Chinese Sharp Panda Group Unleashes SoulSearcher Malware

By Waqas Currently, in its cyber espionage campaign, Sharp Panda hackers are targeting government entities in Asia. This is a post from HackRead.com Read the original post: Chinese Sharp Panda Group Unleashes SoulSearcher Malware...

New HiatusRAT Malware Targets Business-Grade Routers to Covertly Spy on Victims

A never-before-seen complex malware is targeting business-grade routers to covertly spy on victims in Latin America, Europe, and North America at least since July 2022. The elusive campaign, dubbed Hiatus by Lumen Black Lotus Labs, has been found to deploy two malicious binaries, a remote access...

National Cybersecurity Strategy Document: What you need to know

The US Government has been working on the National Cybersecurity Strategy Document 2023 for some time now, and its finally been released. The strategy document, which replaces the last such piece of work from 2018, attempts to indicate the general direction of the US approach to cybercrime and...

CVE-2023-20079

creationtimestamp| type| source ---|---|--- 2023-03-02 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=981 2023-03-02 14:59:16+00:00| seen| https://t.me/truesecator/4123 2023-03-03 18:34:27+00:00| seen| https://t.me/cibsecurity/59376 2023-03-06 08:40:53+00:00| seen|...

scap-security-guide bug fix and enhancement update

An update is available for scap-security-guide. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The scap-security-guide project provides a guide for configuratio...

Deceptive Discord Campaign Targets Government Entities with PureCrypter Malware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Government entities in the Asia-Pacific and North American regions have been targeted by a threat actor using the PureCrypter malware downloader. This particular malware has been used to distribute vario...

PureCrypter Malware Targets Government Entities in Asia-Pacific and North America

Government entities in Asia-Pacific and North America are being targeted by an unknown threat actor with an off-the-shelf malware downloader known as PureCrypter to deliver an array of information stealers and ransomware. "The PureCrypter campaign uses the domain of a compromised non-profit...

PureCrypter Malware Targets Government Entities in Asia-Pacific and North America

Government entities in Asia-Pacific and North America are being targeted by an unknown threat actor with an off-the-shelf malware downloader known as PureCrypter to deliver an array of information stealers and ransomware. "The PureCrypter campaign uses the domain of a compromised non-profit...

Fighting online censorship, or, encryption's latest surprise use-case, with Mallory Knodel: Lock and Code S04E05

Government threats to end-to-end encryption--the technology that secures your messages and shared photos and videos--have been around for decades, but the most recent threats to this technology are unique in how they intersect with a broader, sometimes-global effort to control information on the...

CISA Sounds Alarm on Cybersecurity Threats Amid Russia's Invasion Anniversary

The U.S. Cybersecurity and Infrastructure Security Agency CISA is urging organizations and individuals to increase their cyber vigilance, as Russia's military invasion of Ukraine officially enters one year. "CISA assesses that the United States and European nations may experience disruptive and...

Anonymous: Russian Radio Stations Hacked with Fake Missile Alerts

By Deeba Ahmed Several radio stations in Russia were reportedly hacked to send fake missile alerts across the country, the government has claimed. This is a post from HackRead.com Read the original post: Anonymous: Russian Radio Stations Hacked with Fake Missile Alerts...

lagodekhi.gov.ge Cross Site Scripting vulnerability OBB-3203362

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Threat Actors Adopt Havoc Framework for Post-Exploitation in Targeted Attacks

An open source command-and-control C2 framework known as Havoc is being adopted by threat actors as an alternative to other well-known legitimate toolkits like Cobalt Strike, Sliver, and Brute Ratel. Cybersecurity firm Zscaler said it observed a new campaign in the beginning of January 2023...

Researchers Warn of ReverseRAT Backdoor Targeting Indian Government Agencies

A spear-phishing campaign targeting Indian government entities aims to deploy an updated version of a backdoor called ReverseRAT. Cybersecurity firm ThreatMon attributed the activity to a threat actor tracked as SideCopy. SideCopy is a threat group of Pakistani origin that shares overlaps with...

Google Reveals Alarming Surge in Russian Cyber Attacks Against Ukraine

Russia's cyber attacks against Ukraine surged by 250% in 2022 when compared to two years ago, Google's Threat Analysis Group TAG and Mandiant disclosed in a new joint report. The targeting, which coincided and has since persisted following the country's military invasion of Ukraine in February...

Google Reveals Alarming Surge in Russian Cyber Attacks Against Ukraine

Russia's cyber attacks against Ukraine surged by 250% in 2022 when compared to two years ago, Google's Threat Analysis Group TAG and Mandiant disclosed in a new joint report. The targeting, which coincided and has since persisted following the country's military invasion of Ukraine in February...

SideWinder Behind Govt Phishing Spree Across the East

By Habiba Rashid The suspected Indian state-sponsored group has targeted 61 government, military, law enforcement, and other organizations across the Asia-Pacific region. This is a post from HackRead.com Read the original post: SideWinder Behind Govt Phishing Spree Across the East...

Researchers Link SideWinder Group to Dozens of Targeted Attacks in Multiple Countries

The prolific SideWinder group has been attributed as the nation-state actor behind attempted attacks against 61 entities in Afghanistan, Bhutan, Myanmar, Nepal, and Sri Lanka between June and November 2021. Targets included government, military, law enforcement, banks, and other organizations,...

CVE-2023-21689

creationtimestamp| type| source ---|---|--- 2023-02-15 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=970 2023-02-16 12:47:40+00:00| seen| https://t.me/kasperskyb2b/458...

CVE-2023-21690

creationtimestamp| type| source ---|---|--- 2023-02-14 22:36:08+00:00| seen| https://t.me/cibsecurity/58156 2023-02-15 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=970...