February 2023 – Page 4 – Learn and Explore

February 22, 2023
Uncategorized

U.S. Cybersecurity Agency CISA Adds Three New Vulnerabilities in KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of shortcomings is as follows – CVE-2022-47986 (CVSS score: 9.8) – IBM Aspera Faspex Code Execution Vulnerability CVE-2022-41223 (CVSS score: 6.8) – Mitel MiVoice...

February 22, 2023
Uncategorized

VMware Patches Critical Vulnerability in Carbon Black App Control Product

VMware on Tuesday released patches to address a critical security vulnerability affecting its Carbon Black App Control product. Tracked as CVE-2023-20858, the shortcoming carries a CVSS score of 9.1 out of a maximum of 10 and impacts App Control versions 8.7.x, 8.8.x, and 8.9.x. The virtualization services provider describes the...

February 21, 2023
Uncategorized

The Future of Network Security: Predictive Analytics and ML-Driven Solutions

As the digital age evolves and continues to shape the business landscape, corporate networks have become increasingly complex and distributed. The amount of data a company collects to detect malicious behaviour constantly increases, making it challenging to detect deceptive and unknown attack patterns and the so-called “needle in the...

February 21, 2023
Uncategorized

MyloBot Botnet Spreading Rapidly Worldwide: Infecting Over 50,000 Devices Daily

A sophisticated botnet known as MyloBot has compromised thousands of systems, with most of them located in India, the U.S., Indonesia, and Iran. That’s according to new findings from BitSight, which said it’s “currently seeing more than 50,000 unique infected systems every day,” down from a high of 250,000 unique hosts...

February 21, 2023
Uncategorized

Coinbase Employee Falls for SMS Scam in Cyber Attack, Limited Data Exposed

Popular cryptocurrency exchange platform Coinbase disclosed that it experienced a cybersecurity attack that targeted its employees. The company said its “cyber controls prevented the attacker from gaining direct system access and prevented any loss of funds or compromise of customer information.” The incident, which took place on February 5, 2023, resulted...

February 21, 2023
Uncategorized

Researchers Discover Dozens Samples of Information Stealer ‘Stealc’ in the Wild

A new information stealer called Stealc that’s being advertised on the dark web could emerge as a worthy competitor to other malware of its ilk. “The threat actor presents Stealc as a fully featured and ready-to-use stealer, whose development relied on Vidar, Raccoon, Mars, and RedLine stealers,” SEKOIA said in a Monday report. The French cybersecurity company said...

February 21, 2023
Uncategorized

Researchers Warn of ReverseRAT Backdoor Targeting Indian Government Agencies

A spear-phishing campaign targeting Indian government entities aims to deploy an updated version of a backdoor called ReverseRAT. Cybersecurity firm ThreatMon attributed the activity to a threat actor tracked as SideCopy. SideCopy is a threat group of Pakistani origin that shares overlaps with another actor called Transparent Tribe. It is so named for...

February 20, 2023
Uncategorized

Norway Seizes $5.84 Million in Cryptocurrency Stolen by Lazarus Hackers

Norwegian police agency Økokrim has announced the seizure of 60 million NOK (about $5.84 million) worth of cryptocurrency stolen by the Lazarus Group in March 2022 following the Axie Infinity Ronin Bridge hack. “This case shows that we also have a great capacity to follow the money on the...

February 20, 2023
Uncategorized

Cyber Espionage Group Earth Kitsune Deploys WhiskerSpy Backdoor in Latest Attacks

The cyber espionage threat actor tracked as Earth Kitsune has been observed deploying a new backdoor called WhiskerSpy as part of a social engineering campaign. Earth Kitsune, active since at least 2019, is known to primarily target individuals interested in North Korea with self-developed malware such as dneSpy and agfSpy. Previously documented intrusions...

February 20, 2023
Uncategorized

Google Reveals Alarming Surge in Russian Cyber Attacks Against Ukraine

Russia’s cyber attacks against Ukraine surged by 250% in 2022 when compared to two years ago, Google’s Threat Analysis Group (TAG) and Mandiant disclosed in a new joint report. The targeting, which coincided and has since persisted following the country’s military invasion of Ukraine in February 2022, focused heavily on the Ukrainian government...