Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these applications may be legitimate, they operate within the blind spots of the corporate security team and expose the company to attackers. Shadow apps may include instances of software that the company is already using. For…
Read More
The NoName ransomware gang has been trying to build a reputation for more than three years targeting small and medium-sized businesses worldwide with its encryptors and may now be working as a RansomHub affiliate. The gang uses custom tools known as the Spacecolon malware family, and deploys them after gaining access to a network through brute-force methods…
Read More
Sep 10, 2024Ravie LakshmananCyber Attack / Malware The threat actor tracked as Mustang Panda has refined its malware arsenal to include new tools in order to facilitate data exfiltration and the deployment of next-stage payloads, according to new findings from Trend Micro. The cybersecurity firm, which is monitoring the activity cluster under the name Earth…
Read More
Ransomware affiliates exploit a critical security vulnerability in SonicWall SonicOS firewall devices to breach victims’ networks. Tracked as CVE-2024-40766, this improper access control flaw affects Gen 5, Gen 6, and Gen 7 firewalls. SonicWall patched it on August 22 and warned that it only impacted the firewalls’ management access interface. However, on Friday, SonicWall revealed that the…
Read More
New attacks attributed to China-based cyber espionage group Mustang Panda show that the threat actor switched to new strategies and malware called FDMTP and PTSOCKET to download payloads and steal information from breached networks. Researchers found that the hackers are using a variant of the HIUPAN worm to deliver the PUBLOAD malware stager through removable…
Read More
The Quad7 botnet is evolving its operation by targeting additional SOHO devices with new custom malware for Zyxel VPN appliances, Ruckus wireless routers, and Axentra media servers. This comes in addition to the TP-Link routers reported initially by Sekoia, from where the botnet got its name due to targeting port 7777, and also the ASUS routers targeted by…
Read More
The iPhone 16 series is arriving ahead of its much-hyped Apple Intelligence set of AI features, which will debut in beta next month with an initial set of features for the iPhone 15 Pro or higher as well as Macs and iPads with an M1 or newer system-on-chip. Apple said its newly revealed iPhone 16…
Read More
TD Synnex, Skyhigh Security, Leidos, Microsoft, NetApp and Salesforce were among the tech companies making key executive hires and moves in August 2024. A chief information security officer at TD Synnex. A chief technology officer at Skyhigh Security. And a chief data officer at Leidos. Alicia Lynch, formerly with Cognizant; Steve Tait, formerly with Snow…
Read More
Tenable®, the exposure management company, announced today that Shelly Raban, senior cloud security researcher for Tenable, will give a presentation at fwd:cloudsec Europe 2024, taking place on 17 September, 2024 in Brussels, Belgium. During the session titled, “Who Watches the Watchmen? Stealing Credentials from Policy-as-Code Engines (and Beyond),” Raban will explore techniques adversaries use to…
Read More
Highline Public Schools, a K-12 district in Washington state, has shut down all schools and canceled school activities after its technology systems were compromised in a cyberattack. In a statement issued Monday, the district confirmed that all schools would remain closed, and all activities, including athletics and meetings, would be canceled on September 9. However, the…
Read More