorm has been linked to attacks aimed at critical infrastructure in the U.S. between late 2021 to mid-2022. "This Mint Sandstorm subgroup is technically and operationally mature, capable of developing bespoke tooling and quickly weaponizing...

Iranian Government-Backed Hackers Targeting U.S. Energy and Transit Systems

An Iranian government-backed actor known as Mint Sandstorm has been linked to attacks aimed at critical infrastructure in the U.S. between late 2021 to mid-2022. "This Mint Sandstorm subgroup is technically and operationally mature, capable of developing bespoke tooling and quickly weaponizing...

Google Uncovers APT41's Use of Open Source GC2 Tool to Target Media and Job Sites

A Chinese nation-state group targeted an unnamed Taiwanese media organization to deliver an open source red teaming tool known as Google Command and Control GC2 amid broader abuse of Google's infrastructure for malicious ends. The tech giant's Threat Analysis Group TAG attributed the campaign to ...

Ransomware in France, April 2022–March 2023

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their dark web sites. In this report, "known attacks" are attacks where the victim opted not to pay a ransom. This provides the best overall picture ...

Shifting the Balance of Cybersecurity Risk: Security-by-Design and Default Principles

Shifting the Balance of Cybersecurity Risk: Security-by-Design and Default Principles serves as a cybersecurity roadmap for manufacturers of technology and associated products. With recommendations in this guide, manufacturers are urged to put cybersecurity first, during the design phase of a...

Nation-State Actors MERCURY and Partner DEV-1084 Carry Out Destructive Attack

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary MERCURY, a nation-state actor linked to the Iranian government, worked with another actor, DEV-1084, to carry out a destructive attack. To receive real-time threat advisories, please follow HiveForce Lab...

Leaked Pentagon Documents May Herald a New Era of Revelations

The bizarre release of sensitive US government materials soon after their creation signals a potential shift to near-real-time unauthorized disclosures...

CVE-2023-28291

creationtimestamp| type| source ---|---|--- 2023-04-12 14:53:28+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1005...

CVE-2023-28250

creationtimestamp| type| source ---|---|--- 2023-04-12 14:53:28+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1005 2025-01-15 00:20:05+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1668...