Author: Admin

Kaseya has released a security update to address the VSA zero-day vulnerabilities exploited by REvil gang in the massive ransomware supply chain attack. Software vendor Kaseya has released a security update to fix the zero-day vulnerabilities in its VSA software that were exploited by the REvil ransomware gang in the massive ransomware supply chain attack. The company announced last week that fewer than 60 of its customers and less than 1,500 businesses have been impacted…

Cyber News reports that this is the third time in four months that member information has shown up on a hacker forum. Image: iStock/iBrave A data set including information from 600 million LinkedIn users showed up for sale on a hacker forum this week. That’s the third time in four months that scraped data from the networking site has been offered up for sale, according to a report from Cyber News.  The data is all…

Guest post by Liran Tal, Snyk Director of Developer Advocacy  Docker is totalling up to more than 318 billion downloads of container images. With millions of applications available on Docker Hub, container-based applications are popular and make an easy way to consume and publish applications. That being said, the naive way of building your own Docker Node.js web applications may come with many security risks. So, how do we make security an essential part of…

WASHINGTON – A notorious group of hackers tied to Iran’s Islamic Revolutionary Guard Corps has waged a covert campaign targeting university professors and other experts based in the U.K. and the U.S. in an attempt to steal their sensitive information, according to research by the cybersecurity firm Proofpoint.    The group, known as TA453 and Charming Kitten, has been masquerading as British scholars at the University of London’s School of Oriental and African Studies (SOAS)…

Image: Sobhan Farajvan/Pacific Press/LightRocket via Getty Images Hacking. Disinformation. Surveillance. CYBER is Motherboard’s podcast and reporting on the dark underbelly of the internet. Iranian hackers with links to the country’s Islamic Revolutionary Guard Corps impersonated two academics in an attempt to hack journalists, think tank analysts, and other academics, according to a new report. In early 2021, the hackers—dubbed inside the industry as Charming Kitten or TA453—sent emails to targets pretending to be Dr. Hanns Bjoern…

The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, Data Theft, Malicious Apps, Middle East, Phishing, Targeted Campaigns, and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity. Figure 1 – IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats…

Many security executives have fundamental familiarity with the MITRE ATT&CK framework, although most perceive it within a narrow set of use cases specific to deeply-technical cyber threat intelligence (CTI) analysts. The truth though, is that when integrated into overall security operations, it can produce profound security and risk benefits. What is MITRE ATT&CK? MITRE ATT&CK serves as a global knowledge base for understanding threats across their entire lifecycle. The framework’s differentiator is its focus on…