Author: Admin

A freelance Chinese APT group is actively managing a library of compromised code-signing digital certificates to support cyber-espionage attacks targeting supply chain vendors, according to Venafi. The security vendor’s latest research report details the work of APT41, an unusual group in that it has previously been observed carrying out attacks for both traditional state-sponsored cyber-espionage and personal financial gain. Venafi claimed that using the certificates and keys that authenticate pieces of code are a key part of its tactics….

Getty Your employees are your biggest vulnerability. Often, these are genuine mistakes: people accidentally falling for phishing attacks or mistakenly leaking data. Occasionally, employees also intentionally break the rules. Regardless of their intent, individuals create risk every day for your business — while simply doing their jobs. In fact, research finds 83% of organizations experienced a serious incident caused by human error. The 2021 Egress Insider Data Breach Survey also finds 73% of enterprises have…

A North Korean cyber-operations group has increased its focus on cyber espionage and targeting diplomats and regional experts, using captured user credentials to fuel phishing attacks and only rarely using malware to persist in targeted organizations. A new report by message-security firm Proofpoint, which focused on a single subgroup of what other security firms call Kimsuky, found that the North Korean group mainly targets individuals in the United States, Russia, and China, and usually attempts…

Suspected government-backed hackers from North Korea launched almost weekly cyberattacks on a wide array of targets throughout the first half of 2021, according to research released on Thursday by security firm Proofpoint. The group, dubbed TA406, engaged in espionage, digital crime, and sextortion. It conducted frequent credential phishing campaigns against foreign policy experts and non-governmental groups whose work related to the Korean peninsula, as well as journalists and academics. Researchers also uncovered, for the first…

News Detail VMware Carbon Black Cloud and VMware Tanzu now available in AWS Marketplace PALO ALTO, Calif.–(BUSINESS WIRE)– VMware, Inc. (NYSE:VMW) is making it easier for Amazon Web Services (AWS) customers to purchase and deploy VMware Cross-Cloud services to support their AWS environments. VMware Cross-Cloud services help AWS customers drive digital innovation with enterprise control. This press … Thu, 18 Nov 2021 00:00:00 VMware Carbon Black Cloud and VMware Tanzu now available in AWS Marketplace…

Hackers linked to the North Korean regime waged weekly hacking campaigns in 2021, producing a noticeable uptick in activity from years past, cybersecurity company Proofpoint said in a new report Thursday. Proofpoint analysts have tracked the hacker group called TA406 since 2018, but the volume of their work remained low until 2021 when the hackers began weekly campaigns targeting nongovernmental organizations, foreign policy experts and journalists. The hackers adopted false personas and targeted people in…

Written by AJ Vicens Nov 18, 2021 | CYBERSCOOP A North Korean cyber espionage group known primarily for targeting think tanks, advocacy groups, journalists and others related to Pyongyang’s adversaries around the world has been quite prolific in 2021, according to email security firm Proofpoint. The stepped-up action includes launching near-weekly attacks, among them two previously unreported campaigns. In findings published Thursday, the firm examined the activities of a group it refers to as TA406,…

Security researchers have started to see a thawing of relations between Russian and Chinese and English-speaking threat actors. The Russian-speaking cybercrime world has hitherto been fairly closed to actors from other regions. However, Flashpoint claimed to have seen a more inclusive approach adopted of late, especially on the Ramp forum. “In October, Ramp administrators made changes to the forum’s interface that make it more accessible to Chinese-speaking and English-speaking threat actors,” the threat intelligence firm…

Ransomware gangs can now afford to pay as much as $10m for zero-day exploits, but for those without the money, developers have discussed renting out malicious code, according to Digital Shadows. The threat intelligence firm’s new report ⁠–⁠ Vulnerability Intelligence, Do You Know Where Your Flaws Are? ⁠–⁠ is based on a detailed analysis of the cybercrime underground. It confirmed that ransomware actors are now wealthy enough to compete with state-backed operatives in buying zero-days. “These prices can appear enormous…