Author: nlqip
The fourth day of Pwn2Own Ireland 2024 marked the end of the hacking competition with more than $1 million in prizes for over 70 unique zero-day vulnerabilities in fully patched devices. The hacking contest pits security researchers against various software and hardware products, in an attempt earn the “Master of Pwn” title by compromising targets in eight categories…
Read More
Oct 26, 2024Ravie LakshmananCybercrime / Malware Four members of the now-defunct REvil ransomware operation have been sentenced to several years in prison in Russia, marking one of the rare instances where cybercriminals from the country have been convicted of hacking and money laundering charges. Russian news publication Kommersant reported that a court in St. Petersburg…
Read More
Oct 26, 2024Ravie LakshmananCloud Security / Cryptocurrency The infamous cryptojacking group known as TeamTNT appears to be readying for a new large-scale campaign targeting cloud-native environments for mining cryptocurrencies and renting out breached servers to third-parties. “The group is currently targeting exposed Docker daemons to deploy Sliver malware, a cyber worm, and cryptominers, using compromised…
Read More
Oct 26, 2024Ravie LakshmananCyber Attack / Threat Intelligence The Computer Emergency Response Team of Ukraine (CERT-UA) has detailed a new malicious email campaign targeting government agencies, enterprises, and military entities. “The messages exploit the appeal of integrating popular services like Amazon or Microsoft and implementing a zero-trust architecture,” CERT-UA said. “These emails contain attachments in…
Read More
The BlackBasta ransomware operation has moved its social engineering attacks to Microsoft Teams, posing as corporate help desks contacting employees to assist them with an ongoing spam attack. Black Basta is a ransomware operation active since April 2022 and responsible for hundreds of attacks against corporations worldwide. After the Conti cybercrime syndicate shut down in…
Read More
Russia has sentenced four members of the REvil ransomware operation to over 4 years in prison for distributing malware and illegal circulation of means of payment. REvil ransomware (aka Sodin and Sodinokibi) was launched in April 2019 as a direct successor of the GandCrab operation. In less than a year, the gang became the most prolific ransomware group, asking…
Read More
Amazon has seized domains used by the Russian APT29 hacking group in targeted attacks against government and military organizations to steal Windows credentials and data using malicious Remote Desktop Protocol connection files. APT29, also known as “Cozy Bear” and “Midnight Blizzard,” is a Russian state-sponsored cyber-espionage group linked to Russia’s Foreign Intelligence Service (SVR). Amazon clarifies that…
Read More
Tuan Tran is stepping down from his role as president of HP’s printing and imaging business to lead the PC and print giant’s cross-company AI strategy as the leader of a new organization. Taking over the printing business is 30-year HP veteran Anneliese Olson. HP Inc. has tapped the leader of its printing and imaging…
Read More
Gad Rosenthal Gad Rosenthal is a senior product manager at Tenable, where he leads the development of data security posture management (DSPM) capabilities. He joined Tenable after it acquired Eureka, a cloud data security company. Gad has also held cybersecurity roles at Microsoft, Siemplify (now part of Google), and Imperva, and has led cybersecurity and…
Read More
Frequently asked questions about a zero-day vulnerability in Fortinet’s FortiManager that has reportedly been exploited in the wild. Background The Tenable Security Response Team (SRT) has compiled this blog to answer Frequently Asked Questions (FAQ) regarding a zero-day vulnerability in Fortinet’s FortiManager. Update October 23: The blog has been updated with new information about in-the-wild…
Read More