The Office of Foreign Assets Control has imposed sanctions on a Beijing-based cybersecurity company linked to the state-sponsored threat group, Flax Typhoon, the Department of Treasury said Friday. The agency said Integrity Technology Group Inc. has engaged in a series of malicious cyber activities against various critical infrastructure providers and other targets in the U.S. READ MORE...
The Green Bay Packers American football team is notifying fans that a threat actor hacked its official online retail store in October and injected a card skimmer script to steal customers' personal and payment information. The National Football League team says it immediately disabled all checkout and payment capabilities after discovering on October 23 that the packersproshop.com website was breached. READ MORE...
A US chain of dental offices known as Westend Dental LLC denied a 2020 ransomware attack and its associated data breach, instead telling their customers that data was lost due to an "accidentally formatted hard drive." Unfortunately for the organization, the truth was found out. Westend Dental agreed to settle several violations of the Health Insurance Portability and Accountability Act (HIPAA) in a penalty of $350,000. READ MORE...
This article presents key insights from 2024 reports on the rise of phishing attacks, focusing on how advancements in AI and deepfake technology are making social engineering tactics more sophisticated. Examining data collected between June 2023 and June 2024, Abnormal saw file-sharing phishing volume more than triple, increasing 350% over the year. The majority of these attacks were sophisticated in nature, with 60% exploiting legitimate domains. READ MORE...
Hardware makers MediaTek, HPE and Dell on Monday released advisories to inform customers about potentially serious vulnerabilities found and patched in their products. Taiwanese semiconductor company MediaTek announced patches for a dozen vulnerabilities, including a critical-severity flaw in the modem component of tens of chipsets that could lead to remote code execution (RCE). READ MORE...
A new advanced Android spyware threat called "FireScam" is using a fake Telegram Premium application to drop an infostealer on victims' phones that is able to track, monitor, and collect sensitive data on its victims. Researchers at Cyfirma behind a new FireScam analysis said the campaign is part of a wider trend of threat actors finding success disguising malware as legitimate applications and services. READ MORE...
Roughly 2,000 ransomware attacks were launched over the past decade against critical infrastructure organizations in the United States and other countries, according to data collected as part of a project maintained at Temple University in Philadelphia. SecurityWeek first wrote about the project in 2020, when it covered more than 680 ransomware attacks targeting critical infrastructure. By February 2022, the number of entries exceeded 1,100, and it has now reached just over 2,000. READ MORE...
In 2012, an industry-wide coalition of hardware and software makers adopted Secure Boot to protect Windows devices against the threat of malware that could infect the BIOS and, later, its predecessor the UEFI, the firmware that loaded the operating system each time a computer booted up. Firmware-dwelling malware raises the specter of malware that infects the devices before the operating system even loads, each time they boot up. READ MORE...
Industrial networking and communications provider Moxa is warning of a high-severity and a critical vulnerability that impact various models of its cellular routers, secure routers, and network security appliances. The two seurity issues allow remote attackers to get root privileges on vulnerable devices and to execute arbitrary commands, which could lead to arbitrary code execution. READ MORE...