An RA World ransomware attack in November 2024 targeting an unnamed Asian software and services company involved the use of a malicious tool exclusively used by China-based cyber espionage groups, raising the possibility that the threat actor may be moonlighting…
A new alert from the US Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) has outlined strategies to eliminate buffer overflow vulnerabilities in software. Part of the Secure by Design Alert series, the report published on…
Feb 13, 2025Ravie LakshmananWeb Security / Cloud Security A widespread phishing campaign has been observed leveraging bogus PDF documents hosted on the Webflow content delivery network (CDN) with an aim to steal credit card information and commit financial fraud. “The…
The US Coast Guard has been urged to improve the cybersecurity infrastructure of the Maritime Transportation System (MTS), which includes ports, waterways, and vessels essential for transporting over $5.4 trillion worth of goods annually. The Government Accountability Office (GAO) has…
Losses to romance baiting, or pig butchering, scams increased 40% year-on-year (YoY) in 2024 to comprise a third of total crypto fraud revenue, according to Chainalysis. A day before Valentine’s Day, the blockchain analytics company revealed the darker side of…
Feb 13, 2025Ravie LakshmananUnited States A nation-state threat actor with ties to North Korea has been linked to an ongoing campaign targeting South Korean business, government, and cryptocurrency sectors. The attack campaign, dubbed DEEP#DRIVE by Securonix, has been attributed to…
A sophisticated new phishing tool dubbed “Astaroth” has emerged on cybercrime platforms, boasting advanced methods to bypass two-factor authentication (2FA). First advertised in January 2025, the kit employs session hijacking and real-time credential interception to compromise accounts on Gmail, Yahoo,…
Feb 13, 2025The Hacker NewsApplication Security / DevOps Ever felt like your team is stuck in a constant battle? Developers rush to add new features, while security folks worry about vulnerabilities. What if you could bring both sides together without…
A 48-year-old woman from Arizona has pleaded guilty to charges related to a criminal scheme which saw North Korean IT workers employed remotely by hundreds of US companies. Christian Marie Chapman, of Litchfield Park, Arizona, is said to have helped…
Researchers have uncovered a highly sophisticated North Korean campaign to covertly distribute crypto-stealing malware via open source components. SecurityScorecard said in a blog post published this morning that it suspects the infamous Lazarus Group of being behind the live campaign,…
All Rights Reserved. Kowatek Blog by IWUCHI
Home | About Us | Disclaimer | Privacy Policy | Contact Us
