August 2024 – Threat Note

From The Hacker News – North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit

A recently patched security flaw in Google Chrome and other Chromium web browsers was exploited as a zero-day by North Korean actors in a campaign designed to deliver the FudModule rootkit. The development is indicative of the persistent efforts made by the nation-state adversary, which had made a habit of incorporating rafts of Windows zero-day exploits into its arsenal in recent months.

Samir K August 31, 2024

News

From Cybercrime Magazine – ‘Time-Travelling’ Software Could Bankrupt Hackers

This week in cybersecurity from the editors at Cybercrime Magazine – Read the Full Story in Newsweek Sausalito, Calif. – Aug. 31, 2024 Ionir, developers of a cloud-based data services…

Samir K August 31, 2024

News

From Dark Reading – Check Point, Cisco Boost AI Investments with Latest Deals

Cisco's deal to acquire Robust Intelligence will make it possible to use red team algorithms to assess risk in AI models and applications, while Check Point’s acquisition of Cyberint will…

Samir K August 31, 2024

Articles

From Schneier on Security – Friday Squid Blogging: Economic Fallout from Falklands Halting Squid Fishing

Details. Blog moderation policy. Read More

Samir K August 31, 2024

News

From Security Week – Microsoft Says North Korean Cryptocurrency Thieves Behind Chrome Zero-Day

[[{"value":"Redmond's threat intel team said exploitation of CVE-2024-7971 can be attributed to a North Korean APT targeting the cryptocurrency sector for financial gain. The post Microsoft Says North Korean Cryptocurrency…

Samir K August 31, 2024

News

From Dark Reading – Commercial Spyware Vendors Have a Copycat in Top Russian APT

Russia's Midnight Blizzard infected Mongolian government websites to try to compromise the devices of visitors, using watering-hole tactics. Read More

Samir K August 30, 2024

Toolkit

From Dark Reading – ‘Voldemort’ Malware Curses Orgs Using Global Tax Authorities

The global malware campaign (that must not be named?) is targeting organizations by impersonating tax authorities, and using custom tools like Google Sheets for command and control. Read More

Samir K August 30, 2024

News

From Dark Reading – Commercial Spyware Vendors Have a Copycat in Top Russian APT

Russia's Midnight Blizzard infected Mongolian government websites to try to compromise the devices of visitors, using watering-hole tactics. Read More

Samir K August 30, 2024

News

From Dark Reading – NASA Focuses on Cybersecurity of its Mission-Critical Software

The software verification and validation efforts helps NASA improve the safety and cost-effectiveness of its mission critical software. Cybersecurity is now part of the evaluation. Read More

Samir K August 30, 2024

Research

From Dark Reading – Why Identity Teams Need to Start Reporting to the CISO

Identity management sits with IT for good reason, but now that identity is the common denominator in every attack, it's time identity security was owned by a leader with a…

Samir K August 30, 2024

Toolkit

From The Hacker News – Cyberattackers Exploit Google Sheets for Malware Control in Global Espionage Campaign

Cybersecurity researchers have uncovered a novel malware campaign that leverages Google Sheets as a command-and-control (C2) mechanism. The activity, detected by Proofpoint starting August 5, 2024, impersonates tax authorities from governments in Europe, Asia, and the U.S., with the goal of targeting over 70 organizations worldwide by means of a bespoke tool called Voldemort that's equipped to

Samir K August 30, 2024

Vulnerabilities

From Cybersecurity Help – Cyber Security Week in Review: August 30, 2024

Google addresses yet another Chrome zero-day, Russian hackers caught using commercial spyware to compromise victims, and more. Read More

Samir K August 30, 2024

Research

From Cybercrime Magazine – The Complete Guide to Ransomware Recovery and Prevention

This week in cybersecurity from the editors at Cybercrime Magazine – Read the Full Story in BackBlaze Sausalito, Calif. – Aug. 30, 2024 Cybersecurity Ventures predicts that global ransomware costs will…

Samir K August 30, 2024

News

From Security Week – In Other News: Automotive CTF, Deepfake Scams, Singapore’s OT Security Masterplan

[[{"value":"Noteworthy stories that might have slipped under the radar: automotive CTF with $100k in prizes, deepfake scams, and Singapore’s OT security masterplan for 2024. The post In Other News: Automotive…

Samir K August 30, 2024

Breaches

From Security Week – BlackByte Ransomware Gang Believed to Be More Active Than Leak Site Suggests

[[{"value":"Cisco Talos has a blog post on the BlackByte ransomware group’s continuing evolution and new TTPs. The post BlackByte Ransomware Gang Believed to Be More Active Than Leak Site Suggests…

Samir K August 30, 2024