51 matches found
AI Researchers Must Help Lead Arms Control to Mitigate Military AI Risks
The advancement of AI capabilities compels researchers and the public to be more aware of its potential worldwide impact. A pressing near-term concern is the regulation of military AI applications. Armament manufacturers and defense contractors are increasingly investing in AI capabilities and...
PT-2025-39765
Name of the Vulnerable Software and Affected Versions WordPress Search Exclude plugin versions up to and including 2.5.7 Description The WordPress Search Exclude plugin contains a flaw that allows unauthorized modification of data. This is due to an inadequate capability check within the Base::ge...
U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals
The U.S. Department of Justice DoJ on Thursday unsealed an indictment against a North Korean military intelligence operative for allegedly carrying out ransomware attacks against healthcare facilities in the country and funneling the payments to orchestrate additional intrusions into defense,...
U.S. Charges Iranian Hacker, Offers $10 Million Reward for Capture
The U.S. Department of Justice DoJ on Friday unsealed an indictment against an Iranian national for his alleged involvement in a multi-year cyber-enabled campaign designed to compromise U.S. governmental and private entities. More than a dozen entities are said to have been targeted, including th...
Sophisticated MATA Framework Strikes Eastern European Oil and Gas Companies
An updated version of a sophisticated backdoor framework called MATA has been used in attacks aimed at over a dozen Eastern European companies in the oil and gas sector and defense industry as part of a cyber espionage operation that took place between August 2022 and May 2023. "The actors behind...
Lazarus Hacker Group Evolves Tactics, Tools, and Targets in DeathNote Campaign
The North Korean threat actor known as the Lazarus Group has been observed shifting its focus and rapidly evolving its tools and tactics as part of a long-running campaign called DeathNote. While the nation-state adversary is known for persistently singling out the cryptocurrency sector, recent...
Hackers Used Fake Job Offer to Hack and Steal $540 Million from Axie Infinity
The $540 million hack of Axie Infinity's Ronin Bridge in late March 2022 was the consequence of one of its former employees getting tricked by a fraudulent job offer on LinkedIn, it has emerged. According to a report from The Block published last week citing two people familiar with the matter, a...
Meet SockDetour fileless backdoor targeting U.S. Defense contractors
By Deeba Ahmed Researchers suspect that the SockDetour backdoor is used in attacks carried out by an APT advanced persistent threat… This is a post from HackRead.com Read the original post: Meet SockDetour fileless backdoor targeting U.S. Defense contractors...
New "SockDetour" Fileless, Socketless Backdoor Targets U.S. Defense Contractors
Cybersecurity researchers have taken the wraps off a previously undocumented and stealthy custom malware called SockDetour that targeted U.S.-based defense contractors with the goal of being used as a secondary implant on compromised Windows hosts. "SockDetour is a backdoor that is designed to...
Russian state-sponsored cyber actors targeting U.S. critical infrastructure
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here In a joint cybersecurity advisory, the Federal Bureau of Investigation FBI, the National Security Agency NSA, the Cybersecurity and Infrastructure Security Agency CISA revealed that Russian state-sponsored threat actors target...
This Week in Security News - February 18, 2022
SMS PVA services' use of infected Android phones reveals flaws in SMS verification, and 'Russian state-sponsored cyber actors' cited in hacks of U.S. defense contractors...
US Agencies Say Russian Hackers Compromised Defense Contractors
Kremlin-backed cyber actors lurked in the networks for months, obtaining sensitive documents related to weapons and infrastructure development...
U.S. Says Russian Hackers Stealing Sensitive Data from Defense Contractors
State-sponsored actors backed by the Russian government regularly targeted the networks of several U.S. cleared defense contractors CDCs to acquire proprietary documents and other confidential information pertaining to the country's defense and intelligence programs and capabilities. The sustaine...
Russian State-Sponsored Actors Target Cleared Defense Contractor Networks
CISA, the Federal Bureau of Investigation FBI, and the National Security Agency NSA have released a joint Cybersecurity Advisory CSA highlighting regular targeting of U.S. cleared defense contractors CDCs by Russian state-sponsored cyber actors. These CDCs support contracts for the U.S. Departmen...
APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus
Summary This Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework, Version 8. See the ATT&CK for Enterprise for referenced threat actor tactics and for techniques. This joint advisory is the result of analytic efforts between the...
ManageEngine ADSelfService Plus has been abused in the wild due to a zero-day vulnerability
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. An APT actor is attempting to exploit a zero-day vulnerability in ManageEngine ADSelfService Plus, a self-service password management and single sign-on solution that poses a high risk to critical infrastructure companies,...
North Korean Hackers Used 'Torisma' Spyware in Job Offers-based Attacks
A cyberespionage campaign aimed at aerospace and defense sectors in order to install data gathering implants on victims' machines for purposes of surveillance and data exfiltration may have been more sophisticated than previously thought. The attacks, which targeted IP-addresses belonging to...
Operation North Star: Behind The Scenes | McAfee Blogs
ARCHIVED STORY Operation North Star: Behind The Scenes Christiaan Beek · NOV 05, 2020 Executive Summary It is rare to be provided an inside view on how major cyber espionage campaigns are conducted within the digital realm. The only transparency afforded is a limited view of victims, a malware...
Hackers Target Defense Contractors' Employees By Posing as Recruiters
The United States Cybersecurity and Infrastructure Security Agency CISA has published a new report warning companies about a new in-the-wild malware that North Korean hackers are reportedly using to spy on key employees at government contracting companies. Dubbed 'BLINDINGCAN ,' the advanced remo...
Hackers Target Defense Contractors' Employees By Posing as Recruiters
The United States Cybersecurity and Infrastructure Security Agency CISA has published a new report warning companies about a new in-the-wild malware that North Korean hackers are reportedly using to spy on key employees at government contracting companies. Dubbed 'BLINDINGCAN,' the advanced remot...