Aug 30, 2024Ravie LakshmananCryptojacking / Vulnerability Threat actors are actively exploiting a now-patched, critical security flaw impacting the Atlassian Confluence Data Center and Confluence Server to conduct illicit cryptocurrency mining on susceptible instances. “The attacks involve threat actors that employ methods such as the deployment of shell scripts and XMRig miners, targeting of SSH endpoints,…
Read More
Emotet first appeared in 2014, but like Zeus, is now a modular program most often used to deliver other forms of malware, with Trickster and Ryuk being two prominent examples. Emotet is so good at what it does that Arne Schoenbohm, head of the German Federal Office for Information Security, calls it the “king of…
Read More
Aug 30, 2024Ravie LakshmananCyber Espionage / Threat Intelligence Chinese-speaking users are the target of a “highly organized and sophisticated attack” campaign that is likely leveraging phishing emails to infect Windows systems with Cobalt Strike payloads. “The attackers managed to move laterally, establish persistence and remain undetected within the systems for more than two weeks,” Securonix…
Read More
Aug 30, 2024The Hacker NewsICS Security / OT Security A comprehensive guide authored by Dean Parsons emphasizes the growing need for specialized ICS security measures in the face of rising cyber threats. With a staggering 50% increase in ransomware attacks targeting industrial control systems (ICS) in 2023, the SANS Institute is taking decisive action by…
Read More
Aug 30, 2024Ravie LakshmananCryptocurrency / Malware Threat actors with ties to North Korea have been observed publishing a set of malicious packages to the npm registry, indicating “coordinated and relentless” efforts to target developers with malware and steal cryptocurrency assets. The latest wave, which was observed between August 12 and 27, 2024, involved packages named…
Read More
The RansomHub ransomware gang is behind the recent cyberattack on oil and gas services giant Halliburton, which disrupted the company’s IT systems and business operations. The attack caused widespread disruption, and BleepingComputer was told that customers couldn’t generate invoices or purchase orders because the required systems were down. Halliburton disclosed the attack last Friday in…
Read More
From a software perspective, Sovereign SASE supports the same features that are provided as part of Fortinet’s security service edge (SSE) offering, FortiSASE. The difference with Sovereign SASE is how SASE is deployed, Shah said. With Sovereign SASE, customers or partners (including managed security service providers) host the hardware based on Fortinet’s predefined hardware bundles,…
Read More
The integrated F5/Intel offering, which is available, will be particularly beneficial for edge applications, such as video analytics and IoT, where low latency and high performance are crucial, wrote Kunal Anand, chief technology officer with F5, in a blog about the technology. “F5 NGINX Plus works as a reverse proxy, offering traffic management and protection…
Read More
The exploration of a sale of cybersecurity firm Secureworks by majority owner Dell is reportedly underway. Dell Technologies is mulling the possibility of selling Secureworks to private equity investors, according to a report. According to a Reuters report Thursday, Dell—which is the majority owner of publicly traded Secureworks—has hired a pair of investment bankers as…
Read More
OpenAI is reportedly courting Apple as an investor. OpenAI is reportedly courting Apple as an investor in a funding round that would take the ChatGPT creator and artificial intelligence innovator to a valuation of more than $100 billion. Apple rival Microsoft – which has invested about $13 billion into OpenAI, owns 49 percent of the…
Read More