Threat hunters have uncovered a new threat actor named UAT-5918 that has been attacking critical infrastructure entities in Taiwan since at least 2023. “UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to conduct post-compromise activities to establish persistence in […]
Category Archives: News
Valve has removed a game titled ‘Sniper: Phantom’s Resolution’ from the Steam store following multiple user reports that indicated its demo installer actually infected their systems with information stealing malware. […]
Originally published by Synack. New year, new regulations. In late December 2024, the U.S. Department of Health and Human Services (HHS) issued a proposal to modify the Health Insurance Portability and Accountability Act’s (HIPAA) Security Rule, with an overarching goal of strengthening the cybersecurity programs of healthcare organizations and protecting patient data from malicious adversaries. […]
The threat actors behind the Medusa ransomware-as-a-service (RaaS) operation have been observed using a malicious driver dubbed ABYSSWORKER as part of a bring your own vulnerable driver (BYOVD) attack designed to disable anti-malware tools. Elastic Security Labs said it observed a Medusa ransomware attack that delivered the encryptor by means of a loader packed using […]
Originally published by Koat. What is an AI Agent? AI agents are advanced autonomous systems designed to perform specific tasks, make decisions, and collaborate with humans and other AI systems. Unlike traditional automation tools, they have machine learning, natural language processing (NLP), and decision-making capabilities, allowing them to adapt and learn with minimal human […]
After conducting over 10,000 automated internal network penetration tests last year, vPenTest has uncovered a troubling reality that many businesses still have critical security gaps that attackers can easily exploit. Organizations often assume that firewalls, endpoint protection, and SIEMs are enough to keep them secure. But how effective are these defenses when put to the […]
The China-linked advanced persistent threat (APT) group. known as Aquatic Panda has been linked to a “global espionage campaign” that took place in 2022 targeting seven organizations. These entities include governments, catholic charities, non-governmental organizations (NGOs), and think tanks across Taiwan, Hungary, Turkey, Thailand, France, and the United States. The activity, which took place
Two known threat activity clusters codenamed Head Mare and Twelve have likely joined forces to target Russian entities, new findings from Kaspersky reveal. “Head Mare relied heavily on tools previously associated with Twelve. Additionally, Head Mare attacks utilized command-and-control (C2) servers exclusively linked to Twelve prior to these incidents,” the company said. “This suggests
20
Mar
Mar
We launched an experiment measuring the value of European news results for Google which showed that European news content in Search has no measurable impact on ad revenu…
Two now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center. The two critical-rated vulnerabilities in question are listed below – CVE-2024-20439 (CVSS score: 9.8) – The presence of an undocumented static user credential for an administrative account that an attacker could exploit to log in […]