16 matches found
VirusTotal Data Leak Exposes Some Registered Customers' Details
Data associated with a subset of registered customers of VirusTotal, including their names and email addresses, were exposed after an employee inadvertently uploaded the information to the malware scanning platform. The security incident, which comprises a database of 5,600 names in a 313KB file,...
Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations
Summary Actions to take today to protect against ransom operations: • Keep systems and software updated and prioritize remediating known exploited vulnerabilities. • Enforce MFA. • Make offline backups of your data. This joint Cybersecurity Advisory CSA is the result of an analytic effort among t...
Hackers Target Ukrainian Software Company Using GoMet Backdoor
A large software development company whose software is used by different state entities in Ukraine was at the receiving end of an "uncommon" piece of malware, new research has found. The malware, first observed on the morning of May 19, 2022, is a custom variant of the open source backdoor known ...
Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies
Microsoft on Thursday said it took steps to disable malicious activity stemming from abuse of OneDrive by a previously undocumented threat actor it tracks under the chemical element-themed moniker Polonium. In addition to removing the offending accounts created by the Lebanon-based activity group...
CISA, FBI, and CNMF Identify a New Malware Variant: ComRAT
The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Department of Defense Cyber National Mission Force CNMF have identified a malware variant—referred to as ComRAT—used by the Russian-sponsored advanced persistent threat APT actor Turla. In...
North Korean Malicious Cyber Activity: FASTCash
The Cybersecurity Security and Infrastructure Security Agency CISA, the Department of the Treasury, the Federal Bureau of Investigation, and U.S. Cyber Command have released a joint Technical Alert and three Malware Analysis Reports MARs on the North Korean government’s ATM cash-out scheme—referr...
Threat Source newsletter (Oct. 24, 2019)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. Never assume that a malware family is really dead. We’ve done it time and time again with things like Emotet, and Gustuff is proving it...
This Week in Security News: Instagram Hackers and Enterprise Threats
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn how a group of hackers is stealing popular Instagram profiles. Also, learn about old and new cybersecurity issues inundated enterprise...
Petition Seeks Removal of Alexander as NSA Director
It has been a rough few months for the National Security Agency, and specifically for its director, Gen. Keith Alexander. The leaks of details of NSA surveillance programs by former contractor Edward Snowden have taken over the news cycle this summer and put the agency’s business out in the open...
Air Force Classifies Some Cybersecurity Tools as Weapons
The United States government for years has been developing and deploying offensive cyber capabilities, most of it done without much in the way of public notice. That’s been changing of late, as government and military officials have become more open in discussing these capabilities and under what...
Pentagon Plans Massive Increase in Cybersecurity Teams
As the Senate pushes for legislation to improve information-sharing on threats and attacks and President Barack Obama prepares to issue an executive order on cybersecurity, the Department of Defense is looking for a massive increase in the number of trained cybersecurity personnel helping to defe...
NSA Chief Says Today's Cyber Attacks Amount to 'Greatest Transfer of Wealth in History'
The general in charge of the National Security Agency on Monday said the lack of national cybersecurity leglislation is costing us big and amounting to what he believes is “the greatest transfer of wealth in history.” U.S. Army Gen. Keith B. Alexander urged politicians to stop stalling on approvi...
NSA Director Says Agency Should Not Monitor Private Networks
The hysteria in Washington regarding the comprehensive infiltration of U.S. government and civilian networks by China has gotten to the point now that the director of the National Security Agency is saying in open Congressional hearings that his agency, the U.S. Cyber Command and others should be...
NSA Director Says U.S. Working to Push Attack Data to ISPs
WASHINGTON–The commander of the U.S. Cyber Command said that the federal government is working on a system now that would allow it to work with ISPs and others to help stop ongoing attacks against government and private networks by pushing intelligence and attack signatures to them. Gen. Keith...
Thumb Drive Attack in 2008 Compromised Classified U.S. Networks
A senior official at the Department of Defense is talking publicly about a 2008 security breach that he claims compromised classified intelligence networks used by the U.S. military. Classified networks used by the U.S. military were the target of a successful attack by a foreign nation in 2008,...
NSA Director to Head U.S. Cyber Command
The U.S. Senate has approved Lt. Gen. Keith Alexander, director of the National Security Agency, to also head the military’s recently created U.S. Cyber Command. Read the full article. Computerworld...