Information

11 Jul

Russia-Linked RomCom Hackers Targeting NATO Summit Guests

Information, News

As part of a recently identified cyber operation, a Russia-linked threat actor known as RomCom has been targeting entities supporting Ukraine, including guests at the 2023 NATO Summit taking place July 11-12, the cybersecurity unit at BlackBerry reports. Taking place in Vilnius, Lithuania, the NATO Summit has on the agenda talks focusing on the war in Ukraine, as well as new memberships in the organization, including Sweden and Ukraine itself. Taking advantage of the event,…

Read More
08 Jul

Emotet: sold or on vacation? – Week in security with Tony Anscombe

Information

Originally a banking trojan, Emotet later evolved into a full-blown botnet and went on to become one of the most dangerous cyberthreats worldwide Originally a banking trojan, Emotet later evolved into a botnet that went on to become one of the most prevalent cyberthreats worldwide – until it was taken down by an international law enforcement operation in January 2021. Around 10 months later, Emotet sprang back to life, and ESET researchers have now looked…

Read More
07 Jul

Top Suspect in 2015 Ashley Madison Hack Committed Suicide in 2014

Information, Insights

When the marital infidelity website AshleyMadison.com learned in July 2015 that hackers were threatening to publish data stolen from 37 million users, the company’s then-CEO Noel Biderman was quick to point the finger at an unnamed former contractor. But as a new documentary series on Hulu reveals [SPOILER ALERT!], there was just one problem with that theory: Their top suspect had killed himself more than a year before the hackers began publishing stolen user data.…

Read More
07 Jul

After Zero-Day Attacks, MOVEit Turns to Security Service Packs

Information, News

Faced with a barrage of ransomware attacks hitting zero-days in its MOVEit product line, Progress Software late Thursday announced plans to release regular service sacks promising a “predictable, simple and transparent process for product and security fixes.” Less than a month after the notorious Cl0p ransomware gang started naming organizations hit by MOVEit zero-day exploits, Progress Software rolled out its first service pack with patches for at least three critical security defects that expose customer…

Read More
07 Jul

In Other News: Healthcare Product Flaws, Free Email Security Testing, New Attack Techniques

Information, News

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and…

Read More
07 Jul

Former Contractor Employee Charged for Hacking California Water Treatment Facility

Information, News

A 53-year-old man from Tracy, California, has been charged for allegedly hacking into the systems of a water treatment facility in an attempt to delete critical software. The suspect, Rambler Gallo, has been charged with “transmitting a program, information, code, and command to cause damage to a protected computer”, but this is a case of unauthorized access rather than actual hacking.  Gallo worked for a company contracted by the town of Discovery Bay in California…

Read More
07 Jul

What’s up with Emotet?

Information

A brief summary of what happened with Emotet since its comeback in November 2021 Emotet is a malware family active since 2014, operated by a cybercrime group known as Mealybug or TA542. Although it started as a banking trojan, it later evolved into a botnet that became one of the most prevalent threats worldwide. Emotet spreads via spam emails; it can exfiltrate information from, and deliver third-party malware to, compromised computers. Emotet operators are not…

Read More
07 Jul

S3 Ep142: Putting the X in X-Ops

Information, Malware

by Paul Ducklin PUTTING THE X IN X-OPS First there was DevOps, then SecOps, then DevSecOps. Or should that be SecDevOps? Paul Ducklin talks to Sophos X-Ops insider Matt Holdcroft about how to get all your corporate “Ops” teams working together, with cybersecurity correctness as a guiding light. No audio player below? Listen directly on Soundcloud. With Paul Ducklin and Matt Holdcroft. Intro and outro music by Edith Mudge. You can listen to us on…

Read More
06 Jul

Truebot Hackers Exploiting Netwrix Auditor Flaw: CISA, FBI Alert

Information, News

The US government’s cybersecurity agency CISA on Thursday warned that hackers linked to the Truebot malware operation are exploiting a known vulnerability in the Netwrix Auditor application to break into organizations in the US and Canada. In a joint advisory issued alongside the FBI and information sharing partners in Canada, CISA urged network admins to immediately apply patches for remote code execution flaws in IT auditing software sold by Netwrix. The issue, tagged as CVE-2022-31199,…

Read More
06 Jul

Firefox 115 is out, says farewell to older Windows and Mac users

Information

by Paul Ducklin Firefox’s latest monthly update just came out, bumping the primary version of the popular alternative browser to 115.0. OK, it’s technically a once-every-four-weeks update, so that there will sometimes be two major updates in a single calendar month, just as you sometimes get two full moons in a month, but this month there’s only one. (At the end of next month, August 2023, there will co-incidentally be both a blue moon, which…

Read More