Recent activity by North Korea's infamous Lazarus Group provides fresh evidence of the growing threat actor interest in using trusted IT supply chain vendors as entry points to enterprise networks. Security researchers from Kaspersky recently discovered two separate campaigns where the Lazarus Group infiltrated the network of an IT company - likely as part of a broader strategy to compromise its downstream customers. READ MORE...
U.S. federal investigators today raided the Florida offices of PAX Technology, a Chinese provider of point-of-sale devices used by millions of businesses and retailers globally. KrebsOnSecurity has learned the raid is tied to reports that PAX's systems may have been involved in cyberattacks on U.S. and E.U. organizations. Headquartered in Shenzhen, China, PAX Technology Inc. has more than 60 million point-of-sale terminals in use throughout 120 countries. READ MORE...
An attack on the fuel distribution chain in Iran reportedly forced the shutdown of a network of filling stations Tuesday, leaving motorists stranded at pumps across the country and unable to fill up their tanks. The incident disabled government-issued electronic cards providing subsidies that many Iranians use to purchase fuel at discounted prices, according to a report in The Times of Israel, which said that the Iran Supreme National Security Council confirmed the attack. READ MORE...
Two weeks ago was Cybersecurity Awareness Month's "Fight the Phish" week, a theme that the #Cybermonth organisers chose because this age-old cybercrime is still a huge problem. Even though lots of us receive many phishing scams that are obvious when we look at them ourselves, it's easy to forget that the "obviousness" of many scam emails comes from the fact that the crooks never intended those scams for us in the first place. READ MORE...
Adobe on Tuesday released a slew of urgent patches with fixes for more than 90 documented vulnerabilities that expose Windows, macOS and Linux users to malicious hacker attacks. The security defects affect a wide range of popular products, including Adobe Photoshop, Adobe InDesign, Adobe Illustrator and Adobe Premiere. In all, Adobe provided documentation on 92 vulnerabilities and warned that more than 60 of these flaws carry remote code execution risks. READ MORE...
A new malware threat named Squirrelwaffle has emerged in the wild, supporting actors with an initial foothold and a way to drop malware onto compromised systems and networks. The new malware tool spreads via spam campaigns dropping Qakbot and Cobalt Strike in the most recent campaigns. Discovered by researchers at Cisco Talos, Squirrelwaffle is one of the tools that emerged as an Emotet replacement shortly after the law enforcement disruption on the widely used botnet. READ MORE...
The FBI said on Monday that Ranzy Locker ransomware operators had compromised at least 30 US companies this year from various industry sectors. "Unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021," the FBI said in a TLP: WHITE flash alert. "The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, the information technology sector, and the transportation sector.' READ MORE...
During the month following its release, Squid Game, a South Korean survival drama tv-series, became Netflix's biggest series, with more than 111 million viewers. Following demand from viewers, cybercriminals are not shy in taking advantage of fans' eagerness to watch the show, with well-known fraud schemes hitting the web. Kaspersky experts share their insights on the most common and sophisticated Squid Game related threats found in the wild, including Trojans, adware, and phishy offers of Halloween costumes. READ MORE...