サイバーヴィッシュ テクノロジーなどに関する最新の洞察とトレンド ハック
サイバーセキュリティ

Chinese Hackers Using New Stealthy Infection Chain to Deploy LODEINFO Malware

Chinese state-sponsored threat actor targets media, diplomatic, governmental and public sector organizations and think-tanks in Japan Stone Panda which is the Chinese state-sponsored threat actor, has been observed employing a new stealthy infection chain in its attacks aimed at Japanese entities. Targets include media, diplomatic, governmental and public sector organizations and think-tanks in Japan, according to twin reports published by Kaspersky. Stone Panda, also called APT10, Bronze Riverside, Cicada, and Potassium, is a cyber espionage group known for its intrusions against organizations identified as strategically significant to China. The threat actor is believed to have been active since at least 2009. The latest set of attacks was observed between March […]

続きを読む
サイバーセキュリティ

Unofficial Patch Released for New Actively Exploited Windows MotW Vulnerability

An unofficial patch has been made available for an actively exploited security flaw in Microsoft Windows The newly released patch makes it possible for files signed with malformed signatures to sneak past Mark-of-the-Web (MotW) protections. A week ago,d HP Wolf Security disclosed a Magniber ransomware campaign that targets users with fake security updates which employ a JavaScript file to proliferate the file-encrypting malware. After the disclosure of Magniber was done,the fix was released by 0patch. While files downloaded from the internet in Windows are tagged with a MotW flag to prevent unauthorized actions, it has since been found that corrupt Authenticode signatures can be used to allow the execution of […]

続きを読む
サイバーセキュリティ

Fodcha DDoS Botnet Resurfaces with New Capabilities

The threat actor behind the Fodcha distributed denial-of-service botnet has reemerged with new capabilities. This includes changes to its communication protocol and the ability to extort cryptocurrency payments in exchange for stopping the DDoS attack against a target, Qihoo 360’s Network Security Research Lab said in a report published last week. Earlier this April, Fodcha first came to light, with the malware propagating through known vulnerabilities in Android and IoT devices as well as weak Telnet or SSH passwords.The cybersecurity company said that Fodcha has evolved into a large-scale botnet with over 60,000 active nodes and 40 command-and-control (C2) domains that can “easily generate more than 1 Tbps traffic.” Peak […]

続きを読む
サイバーセキュリティ

Twilio Suffers Another Breach After The August Hack- Same Hackers are suspected behind both the breaches

Same Hackers are suspected behind the August and June security breaches. After the August hack resulted in unauthorized access of customer information, Communication services provider Twilio, this week disclosed that they had experienced a “brief security incident” in June 2022 , Twilio stated that the breach was perpetrated by the same threat actor behind the August hack. The security event occurred on June 29, 2022, the company said in an updated advisory shared this week, as part of its probe into the digital break-in. “In the June incident, a Twilio employee was socially engineered through voice phishing (or ‘vishing’) to provide their credentials, and the malicious actor was able to […]

続きを読む
未分類

Largest EU copper producer Aurubis suffers cyberattack

Aurubis which is German copper producer suffers cyberattack German copper producer Aurubis ,which is Europe’s largest copper producer and the world’s second largest, has announced that it suffered a cyberattack that forced it to shut down IT systems to prevent the attack’s spread. Aurubis with 6,900 employees worldwide, and produces one million tonnes of copper cathodes yearly. In an announcement published on their website, Aurubis says they shut down various systems at their locations but that it has not impacted production. “The production and environmental protection facilities at the smelter sites are running, and incoming and outgoing goods are also being maintained manually,” comments Aurubis’ announcement. At this time, the […]

続きを読む
サイバーセキュリティ

A possible data breach being reviewed by Bed Bath & Beyond

Bed Bath & Beyond said that there was a possible data breach in the company Bed Bath & Beyond Inc were of the view that there was a possible data breach in the company. The company on Friday said that a third party had improperly accessed its data through a phishing scam this month. The data was breached by accessing the hard drive and certain shared drives of one of its employees. The big-box retailer said it was reviewing the data that was accessed so it can determine whether the drives contained any sensitive or personally identifiable information. The home goods retailer added it has no reason to believe that […]

続きを読む