Codesys Patches 11 Flaws Likely Affecting Controllers From Several ICS Vendors
Codesys this week announced patches for nearly a dozen vulnerabilities discovered in the company's products by researchers at Chinese cybersecurity firm NSFocus. The industrial automation software solutions provided by the German company are used by some of the world's largest industrial control system (ICS) manufacturers, and vulnerabilities affecting Codesys products can impact a large number of devices. READ MORE...
Beijing-backed attackers use ransomware as a decoy while they conduct espionage
A state-sponsored Chinese threat actor has used ransomware as a distraction to help it conduct electronic espionage, according to security software vendor Secureworks. The China-backed group, which Secureworks labels Bronze Starlight, has been active since mid-2021. It uses an HUI loader to install ransomware, such as LockFile, AtomSilo, Rook, Night Sky and Pandora. But cybersecurity firm Secureworks asserts that ransomware is probably just a distraction from the true intent: cyber espionage. READ MORE...
Google Warns Spyware Being Deployed Against Android, iOS Users
Google is warning victims in Kazakhstan and Italy that they are being targeted by Hermit, a sophisticated and modular spyware from Italian vendor RCS Labs that not only can steal data but also record and make calls. Researchers from Google Threat Analysis Group (TAG) revealed details in a blog post Thursday by TAG researchers Benoit Sevens and Clement Lecigne about campaigns that send a unique link to targets to fake apps impersonating legitimate ones to try to get them to download and install the spyware. READ MORE...
Malicious Windows 'LNK' attacks made easy with new Quantum builder
Malware researchers have noticed a new tool that helps cybercriminals build malicious .LNK files to deliver payloads for the initial stages of an attack. LNKs are Windows shortcut files that can contain malicious code to abuse legitimate tools on the system, the so-called living-off-the-land binaries (LOLBins), such as PowerShell or the MSHTA that is used to execute Microsoft HTML Application (HTA) files. READ MORE...
Conti ransomware group's pulse stops, but did it fake its own death?
The dark web leak site used by the notorious Conti ransomware gang has disappeared, along with the chat function it used to negotiate ransoms with victims. For as long as this infrastructure is down the group is unable to operate and a significent threat is removed from the pantheon of ransomware threats. Ransomware gangs like Conti use the threat of leaking stolen data on their dark web sites to extort enormous ransoms from their victims, making the sites a vital cog in the ransomware machine. READ MORE...
CISA: Log4Shell exploits still being used to hack VMware servers
CISA warned today that threat actors, including state-backed hacking groups, are still targeting VMware Horizon and Unified Access Gateway (UAG) servers using the Log4Shell (CVE-2021-44228) remote code execution vulnerability. Attackers can exploit Log4Shell remotely on vulnerable servers exposed to local or Internet access to move laterally across networks until they gain access to internal systems containing sensitive data. READ MORE...
- ...in 1901, basketball player and Converse athletic-shoe namesake Chuck Taylor is born in Azalia, IN.
- ...in 1916, Mary Pickford becomes the first female film star to sign a million-dollar contract.
- ...in 1949, the first television western, "Hopalong Cassidy" premieres on NBC.
- ...in 1979, comedian and actress Mindy Kaling is born in Cambridge, MA.
