Category Security

Mar 05, 2024NewsroomAttack Surface / Exposure Management Startups and scales-ups are often cloud-first organizations and rarely have sprawling legacy on-prem environments. Likewise, knowing the agility and flexibility that cloud environments provide, the mid-market is predominantly running in a hybrid state,…

Hackers operating from Ukraine’s Main Intelligence Directorate (GUR) have claimed another scalp; the Russian Ministry of Defense (MoD). The GUR, part of Kyiv’s Ministry of Defense, said a “special operation” enabled it to breach the servers of the Russian MoD…

Mar 05, 2024NewsroomEmail Security / Network Security The threat actor known as TA577 has been observed using ZIP archive attachments in phishing emails with an aim to steal NT LAN Manager (NTLM) hashes. The new attack chain “can be used…

Software developer JetBrains has warned users of its popular TeamCity CI/CD tool that they should prioritize patching of two new vulnerabilities or risk compromise. Discovered by Rapid7 last month, the bugs are listed as CVE-2024-27198 and CVE-2024-27199. The security vendor…

Mar 05, 2024NewsroomVulnerability / Network Security A new pair of security vulnerabilities have been disclosed in JetBrains TeamCity On-Premises software that could be exploited by a threat actor to take control of affected systems. The flaws, tracked as CVE-2024-27198 (CVSS…

Cybersecurity researchers at Proofpoint have uncovered a new tactic employed by cybercriminal threat actor TA577, shedding light on a lesser-seen objective in their operations.  The group was found utilizing an attack chain aimed at stealing NT LAN Manager (NTLM) authentication…

Researchers have developed a computer worm that targets generative AI (GenAI) applications to potentially spread malware and steal personal data. The new paper details the worm dubbed “Morris II,” which targets GenAI ecosystems through the use of adversarial self-replicating prompts,…

The cyber threat actor known as NoName057(16) has been observed changing tactics amid the escalating conflict between Ukraine and Russia. The group has gained notoriety for their involvement in Project DDoSia, an initiative aimed at executing large-scale distributed denial-of-service (DDoS) attacks…

Cybercriminals are using a network of hired money mules in India using an Android-based application to orchestrate a massive money laundering scheme. The malicious application, called XHelper, is a “key tool for onboarding and managing these money mules,” CloudSEK researchers…

The Predator spyware, at the heart of the Predator Files affair in 2023, is still used in many countries, according to cybersecurity provider Recorded Future. The spyware developer Cytrox and its umbrella organization Intellexa were associated with human rights violations…