Security Bulletin: Multiple vulnerabilities have been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2015-4872, CVE-2015-4734, CVE-2015-5006)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Aviation, Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation,...

Security Bulletin: Security Vulnerability in IBM WebSphere Application Server (CVE-2015-4000) Affects Asset and Service Management

Summary The LogJam Attack on Diffie-Hellman ciphers CVE-2015-4000 may affect some configurations of IBM WebSphere Application Server. The vulnerability affects Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization, Maximo f...

Vulnerable children's identities used in tax fraud scheme

Fraudster Ariel "Melo" Jimenez has been sentenced to 12 years in prison for leading a "tax fraud and identity theft conspiracy" that resulted in the fraudulent claiming of tax credits, earning him millions of dollars. "Ariel Jimenez was the leader of a long-running fraudulent tax business that...

Scammers send fake 'Energy Bills Support Scheme' texts

Watch out for an energy-themed scam being sent out via SMS. The message plays on energy price fears, similar to what weve seen previously. Scam alert. I just received this text. Click through and it looks very official. Its a scam. The £400 energy bill discount is automatic, you dont need to...

U.S. Adds 2 More Chinese Telecom Firms to National Security Threat List

The U.S. Federal Communications Commission FCC has added Pacific Network Corp, along with its subsidiary ComNet USA LLC, and China Unicom Americas Operations Limited, to the list of communications equipment and services that have been deemed a threat to national security. The agency said the...

Russian Sandworm Hackers Impersonate Ukrainian Telecoms to Distribute Malware

A threat cluster linked to the Russian nation-state actor tracked as Sandworm has continued its targeting of Ukraine with commodity malware by masquerading as telecom providers, new findings show. Recorded Future said it discovered new infrastructure belonging to UAC-0113 that mimics operators li...

Large-Scale Collection of Cell Phone Data at US Borders

The Washington Post is reporting that the US Customs and Border Protection agency is seizing and copying cell phone, tablet, and computer data from "as many as" 10,000 phones per year, including an unspecified number of American citizens. This is done without a warrant, because "…courts have long...

Multiple Iranian actors have launched attacks against the Albanian government

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Threat actors acting on behalf of the Iranian government launched a devastating attack that knocked the Albanian governments websites and public services down. Each stage of the attack was carried out by...

arfd.gov.bc.ca Cross Site Scripting vulnerability OBB-2933782

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Russian Gamaredon Hackers Target Ukrainian Government Using Info-Stealing Malware

An ongoing espionage campaign operated by the Russia-linked Gamaredon group is targeting employees of Ukrainian government, defense, and law enforcement agencies with a piece of custom-made information stealing malware. "The adversary is using phishing documents containing lures related to the...

Gamaredon APT targets Ukrainian government agencies in new campaign

By Asheer Malhotra and Guilherme Venere. Cisco Talos recently identified a new, ongoing campaign attributed to the Russia-linked Gamaredon APT that infects Ukrainian users with information-stealing malware. The adversary is using phishing documents containing lures related to the Russian invasion...

Webworm Hackers Using Modified RATs in Latest Cyber Espionage Attacks

A threat actor tracked under the moniker Webworm is taking advantage of bespoke variants of already existing Windows-based remote access trojans to fly under the radar, some of which are said to be in pre-deployment or testing phases. "The group has developed customized versions of three older...

Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations

Summary Actions to take today to protect against ransom operations: • Keep systems and software updated and prioritize remediating known exploited vulnerabilities. • Enforce MFA. • Make offline backups of your data. This joint Cybersecurity Advisory CSA is the result of an analytic effort among t...

CVE-2022-34700

creationtimestamp| type| source ---|---|--- 2022-09-14 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=870...

Asian Governments and Organizations Targeted in Latest Cyber Espionage Attacks

Government and state-owned organizations in a number of Asian countries have been targeted by a distinct group of espionage hackers as part of an intelligence gathering mission that has been underway since early 2021. "A notable feature of these attacks is that the attackers leveraged a wide rang...

Iranian APT42 Launched Over 30 Espionage Attacks Against Activists and Dissidents

A state-sponsored advanced persistent threat APT actor newly christened APT42 formerly UNC788 has been attributed to over 30 confirmed espionage attacks against individuals and organizations of strategic interest to the Iranian government at least since 2015. Cybersecurity firm Mandiant said the...

U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania

The U.S. Treasury Department on Friday announced sanctions against Iran's Ministry of Intelligence and Security MOIS and its Minister of Intelligence, Esmaeil Khatib, for engaging in cyber-enabled activities against the nation and its allies. "Since at least 2007, the MOIS and its cyber actor...

Worok Hackers Targeting Orgs, Govts in Asia, Middle East and Africa

By Deeba Ahmed Worok is primarily targeting organizations in banking, telecommunication, marine, military, energy, public sectors, and government in its current campaign. This is a post from HackRead.com Read the original post: Worok Hackers Targeting Orgs, Govts in Asia, Middle East and Africa...

Microsoft investigates Iranian attacks against the Albanian government

Shortly after the destructive cyberattacks against the Albanian government in mid-July, the Microsoft Detection and Response Team DART was engaged by the Albanian government to lead an investigation into the attacks. At the time of the attacks and our engagement by the Albanian government,...

Microsoft investigates Iranian attacks against the Albanian government

Shortly after the destructive cyberattacks against the Albanian government in mid-July, the Microsoft Detection and Response Team DART was engaged by the Albanian government to lead an investigation into the attacks. At the time of the attacks and our engagement by the Albanian government,...