In an open letter, the White House this week urged corporate executives and business leaders to take the appropriate measures to protect their organizations against ransomware attacks, only days after meat-packaging giant JBS fell victim to such an attack. The memo, signed by Anne Neuberger, deputy national security advisor for cyber and emerging technology, mentions ..
A new piece of ransomware named Epsilon Red has been used to target at least one organization in the United States, and its operators have apparently already made a significant profit. Cybersecurity firm Sophos reported last week that Epsilon Red operators have been spotted targeting a US-based company in the hospitality sector. The cryptocurrency address ..
An alert released on Friday by the FBI and the DHS’s Cybersecurity and Infrastructure Security Agency (CISA) revealed that the number of organizations targeted in a recent attack abusing a legitimate email marketing service was higher than initially reported. Microsoft reported last week that the Russia-linked threat actor it tracks as Nobelium, which is believed ..
One of the Chinese threat actors targeting Pulse Secure VPN appliances via a recently disclosed vulnerability has been attempting to cover its tracks by removing its webshells from victim networks, FireEye reports. Tracked as CVE-2021-22893, the vulnerability was made public in late April, after security researchers discovered that threat actors had already been exploiting it ..
The FBI on Thursday published indicators of compromise (IOCs) associated with the continuous exploitation of Fortinet FortiOS vulnerabilities in attacks targeting commercial, government, and technology services networks. In early April, the FBI along with the Cybersecurity and Infrastructure Security Agency (CISA) warned that threat actors had been targeting serious security holes in Fortinet’s flagship operating ..
The Russia-linked threat group believed to be behind the SolarWinds attack has been observed launching a new campaign this week. The attacks have targeted the United States and other countries, and involve a legitimate mass mailing service and impersonation of a government agency. The latest attacks were analyzed by Microsoft, which tracks the threat actor ..
Vulnerabilities in Visual Studio Code extensions could be exploited by malicious attackers to steal valuable information from developers and even compromise organizations, researchers with open-source software security firm Snyk say. Generally considered secure, VS Code extensions could expose millions of developers to malicious attacks, potentially leading to the compromise of information stored on developer machines, ..
The U.S. National Aeronautics and Space Administration (NASA) identified more than 6,000 cyber-related incidents in the last four years, according to a report published this month by NASA’s Office of Inspector General. NASA has institutional systems, which are used for the day-to-day work of employees — these include data centers, web services, computers and networks. ..
Microsoft this week announced the availability of SimuLand, an open source tool that enables security researchers to reproduce attack techniques in lab environments. The purpose of SimuLand, Microsoft says, is to help understand the behavior and functionality of threat actors’ tradecraft, to find mitigations and validate existing detection capabilities, and to identify and share data ..
The FluBot Android malware is spreading fast across Europe using an SMS package delivery scheme and it’s soon expected to arrive in the United States as well, cybersecurity company Proofpoint warned this week. Initially observed in Spain, FluBot has since expanded operations to reach Germany, Hungary, Italy, Poland, and the UK as well, with tens ..