#threat actors
#threat actors

CISA sounds alarm on critical GitLab flaw under active exploit

Organizations should promptly apply security updates in response to active exploitation attempts. [ more ]

ComputerWeekly.com

1 week ago

Ransomware payment bans need universal buy-in | Computer Weekly

Banning ransomware payments is crucial to disrupt cyber criminals and protect organizations from repeated attacks. [ more ]

ComputerWeekly.com

1 month ago

NCSC reaffirms guidance for those at risk of Chinese state hacking | Computer Weekly

The NCSC reaffirms guidance for individuals at high risk of targeted hacking by Chinese threat actors like APT31.

NCSC highlights China's malicious activities, including transnational repression and espionage, against UK institutions and pro-democracy activists. [ more ]

Forbes

Council Post: AI Is Here: Prioritizing Cyber Resilience In 2024 And Beyond

Cybersecurity landscape is rapidly evolving with expanding threat surfaces

Emphasis on cyber resilience is crucial in combating sophisticated cyber threats [ more ]

Entrepreneur

What Business Leaders Need to Know About the 'Mother of All Breaches' | Entrepreneur

The dataset contains 26 billion leaked entries from various platforms.

The breach presents a massive threat to personal information and corporate security, providing a toolkit for cyberattacks. [ more ]

CyberScoop

3 months ago

CISA issues emergency directive for federal agencies to patch Ivanti VPN vulnerabilities

The Cybersecurity and Infrastructure Security Agency issued an emergency directive for federal agencies to patch their systems against a zero-day exploit in a VPN software.

The vulnerabilities in the software were publicly released by the software company on Jan. 10, and so far, the campaign has impacted at least 2,100 devices worldwide. [ more ]

morecybersecurity

ransomware

ComputerWeekly.com

Black Basta, Bl00dy ransomware gangs exploiting ConnectWise vulns | Computer Weekly

Ransomware gangs exploit ConnectWise ScreenConnect vulnerabilities with high CVE scores.

Multiple threat actors using leaked build of LockBit target unpatched organizations. [ more ]

Ars Technica

3 months ago

Artificial intelligence

AI will increase the number and impact of cyber attacks, intel officers say

Ransomware is predicted to be the biggest threat to benefit from AI in the next two years

AI will enhance existing threats, not transform the risk landscape [ more ]

Databreaches

4 months ago

Privacy technologies

Follow-on extortion campaign: confirmation of some findings by Arctic Wolf

Threat actors are using ethical researcher personas to extort money from ransomware victims.

Arctic Wolf Labs and DataBreaches believe that the same threat actor is behind multiple cases of secondary extortion. [ more ]

Dark Reading

Citrix Bleed Bug Inflicts Mounting Wounds, CISA Warns

Ransomware affiliates are increasingly targeting the Citrix Bleed vulnerability, prompting warnings from CISA and Citrix to address the issue.

The Citrix Bleed bug allows threat actors to bypass password requirements and multifactor authentication, leading to session hijacking and unauthorized access to data and resources.

LockBit 3.0 gang and its affiliates have formed a 'strike team' specializing in weaponizing Citrix Bleed, potentially staffed by teenagers. [ more ]

moreransomware

ComputerWeekly.com

3 weeks ago

Artificial intelligence

Threat actors look to stolen credentials | Computer Weekly

Cyber criminals are increasingly using valid accounts to breach corporate networks, necessitating a focus on distinguishing between legitimate and malicious user activity. [ more ]

Ars Technica

Never-before-seen Linux malware gets installed using 1-day exploits

Linux malware, NerbianRAT, circulated for at least two years

CheckPoint identified Magnet Goblin using 1-day vulnerabilities to deliver Linux malware [ more ]

TechRepublic

CrowdStrike 2024 Global Threat Report: 6 Key Takeaways

Identity-based attacks remain prevalent

Cloud environment intrusions up by 75% from 2022 to 2023

Third-party relationships exploited for easier attacks [ more ]

ComputerWeekly.com

Hunter-killer malware volumes seen surging | Computer Weekly

A specialised hunter-killer malware is on the rise, capable of disabling key cybersecurity tools.

This type of malware is designed to evade security tools and bring them down, demonstrating a shift in threat actors' tactics. [ more ]

Databreaches

Ransomware gang claims to have stolen Crystal Lake Health Centers data

Crystal Lake Health Centers in Michigan has experienced a data breach and has been compromised by the Hunters International threat actors.

Hunters International is demanding a fee in exchange for returning the stolen data and providing tools and reports to protect Crystal Lake Health Centers.

DataBreaches has confirmed that real data from Crystal Lake Health Centers has been posted by Hunters International on their leak site. [ more ]

ComputerWeekly.com

North Korean APTs go all in on supply chain attacks, warns NCSC | Computer Weekly

North Korea-backed threat actors are targeting software supply chains to attack organizations globally.

The NCSC and NIS warn that these threat actors are becoming more adept at leveraging zero-day vulnerabilities and exploits.

The attacks align with North Korea's priorities of revenue generation and theft of intellectual property. [ more ]

ComputerWeekly.com

Rogue state-aligned actors are most critical cyber threat to UK | Computer Weekly

The UK's critical national infrastructure faces an enduring and significant threat from state-aligned threat actors ramping up cyber activity.

The NCSC warns that the UK needs to enhance cyber resilience in industries such as energy, water supply, communications, logistics, and financial services.

The annual report highlights the emergence of a new class of cyber adversary in the form of state-aligned actors who are ideologically motivated. [ more ]

Developer Tech News

3 months ago