Category: Viral
Oct 03, 2024Ravie LakshmananCyber Espionage / Threat Intelligence Threat actors with ties to North Korea have been observed delivering a previously undocumented backdoor and remote access trojan (RAT) called VeilShell as part of a campaign targeting Cambodia and likely other Southeast Asian countries. The activity, dubbed SHROUDED#SLEEP by Securonix, is believed to be the handiwork…
Read MoreOrganizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researchers say these illicit chat bots, which use custom jailbreaks to bypass content filtering, often veer into darker role-playing scenarios, including child…
Read MoreProlific Cisco inventor JP Vasseur is joining Nvidia shortly after the AI computing giant’s CFO, Colette Kress, said that the company’s Spectrum-X line of Ethernet networking products for data centers is ‘well on track to begin a multibillion-dollar product line within a year.’ Nvidia has hired a 25-year Cisco Systems engineering veteran, once credited as…
Read MoreOct 03, 2024Ravie LakshmananCybercrime / Financial Fraud INTERPOL has announced the arrest of eight individuals in Côte d’Ivoire and Nigeria as part of a crackdown on phishing scams and romance cyber fraud. Dubbed Operation Contender 2.0, the initiative is designed to tackle cyber-enabled crimes in West Africa, the agency said. One such threat involved a…
Read MoreOct 03, 2024Ravie LakshmananCybercrime / Ransomware A new wave of international law enforcement actions has led to four arrests and the takedown of nine servers linked to the LockBit (aka Bitwise Spider) ransomware operation, marking the latest salvo against what was once a prolific financially motivated group. This includes the arrest of a suspected LockBit…
Read MoreOct 03, 2024Ravie LakshmananVulnerability / Endpoint Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2024-29824, carries a CVSS score of 9.6…
Read MoreCISA urges organizations to address the remote code execution vulnerability affecting Ivanti EPM. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) Wednesday urged organizations to prioritize patching for a previously disclosed, critical-severity vulnerability affecting Ivanti Endpoint Manager, which has now seen exploitation in attacks. The remote code execution (RCE) flaw in the product, also known…
Read MoreA large-scale fraud campaign leveraged fake trading apps published on the Apple App Store and Google Play Store, as well as phishing sites, to defraud victims, per findings from Group-IB. The campaign is part of a consumer investment fraud scheme that’s also widely known as pig butchering, in which prospective victims are lured into making…
Read MoreThe security and channel veteran is joining Extreme Networks to help the company remain a leader as it works to drive a deeper connection between networking, security and AI. Networking specialist Extreme Networks has brought on David Nuti to lead the company’s security sales at a time when the convergence between networking and security has…
Read MoreOct 02, 2024Ravie LakshmananCyber Espionage / Cloud Security A previously undocumented threat actor called CeranaKeeper has been linked to a string of data exfiltration attacks targeting Southeast Asia. Slovak cybersecurity firm ESET, which observed campaigns targeting governmental institutions in Thailand starting in 2023, attributed the activity cluster as aligned to China, leveraging tools previously identified…
Read More