Month: June 2024
First, “we take a working backwards approach to product development. This means that we start by understanding our customers’ needs and build our products around them. From design time forward, our security and product teams work together to ensure our products meet our customers’ expectations for security.” The next step is to sit with the…
Read More
Jun 07, 2024NewsroomCryptojacking / Vulnerability The threat actor known as Commando Cat has been linked to an ongoing cryptojacking attack campaign that leverages poorly secured Docker instances to deploy cryptocurrency miners for financial gain. “The attackers used the cmd.cat/chattr docker image container that retrieves the payload from their own command-and-control (C&C) infrastructure,” Trend Micro researchers…
Read More
Los Angeles Unified School District (LAUSD) officials are investigating a threat actor’s claims that they’re selling stolen databases containing records belonging to millions of students and thousands of teachers. LAUSD is the second largest public school district in the United States, with over 25,900 teachers, roughly 48,700 other employees, and more than 563,000 students enrolled…
Read More
Image: Midjourney Chinese threat actors are targeting ThinkPHP applications vulnerable to CVE-2018-20062 and CVE-2019-9082 to install a persistent web shell named Dama. The web shell enables further exploitation of the breached endpoints, such as enlisting them as part of the attackers’ infrastructure to evade detection in subsequent operations. The first signs of this activity date back…
Read More
The Computer Emergency Response Team of Ukraine (CERT-UA) reports about a new campaign dubbed “SickSync,” launched by the UAC-0020 (Vermin) hacking group in attacks on the Ukrainian defense forces. The threat group is linked to the Luhansk People’s Republic (LPR) region, which Russia has occupied almost in its entirety since October 2022. The hacker’s activities commonly…
Read More
When CISA called on the world’s leading software manufacturers to sign its Secure by Design Pledge, Tenable answered promptly and enthusiastically, becoming part of the first wave of supporters of this landmark initiative. In this blog post, Tenable CSO, Head of Research and President of Public Sector Robert Huber explains the significance of this pledge…
Read More
Based on technology from its recent Talend and Kyndi acquisitions, Qlik this week launched a new platform with comprehensive data integration and management services and a new GenAI assistant for tapping into unstructured data. Data analytics and integration tech developer Qlik has launched the Qlik Talend Cloud, a new data management platform based on technology…
Read More
A new ransomware operation named ‘Fog’ launched in early May 2024, using compromised VPN credentials to breach the networks of educational organizations in the U.S. Fog was discovered by Arctic Wolf Labs, which reported that the ransomware operation has not set up an extortion portal yet and was not observed stealing data. However, BleepingComputer can…
Read More
Attackers are targeting GitHub repositories, wiping their contents, and asking the victims to reach out on Telegram for more information. These attacks are part of what looks like an ongoing campaign first spotted on Wednesday by Germán Fernández, a security researcher at Chilean cybersecurity company CronUp. The threat actor behind this campaign—who has the Gitloker…
Read More
The most likely way the FBI will associate specific keys with specific victims — assuming that particular victim contacts the authorities — is that “the FBI will generate a script that will run all 7,000-plus keys” against the victim’s still-locked files, Levine said. There’s also a possibility that LockBit was reusing keys, he said. A reason…
Read More