Information

27 Sep

‘Snatch’ Ransom Group Exposes Visitor IP Addresses

Data Breaches, Information, Insights

The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing malware disguised as popular free software, such as Microsoft Teams, Adobe Reader, Mozilla Thunderbird, and Discord. First spotted in 2018,…

Read More
27 Sep

Update on Naked Security

Information

Dear Naked Security readers, Firstly, thank you for your interest, your time, and your contributions to the Naked Security community. Your invaluable engagement and expertise have helped improve cybersecurity for everyone. We have recently added the extensive catalog of Naked Security articles to the Sophos News blog platform, enabling us to provide all Sophos security research, insights, and intelligence in a single location. We are redirecting articles from Naked Security to Sophos News and you…

Read More
27 Sep

New GPU Side-Channel Attack Allows Malicious Websites to Steal Data

Information, News

Nearly all modern graphics processing units (GPUs) are vulnerable to a new type of side-channel attack that could be leveraged to obtain sensitive information, according to a team of researchers from various universities in the United States. The new attack method, named GPU.zip, was discovered and detailed by representatives of the University of Texas at Austin, Carnegie Mellon University, University of Washington, and University of Illinois Urbana-Champaign. The GPU.zip attack leverages hardware-based graphical data compression,…

Read More
25 Sep

Stealthy APT Gelsemium Seen Targeting Southeast Asian Government

Information, News

A stealthy advanced persistent threat (APT) actor known as Gelsemium has been observed targeting a government entity in Southeast Asia to establish persistence and collect intelligence, cybersecurity firm Palo Alto Networks reveals. As part of the observed activity, spanning over a period of six months in late 2022 and into 2023, the threat actor deployed a variety of web shells to support lateral movement and malware delivery, along with backdoors, a Cobalt Strike beacon, and…

Read More
24 Sep

Stealth Falcon preying over Middle Eastern skies with Deadglyph

Information

For years, the Middle East has maintained its reputation as a fertile ground for advanced persistent threats (APTs). In the midst of routine monitoring of suspicious activities on the systems of high-profile customers, some based in this region, ESET Research stumbled upon a very sophisticated and unknown backdoor that we have named Deadglyph. We derived the name from artifacts found in the backdoor (such as 0xDEADB001, shown also in Table 1), coupled with the presence…

Read More
24 Sep

ESET’s cutting-edge threat research at LABScon – Week in security with Tony Anscombe

Information

Video Two ESET malware researchers took to the LABScon stage this year to deconstruct sophisticated attacks conducted by two well-known APT groups 22 Sep 2023 The lineup of speakers at this year’s edition of LABScon featured two ESET malware researchers who took to the stage to deconstruct sophisticated attacks conducted by two well-known APT groups. On Thursday, Zuzana Hromcová delivered a talk on two cyberespionage campaigns that OilRig, an Iran-aligned threat group, conducted throughout 2021…

Read More
23 Sep

Researchers Discover Attempt to Infect Leading Egyptian Opposition Politician With Predator Spyware

Information, News

A leading Egyptian opposition politician was targeted with spyware after announcing a presidential bid, security researchers reported Friday. They said Egyptian authorities were likely behind the attempted hack. Discovery of the attempt last week by researchers at Citizen Lab and Google’s Threat Analysis Group prompted Apple to rush out operating system updates for iPhones, iPads, Mac computers and Apple Watches to patch the associated vulnerabilities. Citizen Lab said in a blog post that recent attempts…

Read More
22 Sep

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

Data Breaches, Information, Insights

The password manager service LastPass is now forcing some of its users to pick longer master passwords. LastPass says the changes are needed to ensure all customers are protected by their latest security improvements. But critics say the move is little more than a public relations stunt that will do nothing to help countless early adopters whose password vaults were exposed in a 2022 breach at LastPass. LastPass sent this notification to users earlier this…

Read More
22 Sep

In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking

Information, News

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and…

Read More
22 Sep

China’s Offensive Cyber Operations in Africa Support Soft Power Efforts

Information, News

Chinese state-sponsored threat groups have targeted telecommunications, financial and government organizations in Africa in support of Beijing’s soft power agenda in the region, according to SentinelOne. Earlier this year, SentinelOne reported seeing a Chinese cyberespionage group targeting telecoms providers in the Middle East as part of an operation dubbed Tainted Love. The cybersecurity firm revealed on Thursday that the same threat actor, which could be linked to China’s APT41 group, has also been observed targeting…

Read More