US and Australian government agencies have urged critical infrastructure organizations to protect against new tactics employed by the BianLian ransomware group. These updated tactics, techniques and procedures (TTPs) include shifting exclusively to exfiltration-based extortion and leveraging new approaches for initial…
Nov 21, 2024Ravie LakshmananMalware / Cyber Fraud Threat actors with ties to the Democratic People’s Republic of Korea (DPRK) are impersonating U.S.-based software and technology consulting businesses in order to further their financial objectives as part of a broader information…
Read more about Lumma Stealer: Instant messaging app Telegram is gaining traction as a malware-spreading platform, according to cybersecurity firm McAfee. Two McAfee researchers analyzed in a November 20 blog post how Lumma Stealer, one of the most used infostealers,…
New research has uncovered more than 145,000 internet-exposed Industrial Control Systems (ICS) across 175 countries, with the U.S. alone accounting for over one-third of the total exposures. The analysis, which comes from attack surface management company Censys, found that 38%…
A large number of UK enterprises could face major regulatory penalties after admitting they are “not sure” if the new EU NIS 2 Directive applies to their business, a new study has revealed. Cybersecurity consultancy Green Raven polled 200 cybersecurity…
Nov 21, 2024Ravie LakshmananArtificial Intelligence / Software Security Google has revealed that its AI-powered fuzzing tool, OSS-Fuzz, has been used to help identify 26 vulnerabilities in various open-source code repositories, including a medium-severity flaw in the OpenSSL cryptographic library. “These…
Threat hunters are warning about an updated version of the Python-based NodeStealer that’s now equipped to extract more information from victims’ Facebook Ads Manager accounts and harvest credit card data stored in web browsers. “They collect budget details of Facebook…
In our latest episode we discuss how a woman hid under the bed after scammers told her she was under “digital arrest”, how hackers are hijacking YouTube channels through malicious sponsorship deals, and how one phone company is turning the…
Fraudsters are using deepfake technology with growing frequency to help them bypass digital identity verification checks, Entrust has warned. The identity security specialist revealed the findings in its Entrust Onfido 2025 Identity Fraud Report yesterday. It is based on data…
Security researchers have uncovered a surprising new attack methodology for illegal sports streaming, which uses hijacked Jupyter servers. Aqua Security threat hunters used information gathered from the vendor’s honeypots to discover the campaign. They found “several dozen events” where legitimate…
All Rights Reserved. Kowatek Blog by IWUCHI
Home | About Us | Disclaimer | Privacy Policy | Contact Us
