News

Cyber Security Reviews NEWS brings you the latest daily updates on trends and happenings around the globe.

0 Comments
As if the exponential rise in phishing scams and malware attacks in the last five years wasn’t enough, the COVID-19 crisis has worsened it further. The current scenario has given a viable opportunity to cybercriminals to find a way to target individuals, small and large enterprises, government corporations. According to Interpol’s COVID-19 Cybercrime Analysis Report,
0 Comments
SecOps, formed from a combination of security and IT operations staff, is a highly skilled team focused on monitoring and assessing risk and protecting corporate assets, often operating from a security operations center, or SOC. Cybersecurity attacks are on the rise, and the new challenge of supporting a largely remote workforce amid the pandemic and
0 Comments
The investigation into how the attackers managed to compromise SolarWinds’ internal network and poison the company’s software updates is still underway, but we may be one step closer to understanding what appears to be a very meticulously planned and highly-sophisticated supply chain attack. A new report published by ReversingLabs today and shared in advance with
0 Comments
In my previous article on assessing and addressing the skills of security and IT personnel, I discussed numerous skills gap challenges that the security industry is currently facing, including budgetary constraints, remote staff training, and skill set assessments when onboarding new employees. However, there is indeed a glimmer of hope when it comes to overcoming
0 Comments
Cybersecurity researchers today disclosed a new supply-chain attack targeting the Vietnam Government Certification Authority (VGCA) that compromised the agency’s digital signature toolkit to install a backdoor on victim systems. Uncovered by Slovak internet security company ESET early this month, the “SignSight” attack involved modifying software installers hosted on the CA’s website (“ca.gov.vn”) to insert a
0 Comments
The massive state-sponsored espionage campaign that compromised software maker SolarWinds also targeted Microsoft, as the unfolding investigation into the hacking spree reveals the incident may have been far more wider in scope, sophistication, and impact than previously thought. News of Microsoft’s compromise was first reported by Reuters, which also said the company’s own products were
0 Comments
SolarWinds has faced setbacks in its response to the supply chain attack that led to the compromise of numerous enterprise and government agency customers. The attack involved the insertion of a backdoor by nation-state threat actors into updates for SolarWinds’ Orion product that was then distributed to customers worldwide. The attack was first disclosed on
0 Comments
A new wormable botnet that spreads via GitHub and Pastebin to install cryptocurrency miners and backdoors on target systems has returned with expanded capabilities to compromise web applications, IP cameras, and routers. Early last month, researchers from Juniper Threat Labs documented a crypto-mining campaign called “Gitpaste-12,” which used GitHub to host malicious code containing as
0 Comments
State-sponsored actors allegedly working for Russia have targeted the US Treasury, the Commerce Department’s National Telecommunications and Information Administration (NTIA), and other government agencies to monitor internal email traffic as part of a widespread cyberespionage campaign. The Washington Post, citing unnamed sources, said the latest attacks were the work of APT29 or Cozy Bear, the
0 Comments
While much attention has been given to the potential for remote learning environments being exploited by cybercriminals, a new CISA joint cybersecurity advisory warns that such attacks are already happening.  Threat actors are targeting K-12 schools and remote learning classrooms, according to a joint cybersecurity advisory by CISA, the FBI, and the Multi-State Information Sharing
0 Comments
Microsoft on Thursday took the wraps off an ongoing campaign impacting popular web browsers that stealthily injects malware-infested ads into search results to earn money via affiliate advertising. “Adrozek,” as it’s called by the Microsoft 365 Defender Research Team, employs an “expansive, dynamic attacker infrastructure” consisting of 159 unique domains, each of which hosts an
0 Comments
Cybersecurity researchers disclosed a dozen new flaws in multiple widely-used embedded TCP/IP stacks impacting millions of devices ranging from networking equipment and medical devices to industrial control systems that could be exploited by an attacker to take control of a vulnerable system. Collectively called “AMNESIA:33” by Forescout researchers, it is a set of 33 vulnerabilities
0 Comments
Russian state hackers have been exploiting a vulnerability found in VMware products including virtual workspaces, according to a cybersecurity advisory issued today by the National Security Agency. The VMware vulnerability, which was dubbed CVE-2020-4006 and rated 7.2 on the Common Vulnerability Scoring System (CVSS), was disclosed and patched last week. According to the NSA advisory,
0 Comments
21st-century technology has allowed Cybercriminals to use sophisticated and undetectable methods for malicious activities. In 2020 alone, a survey revealed that 65% of US-based companies were vulnerable to email phishing and impersonation attacks. This calls for upgrading your organization’s security with DMARC, which if not implemented, will enable cyber-attackers to: Instigate money transfers from vulnerable
0 Comments
Cybersecurity researchers on Thursday disclosed details of a previously undiscovered in-memory Windows backdoor developed by a hacker-for-hire operation that can execute remotely malicious code and steal sensitive information from its targets in Asia, Europe, and the US. Dubbed “PowerPepper” by Kaspersky researchers, the malware has been attributed to the DeathStalker group (formerly called Deceptikons), a
0 Comments
Security operations, or SecOps, has had a direct, if increasingly challenging, mandate since the dawn of enterprise networking: detect, respond to, predict and prevent cyberattacks. But SecOps roles and responsibilities are shifting to accommodate growing interest in an offensive, rather than defensive, approach to cybersecurity. By staying ahead of threats and anticipating bad actors’ next
0 Comments
A global spear-phishing campaign has been targeting organizations associated with the distribution of COVID-19 vaccines since September 2020, according to new research. Attributing the operation to a nation-state actor, IBM Security X-Force researchers said the attacks took aim at the vaccine cold chain, companies responsible for storing and delivering the COVID-19 vaccine at safe temperatures.
0 Comments
TrickBot, one of the most notorious and adaptable malware botnets in the world, is expanding its toolset to set its sights on firmware vulnerabilities to potentially deploy bootkits and take complete control of an infected system. The new functionality, dubbed “TrickBoot” by Advanced Intelligence (AdvIntel) and Eclypsium, makes use of readily available tools to check
0 Comments
Having employees connect remotely to your corporate network is not new. Most companies use cloud-based software-as-a-service (SaaS) applications and have some virtual private network (VPN) or remote desktop capabilities to enable field sales staff or roaming users to connect to essential applications and data. However, few — if any — companies were prepared for our
0 Comments
Multiple botnets are targeting thousands of publicly exposed and still unpatched Oracle WebLogic servers to deploy crypto miners and steal sensitive information from infected systems. The attacks are taking aim at a recently patched WebLogic Server vulnerability, which was released by Oracle as part of its October 2020 Critical Patch Update and subsequently again in