An employee of a Ukrainian utility company installed an unlicensed version of Microsoft Office from a torrent website resulting in two remote access Trojans infecting the company's systems. The Computer Emergency Response Team of Ukraine attributes the malware to a group it tracks as UAC-0145.
Retired Lt. Gen. Deependra Singh Hooda recommends applying military principles to assess and enhance cybersecurity readiness and organizational resilience of enterprises. By drawing parallels with military strategies, he stressed the need to prepare for and adapt to evolving threats.
Days after Google suspended the popular budget e-commerce application Pinduoduo from its Play Store, researchers are alleging that the Chinese app can bypass phones' security and monitor activities of other apps, including accessing private messages and changing settings.
Security researchers have uncovered more evidence that the North Korean Lazarus Group is responsible for the software supply chain attack on 3CX, a voice and video calling desktop client used by major multinational companies. Tools and code samples match previous Lazarus hacks.
Suspected North Korean hackers trojanized installers of a voice and video calling desktop client made by 3CX and used by major multinational companies. The vulnerability traces to a poisoned Electron software library file, an open-source framework for user interfaces.
Leaked documents from a Moscow IT consultancy reveal how the Russian government has commissioned tools for its military and intelligence agencies for conducting cyber operations, information warfare, and controlling the internet, as well as training critical infrastructure hackers.
A hacking group with apparent ties to Russia or Belarus has been using "simple yet effective attack techniques and tools" to gain access to multiple governments' email systems as part of apparent cyberespionage operations in support of Russia's invasion of Ukraine, researchers warn.
North Korean hackers are stealing cryptocurrency to fund operations under an apparent mandate from Pyongyang to be self-sufficient, threat intel firm Mandiant says. The regime probably expected its hackers to pay their own way before 2020, but the novel coronavirus pandemic exacerbated its demands.
The U.S. government limited its use of advanced surveillance software such as Pegasus through an executive order prohibiting agencies from buying licenses for spyware used by foreign governments to spy on dissidents. The order does not outright stop the government from purchasing spyware.
The United States sent its top cyber offensive team to NATO ally Albania to help secure the nation's critical infrastructure networks. The Cyber National Mission Force helped find cyberthreats and vulnerabilities on networks likely targeted last year by Iranian threat actors.
In the latest weekly update, ISMG editors discuss how Russia's invasion of Ukraine upended the cybercrime ecosystem, a lawsuit against a U.S. cardiovascular clinic that seeks a long list of security improvements, and the latest endpoint protection technology trends in the Gartner Magic Quadrant.
Security researchers uncovered a Pakistani cyberespionage group employing fresh tactics to target workers at India's Defense Research and Development Organization and steal sensitive military secrets. A new campaign uses a PowerPoint file containing information about the India-developed K-4 missile.
Europe's cybersecurity agency predicts hackers will take advantage of the growing overlap between information and operational technologies in the transport sector and disrupt OT processes in a targeted attack. Ransomware will become a tool wielded for political and financial motivations, says ENISA.
Russia's invasion of Ukraine in 2022 threw Russia's cybercrime ecosystem into a state of upheaval that still exists to this day. "We identified disruptions to literally every single form of commodified cybercrime," said Alexander Leslie, associate threat intelligence analyst at Recorded Future.
Last year was another bonanza in zero-days for Chinese state hackers, say security researchers in a report predicting a permanent uptick in nation-state exploitation of yet-unpatched vulnerabilities. "Attackers seek stealth and ease of exploitation," writes cybersecurity firm Mandiant.