Remotely Stopping Polish Trains

Turns out that its easy to broadcast radio commands that force Polish trains to stop: …the saboteurs appear to have sent simple so-called "radio-stop" commands via radio frequency to the trains they targeted. Because the trains use a radio system that lacks encryption or authentication for those...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-38035 Ivanti Sentry Authentication Bypass Vulnerability CVE-2023-27532 Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function...

Decoding Bronze Starlight’s Strategy in the Gambling Sector

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A cyberattack campaign stemming from China is currently focusing its efforts on the Southeast Asian gambling industry, with the objective of deploying Cobalt Strike beacons on compromised systems. To...

Several hospitals still counting the cost of widespread ransomware attack

The 16 hospitals struck down by ransomware last week are still dealing with the fallout from the attack. The healthcare facilities located in Connecticut, Pennsylvania, Rhode island, and California had the ransomware attack confirmed by the FBI. Issues started to emerge last Thursday with patient...

Interpol Busts Phishing-as-a-Service Platform '16Shop,' Leading to 3 Arrests

Interpol has announced the takedown of a phishing-as-a-service PhaaS platform called 16Shop, in addition to the arrests of three individuals in Indonesia and Japan. 16Shop specialized in the sales of phishing kits that other cybercriminals can purchase to mount phishing attacks on a large scale,...

WakaTime: Waketime Payment Gateway Vulnerability

Vulnerability description not provided...

‘Call of Duty: Modern Warfare 2’ Players Hit With Worm Malware

Plus: Russia tightens social media censorship, new cyberattack reporting rules for US companies, and Google Street View returns to Germany...

Patch now! Ivanti Endpoint Manager Mobile Authentication vulnerability used in the wild

The Cybersecurity and Infrastructure Security Agency CISA added one new vulnerability to its Known Exploited Vulnerabilities Catalog affecting Ivanti Endpoint Manager Mobile, based on evidence of active exploitation. All Federal Civilian Executive Branch FCEB agencies must remediate this...

Norway Probes Major Cyberattack on 12 Government Ministries

By Habiba Rashid The cyberattack was discovered earlier this month. This is a post from HackRead.com Read the original post: Norway Probes Major Cyberattack on 12 Government Ministries...

From Malvertising to Ransomware: A ThreatDown webinar recap

Our recent webinar From Malvertising to Ransomware highlight the clear connection between malvertising--the practice of embedding malicious code within legitimate online advertisements--and the epidemic of ransomware attacks affecting businesses globally. Presented by Mark Stockley, security...

Patch me if you can: Cyberattack Series

Many organizations utilize third-party apps for identity security solutions to automate and unburden overtaxed IT admins from tedious tasks that employees can perform via self-service without IT assistance. But in September 2021, our researchers observed threat actors exploiting one such...

Patch me if you can: Cyberattack Series

Many organizations utilize third-party apps for identity security solutions to automate and unburden overtaxed IT admins from tedious tasks that employees can perform via self-service without IT assistance. But in September 2021, our researchers observed threat actors exploiting one such...

Unveiling the Unseen: Identifying Data Exfiltration with Machine Learning

Why Data Exfiltration Detection is Paramount? The world is witnessing an exponential rise in ransomware and data theft employed to extort companies. At the same time, the industry faces numerous critical vulnerabilities in database software and company websites. This evolution paints a dire pictu...

Experts Uncover Year-Long Cyber Attack on IT Firm Utilizing Custom Malware RDStealer

A highly targeted cyber attack against an East Asian IT company involved the deployment of a custom malware written in Golang called RDStealer. "The operation was active for more than a year with the end goal of compromising credentials and data exfiltration," Bitdefender security researcher Vict...

Microsoft Warns of New Russian State-Sponsored Hacker Group with Destructive Intent

Microsoft on Wednesday took the lid off a "novel and distinct Russian threat actor," which it said is linked to the General Staff Main Intelligence Directorate GRU and has a "relatively low success rate." The tech giant's Threat Intelligence team, which was previously tracking the group under its...

US hospital forced to divert ambulances after cyberattack

The Idaho Falls Community Hospital fell victim to a cyberattack on Monday May 29, 2023. As a result, the hospital had to divert ambulances to other nearby hospitals and close some of its clinics. The hospital is keeping the public updated through its website and Facebook page. "Our commitment to...

XDR meets IAM: Comprehensive identity threat detection and response with Microsoft

Identity has become the corporate security perimeter. The average organization used 130 different cloud applications in 2022. That’s up 18 percent from 2021 alone.1 And as organizations continue to embrace digital transformation and enable remote work, they look to identity and access management...

Tracking down a trojan: An inside look at threat hunting in a corporate network

At Malwarebytes, we talk a lot about the importance of threat hunting for SMBs--and not for no good reason, either. Just consider the fact that, when a threat actor breaches a network, they dont attack right away. The median amount of time between system compromise and detection is 21 days. By th...

Industrial and Manufacturing CVEs: Addressing the SCADA in the Room

Industrial and Manufacturing CVEs: Addressing the SCADA in the Room By Charles McFarland · May 22, 2023 The industrial and manufacturing spaces are critical to the global economy. They produce the goods and services we rely on every day, from food and clothing to cars and electronics. Disruptions...

Sophisticated DownEx Malware Campaign Targeting Central Asian Governments

Government organizations in Central Asia are the target of a sophisticated espionage campaign that leverages a previously undocumented strain of malware dubbed DownEx. Bitdefender, in a report shared with The Hacker News, said the activity remains active, with evidence likely pointing to the...