61 matches found
Introducing Wallarm Middle East Cloud: Built for Data Residency Compliance
As API and AI adoption grows across the Middle East, so do the expectations around how data is handled. For many organizations operating in this region, it’s not just about securing applications. It’s about doing it in a way that keeps data in-country and aligned with local requirements. Today,...
This old-school scam is still working
When we read about this new malware tactic, or that novel social engineering approach, it’s easy to forget that there are scammers out there making a living from ancient methods. Recently, one of our researchers received this variation on the good old Nigerian advance-fee scam. From: Mrs.Inga-Bri...
US Disrupts Massive Cell Phone Array in New York
This is a weird story: The US Secret Service disrupted a network of telecommunications devices that could have shut down cellular systems as leaders gather for the United Nations General Assembly in New York City. The agency said on Tuesday that last month it found more than 300 SIM servers and...
U.S. Secret Service Seizes 300 SIM Servers, 100K Cards Threatening U.S. Officials Near UN
The U.S. Secret Service on Tuesday said it took down a network of electronic devices located across the New York tri-state area that were used to threaten U.S. government officials and posed an imminent threat to national security. "This protective intelligence investigation led to the discovery ...
INTERPOL Arrests 1,209 Cybercriminals Across 18 African Nations in Global Crackdown
INTERPOL on Friday announced that authorities from 18 countries across Africa have arrested 1,209 cybercriminals who targeted 88,000 victims. "The crackdown recovered $97.4 million and dismantled 11,432 malicious infrastructures, underscoring the global reach of cybercrime and the urgent need for...
New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy
The U.S. Department of Justice DoJ has issued a final rule carrying out Executive Order EO 14117, which prevents mass transfer of citizens' personal data to countries of concern such as China including Hong Kong and Macau, Cuba, Iran, North Korea, Russia, and Venezuela. "This final rule is a...
Exposed United Nations Database Left Sensitive Information Accessible Online
The 115,000-plus files related to UN Women included detailed financial disclosures from organizations around the world—and personal details and testimonials from vulnerable individuals...
N. Korea-linked Kimsuky Shifts to Compiled HTML Help Files in Ongoing Cyberattacks
The North Korea-linked threat actor known as Kimsuky aka Black Banshee, Emerald Sleet, or Springtail has been observed shifting its tactics, leveraging Compiled HTML Help CHM files as vectors to deliver malware for harvesting sensitive data. Kimsuky, active since at least 2012, is known to target...
President Biden Blocks Mass Transfer of Personal Data to High-Risk Nations
U.S. President Joe Biden has issued an Executive Order that prohibits the mass transfer of citizens' personal data to countries of concern. The Executive Order also "provides safeguards around other activities that can give those countries access to Americans' sensitive data," the White House sai...
AI likely to boost ransomware, warns government body
The British National Cyber Security Centre NCSC says it expects Artificial Intelligence AI to heighten the global ransomware threat. In a report, the NCSC makes the assessment that AI will almost certainly increase the volume and heighten the impact of cyberattacks over the next two years. We’re...
DDoS Attacks on the Environmental Services Industry Surge by 61,839% in 2023
The environmental services industry witnessed an "unprecedented surge" in HTTP-based distributed denial-of-service DDoS attacks, accounting for half of all its HTTP traffic. This marks a 61,839% increase in DDoS attack traffic year-over-year, web infrastructure and security company Cloudflare sai...
Russian APT28 Hackers Targeting 13 Nations in Ongoing Cyber Espionage Campaign
The Russian nation-state threat actor known as APT28 has been observed making use of lures related to the ongoing Israel-Hamas war to facilitate the delivery of a custom backdoor called HeadLace. IBM X-Force is tracking the adversary under the name ITG05, which is also known as BlueDelta, Fancy...
Story of the year: the impact of AI on cybersecurity
In the whirlwind of technological advancements and societal transformations, the term "AI" has undoubtedly etched itself into the forefront of global discourse. Over the past twelve months, this abbreviation has resonated across innumerable headlines, business surveys and tech reports, firmly...
SideWinder’s Nim Backdoor Spells Trouble for South Asian Nations
Summary: SideWinder, also known as Razor Tiger, commenced its offensive operations in 2012 and has recently shifted its focus to targeting Bhutan. It employs deceptive content, ultimately executing the Nim Backdoor. The decoy content utilized in the sample is directly sourced from announcements...
Paragon Solutions Spyware: Graphite
Paragon Solutions is yet another Israeli spyware company. Their product is called "Graphite," and is a lot like NSO Groups Pegasus. And Paragon is working with what seems to be US approval: American approval, even if indirect, has been at the heart of Paragons strategy. The company sought a list ...
comicsunitingnations.org Cross Site Scripting vulnerability OBB-3281131
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Bluebottle Cybercrime Group Preys on Financial Sector in French-Speaking African Nations
A cybercrime group dubbed Bluebottle has been linked to a set of targeted attacks against the financial sector in Francophone countries located in Africa from at least July 2022 to September 2022. "The group makes extensive use of living-off-the-land, dual use tools, and commodity malware, with n...
OilRig is back with another Phishing Email attack, delivering the Saitama Backdoor
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here An Iranian cyber espionage gang known as OilRig has began delivering malicious email to a Jordanian government employee at the foreign ministry. The email includes a malicious Excel sheet that installs the Saitama backdoor...
Dismantling ZLoader: How malicious ads led to disabled security tools and ransomware
As announced today, Microsoft took action against the ZLoader trojan by working with telecommunications providers around the world to disrupt key ZLoader infrastructure. We used our research into this threat to enrich our protection technologies and ensure this infrastructure could no longer be...
Iranian state-sponsored APT group MuddyWater targeting organizations via malicious executables
THREAT LEVEL: Red. United States Cyber Command USCYBERCOM has warned of an ongoing cyber attack by Iranian state sponsored actor named as MuddyWater. This APT group is currently targeting Middle Eastern countries and has also targeted European and North American nations. The Iranian-backed...