18 matches found
Researchers Uncover New Drokbk Malware that Uses GitHub as a Dead Drop Resolver
The subgroup of an Iranian nation-state group known as Nemesis Kitten has been attributed as behind a previously undocumented custom malware dubbed Drokbk that uses GitHub as a dead drop resolver to exfiltrate data from an infected computer, or to receive commands. "The use of GitHub as a virtual...
Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester
Summary From mid-June through mid-July 2022, CISA conducted an incident response engagement at a Federal Civilian Executive Branch FCEB organization where CISA observed suspected advanced persistent threat APT activity. In the course of incident response activities, CISA determined that cyber...
CISA and FBI Release Advisory on Iranian Government-Sponsored APT Actors Compromising Federal Network
Today, CISA and the Federal Bureau of Investigation FBI published a joint Cybersecurity Advisory CSA, Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester. The CSA provides information on an incident at a Federal Civilian Executive Branch...
Pegasus Spyware Used to Hack Devices of Pro-Democracy Activists in Thailand — The Hacker News
Thai activists involved in the country's pro-democracy protests have had their smartphones infected with NSO Group's infamous Pegasus government-sponsored spyware. At least 30 individuals, spanning activists, academics, lawyers, and NGO workers, are believed to have been targeted between October...
Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks
Summary Actions to Take Today to Protect Against Malicious Activity Search for indicators of compromise. Use antivirus software. Patch all systems. Prioritize patching known exploited vulnerabilities. Train users to recognize and report phishing attempts. Use multi-factor authentication. Note: th...
Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
Summary Actions to Take Today to Protect Against Iranian State-Sponsored Malicious Cyber Activity • Immediately patch software affected by the following vulnerabilities: CVE-2021-34473, 2018-13379, 2020-12812, and 2019-5591. • Implementmulti-factor authentication. • Usestrong, unique passwords.v...
The Proliferation of Zero-days
The MIT Technology Review is reporting that 2021 is a blockbuster year for zero-day exploits: One contributing factor in the higher rate of reported zero-days is the rapid global proliferation of hacking tools. Powerful groups are all pouring heaps of cash into zero-days to use for themselves --...
This Bot Hunts Software Bugs for the Pentagon
Mayhem emerged from a 2016 government-sponsored contest at a Las Vegas casino hotel. Now it's used by the military...
Researchers Uncover Government-Sponsored Mobile Hacking Group Operating Since 2012
A global mobile espionage campaign collecting a trove of sensitive personal information from victims since at least 2012 has accidentally revealed itself—thanks to an exposed server on the open internet. It's one of the first known examples of a successful large-scale hacking operation of mobile...
China Hacked FDIC And Agency Covered It Up
A scathing congressional report points the finger at hackers sponsored by the Chinese government for their role in a series of hacks against the U.S. Federal Deposit Insurance Corp. FDIC. The report also alleges the agency covered up the hacks in order to guarantee the appointment of current...
U.S. Officials Say Chinese Cyberespionage 'Needs to Stop'
The top cybersecurity officials in the United States on Wednesday said that China is harming the potential for an open Internet through its policies of censorship, and also said the country’s continued cyberespionage operations are damaging the two countries’ relationship. In a piece co-authored ...
Hackers Demonstrate Car Hacking using a laptop
Computer geeks already knew it was possible to hack into a car's computerized systems and finally, two U.S. hackers - Charlie Miller and Chris Valasek, sponsored by the Pentagon's research facility DARPA recently demonstrated just how easy it is for malicious hackers to physically hijack a modern...
AutoCAD Worm Stealing Designs, Blueprints
Security researchers have come across a new worm that is meant specifically to steal blueprints, design documents and other files created with the AutoCAD software. The worm, known as ACAD/Medre.A, is spreading through infected AutoCAD templates and is sending tens of thousands of stolen document...
House Hearing to Address Capital Market Threats
The House Committee on Financial Services is hosting a hearing tomorrow in which they will explore the various cyber threats targeting capital markets and government sponsored enterprises. Entitled “Cyber Threats to Capital Markets and Corporate Accounts,” the hearing in front of the Committee on...
What's the Meaning of This: Flame Malware
From all indications, it would appear that attackers are continuing to attack and malware authors are carrying on writing malware. The latest bit of evidence to support these conclusions is the discovery of the Flame malware, which, initial analyses show, is an advanced data-stealing tool that is...
Hackers target Al-Qaida Internet communications systems
Hackers target Al-Qaida Internet communications systems Computer hackers shut down Al-Qaida's ability to communicate its messages to the world through the Internet. Al-Qaida's online communications have been temporarily crippled.The attack was carried out within the past few days by unknown hacke...
Hackers target Al-Qaida Internet communications systems
Hackers target Al-Qaida Internet communications systems Computer hackers shut down Al-Qaida's ability to communicate its messages to the world through the Internet. Al-Qaida's online communications have been temporarily crippled.The attack was carried out within the past few days by unknown hacke...
Recent WikiLeaks-Related Cyberattacks Prompt Call for Policy Changes
In New York on Sunday, lawmakers urged President Obama to expand the U.S. State Department’s foreign policy mechanisms to address crime and security on the Internet. They cited recent attacks on companies severing ties with WikiLeaks as a main reason for these changes. At Symantec's New York City...