Suspected Russian threat actors are targeting Eastern European users of the cryptocurrency industry to install information-stealing malware on compromised hosts, baiting bogus job opportunities. In a report this week, Trend Micro researchers Aliakbar Zahravi and Peter Girnus wrote that attackers…
February 11, 2023Rabbi LakshmananThreat Response / Vulnerability The US Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of exploits in the wild. All three contain CVE-2022-24990. This is…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a new Cybersecurity Advisory (CSA) Thursday against entities in the critical infrastructure sector against ongoing North Korean government-backed ransomware. Warned against activity. part of #StopRansomware Campaign, the new recommendations are the…
Want to sell cocaine, ecstasy (MDMA), meth, or magic mushrooms? Twitter might be the place for you. Also, the site does not close accounts. We heard from one reader that he was actively proposing the sale of illegal drugs and…
Reddit suffered a cyberattack on February 5, 2005 after its internal systems were compromised. This was due to a “sophisticated” and “targeted” phishing attack that led to the exposure of employee credentials. “In an attempt to steal credentials and second-factor…
February 10, 2023Rabbi LakshmananSupply Chain / Software Security 4 different bad packages in the Python Package IndexPyPI) has been known to perform a number of malicious actions, including dropping malware, deleting the netstat utility, and manipulating SSH’s authorized_keys file. The…
A Dallas agency has admitted to paying hackers $170,000 after being hit by a ransomware attack. The Dallas Central Appraisal District (DCAD), which determines the value of all county real estate and personal property for tax purposes, announced that it…
A package called ‘aabquerys’ was discovered in an open-source JavaScript npm repository that uses typosquatting techniques to allow the download of malicious components. The findings are from the following security researchers: reversing labThey stated that aabquerys was able to download…
Here are the three worst breaches, 2022 attacker tactics and techniques, and the security controls that can provide effective enterprise security protection against them. #1: Two RaaS Attacks in 13 Months Ransomware as a service is a type of attack…
Security researchers have discovered a new financially motivated threat group that uses custom tools to identify and track high-value targets for information theft. The group, dubbed TA866 by Proofpoint, may have been active since 2019, but its most recent activity…
All Rights Reserved. Kowatek Blog by IWUCHI
Home | About Us | Disclaimer | Privacy Policy | Contact Us
