February 16, 2023Rabbi LakshmananSupply Chain / Software Security A popular npm package that is downloaded over 3.5 million times each week has been found vulnerable to an account takeover attack. Illustria, a software supply chain security firm, said in a…
A group calling themselves ‘Anonymous Sudan’ claimed responsibility for a cyberattack that took the website of Scandinavian Airlines (SAS) offline earlier this week and exfiltrated customer data. In a statement posted on the airline’s website, the airline said it and…
Two Business Email Compromise (BEC) groups have been observed using executive impersonation to attack companies around the world. The findings come from security researchers at Abnormal Security, a threat actor dubbed “Midnight Hedgehog,” who specializes in payment fraud, and “Mandarin…
February 16, 2023Rabbi LakshmananCritical Infrastructure / Cyber Security Security researchers have uncovered two new vulnerabilities affecting Schneider Electric Modicon programmable logic controllers (PLCs). This may allow authentication bypass and remote code execution. The flaws tracked as CVE-2022-45788 (CVSS score: 7.5)…
According to Chainalysis, nearly a quarter (24%) of cryptocurrency tokens issued last year showed telltale signs of a pump-and-dump scam scheme. Pump-and-dump schemes are common in traditional finance. Scammers typically sell their assets to other investors, driving prices up rapidly.…
February 16, 2023Rabbi LakshmananAd Fraud/Malware Chinese-speaking individuals in Southeast and East Asia are being targeted by a new malicious Google Ads campaign that delivers remote access Trojans such as FatalRAT to compromised machines. The attack involved buying ad slots displayed…
Security teams typically have excellent visibility into most areas, including corporate networks, endpoints, servers, and cloud infrastructure. Use this visibility to enforce necessary security and compliance requirements. However, this does not apply to sensitive data in production databases, analytical databases,…
Security researchers warn that more and more versatile malware variants are now capable of performing multiple malicious actions throughout the cyber kill chain. Picus Security red report 2023 Last year, we analyzed over 500,000 malware samples, identified their tactics, techniques,…
February 16, 2023Rabbi LakshmananCyber Attack / Ransomware Over 500 hosts were compromised en masse by the new ESXiArgs ransomware strain. Most of them are in France, Germany, Holland, UK, and Ukraine. The findings, attributed to attack surface management firm Censys,…
An independent government surveillance agency has expressed serious concern over the widespread use of Chinese-made surveillance cameras by British police. The Biometrics and Surveillance Camera Commissioner (OBSCC) received responses from 39 of the 47 local police, as well as from…
All Rights Reserved. Kowatek Blog by IWUCHI
Home | About Us | Disclaimer | Privacy Policy | Contact Us
