The UK National Cyber Security Centre (NCSC) and Korea's National Intelligence Service (NIS) have issued a fresh warning on Democratic People's Republic of Korea (DPRK) state-sponsored hackers targeting government, financial, and defense organizations via software supply chain attacks. As part of the observed supply chain attacks, the DPRK threat actors employed zero-day and n-day vulnerabilities, and exploited multiple flaws in series "to precisely attack a specific target", NCSC and NIS note in the alert. READ MORE...
A hacking campaign displaying what researchers say is some of the most advanced publicly known tradecraft targeting Israel in recent years is showing signs of active development and evolution, a troubling development that has so far blended into the noise of near constant cyber operations targeting Israel. There's been no shortage of cyberattacks of varying severity targeting Israeli institutions, but the tradecraft and capabilities displayed by the so-far unattributed group is far more sophisticated. READ MORE...
Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service providers across the U.S., maintaining online wellness programs, holding databases with personal patient data, generating predictive analytics, and supporting healthcare needs like medication adherence and pandemic response. READ MORE...
General Electric is investigating claims that a threat actor breached the company's development environment in a cyberattack and leaked allegedly stolen data. General Electric (GE) is an American multinational company with divisions in power, renewable energy, and aerospace industries. Earlier this month, a threat actor named IntelBroker attempted to sell access to General Electric's "development and software pipelines" for $500 on a hacking forum. READ MORE...
The Municipal Water Authority of Aliquippa in Pennsylvania has confirmed that hackers took control of a system associated with a booster station over the weekend, but said there was no risk to the water supply. The company provides water and sewer services to more than 6,600 customers in Aliquippa and portions of Hopewell, Raccoon and Potter Townships. The compromised system is associated with a booster station that monitors and regulates water pressure for Raccoon and Potter Townships. READ MORE...
Fortune 500 insurance biz Fidelity National Financial (FNF) has confirmed that it has fallen victim to a "cybersecurity incident." The announcement came in the form of an 8-K filing with the Securities and Exchange Commission (SEC) on Tuesday, saying it had been forced to shut down a number of systems, disrupting various areas of the business. FNF recorded more than $11 billion in total revenue in 2022 and is one of the largest underwriters to the real estate and mortgage industries in the US. READ MORE...
Cybercriminals working out of Russia go to great lengths to conceal their real identities, and you won't ever find the state trying to unmask them either - as long as they keep supplying the attacks on Axis nations. It's the reason why we found it so amusing that of all the ways the identity of an organized cybercrime gang leader could be revealed, it was Russian state media that may have recently outed someone of note. READ MORE...
The recent theft of my voice brought me to a new fork in the road in terms of how AI already has the potential of causing social disruption. I was so taken aback by the quality of the cloned voice (and in that extremely clever, yet comedic, style by one of my colleagues) that I decided to use the same software for "nefarious" purposes and see how far I could go in order to steal from a small business - with permission, of course! Spoiler alert: it was surprisingly easy to carry out and took hardly any time at all. READ MORE...
Criminal threat groups and nation-state actors are exploiting a critical vulnerability in Citrix Netscaler ADC and Netscaler Gateway to launch attacks, the Cybersecurity and Infrastructure Security Agency and FBI warned on Tuesday. Affiliates of LockBit 3.0 exploited the vulnerability - dubbed CitrixBleed by researchers - to gain access into Boeing's parts and distribution unit and exfiltrate data, as part of a suspected ransomware attack, according to federal authorities. READ MORE...
Researchers have found several weaknesses in Windows Hello fingerprint authentication on Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X laptops. Microsoft's Offensive Research and Security Engineering (MORSE) asked the researchers to evaluate the security of the top three fingerprint sensors embedded in laptops. They found vulnerabilities that allowed them to completely bypass Windows Hello authentication on all three. READ MORE...
Miscreants are actively exploiting two new zero-day vulnerabilities to wrangle routers and video recorders into a hostile botnet used in distributed denial-of-service attacks, researchers from networking firm Akamai said Thursday. Both of the vulnerabilities, which were previously unknown to their manufacturers and to the security research community at large, allow for the remote execution of malicious code when the affected devices use default administrative credentials, according to an Akamai post. READ MORE...