News

Cyber Security Reviews NEWS brings you the latest daily updates on trends and happenings around the globe.

What is SEO poisoning (search poisoning)? SEO poisoning, also known as search poisoning, is a type of malicious advertising (malvertising) in which cybercriminals create malicious websites and then use search engine optimization (SEO) techniques to cause the sites’ links to show up prominently in search results, often as ads at the top. Because of their
Oct 16, 2023NewsroomMalware / Mobile Security The Android banking trojan known as SpyNote has been dissected to reveal its diverse information-gathering features. Typically spread via SMS phishing campaigns, attack chains involving the spyware trick potential victims into installing the app by clicking on the embedded link, according to F-Secure. Besides requesting invasive permissions to access
Ransomware actors are targeting a critical flaw in Progress Software’s WS_FTP Server secure file transfer product, according to Thursday posts from Sophos’ X-Ops team on Mastodon. Sophos said threat actors utilized CVE-2023-40044 in “unsuccessful attempted ransomware activity” against customers of Progress’ WS_FTP Server from what appeared to be leaked LockBit 3.0 code. The attacks were
Oct 14, 2023NewsroomAuthentication / Endpoint Security Microsoft has announced that it plans to eliminate NT LAN Manager (NTLM) in Windows 11 in the future, as it pivots to alternative methods for authentication and bolster security. “The focus is on strengthening the Kerberos authentication protocol, which has been the default since 2000, and reducing reliance on
Google, AWS and Cloudflare stopped what is reportedly the largest DDoS attack ever recorded, according to announcements from the vendors Tuesday. The attack occurred as a result of a novel DDoS vulnerability, tracked as CVE-2023-44487, that concerns the HTTP/2 protocol, the standardized set of rules for file transference over the internet. According to the vulnerability’s
Ensuring sensitive data remains confidential, protected from unauthorized access, and compliant with data privacy regulations is paramount. Data breaches result in financial and reputational damage but also lead to legal consequences. Therefore, robust data access security measures are essential to safeguard an organization’s assets, maintain customer trust, and meet regulatory requirements. A comprehensive Data Security
Oct 06, 2023NewsroomCyber Attack / Malware Threat actors have been observed targeting semiconductor companies in East Asia with lures masquerading as Taiwan Semiconductor Manufacturing Company (TSMC) that are designed to deliver Cobalt Strike beacons. The intrusion set, per EclecticIQ, leverages a backdoor called HyperBro, which is then used as a conduit to deploy the commercial
What is Certified Secure Software Lifecycle Professional? CSSLP (Certified Secure Software Lifecycle Professional) is a certification from ISC2 that focuses on application security within the software development lifecycle (SDLC). Launched in 2008, CSSLP is designed for software development and security professionals involved in the SDLC. The certification’s curriculum focuses on application vulnerabilities, risk and compliance
Oct 05, 2023NewsroomRansomware / Malware Despite the disruption to its infrastructure, the threat actors behind the QakBot malware have been linked to an ongoing phishing campaign since early August 2023 that led to the delivery of Ransom Knight (aka Cyclops) ransomware and Remcos RAT. This indicates that “the law enforcement operation may not have impacted
Oct 04, 2023THNMobile Security / Spyware New findings have identified connections between an Android spyware called DragonEgg and another sophisticated modular iOS surveillanceware tool named LightSpy. DragonEgg, alongside WyrmSpy (aka AndroidControl), was first disclosed by Lookout in July 2023 as a strain of malware capable of gathering sensitive data from Android devices. It was attributed
Introduction In today’s interconnected digital ecosystem, Application Programming Interfaces (APIs) play a pivotal role in enabling seamless communication and data exchange between various software applications and systems. APIs act as bridges, facilitating the sharing of information and functionalities. However, as the use of APIs continues to rise, they have become an increasingly attractive target for
Sep 30, 2023THNCyber Espionage / Malware Sophisticated cyber actors backed by Iran known as OilRig have been linked to a spear-phishing campaign that infects victims with a new strain of malware called Menorah. “The malware was designed for cyberespionage, capable of identifying the machine, reading and uploading files from the machine, and downloading another file
The role of the chief information security officer has evolved significantly in recent years. As cybersecurity becomes even more of a critical concern for businesses, CISOs now find themselves in increasingly pivotal positions within their organizations. The intensity of the CISO position means it typically has a shelf life, however, with security leaders often leaving
Sep 30, 2023THNRansomware / Cyber Threat The U.S. Federal Bureau of Investigation (FBI) is warning of a new trend of dual ransomware attacks targeting the same victims, at least since July 2023. “During these attacks, cyber threat actors deployed two different ransomware variants against victim companies from the following variants: AvosLocker, Diamond, Hive, Karakurt, LockBit,
Sep 28, 2023THNSupply Chain / Malware A new malicious campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers. “The malicious code exfiltrates the GitHub project’s defined secrets to a malicious C2 server and modify any existing javascript files in the attacked
What is Protected Extensible Authentication Protocol (PEAP)? Protected Extensible Authentication Protocol (PEAP) is a security protocol commonly used to protect wireless networks. PEAP extends the Extensible Authentication Protocol (EAP) by encapsulating the EAP connection within a Transport Layer Security (TLS) tunnel. PEAP was designed to provide authentication for 802.11 wireless local area networks (WLANs) to
Sep 27, 2023THNMalware / Cyber Attack A new threat actor known as AtlasCross has been observed leveraging Red Cross-themed phishing lures to deliver two previously undocumented backdoors named DangerAds and AtlasAgent. NSFOCUS Security Labs described the adversary as having a “high technical level and cautious attack attitude,” adding that “the phishing attack activity captured this
Sep 25, 2023THNCyber Attack / Phishing Ukrainian military entities are the target of a phishing campaign that leverages drone manuals as lures to deliver a Go-based open-source post-exploitation toolkit called Merlin. “Since drones or Unmanned Aerial Vehicles (UAVs) have been an integral tool used by the Ukrainian military, malware-laced lure files themed as UAVs service
Even in today’s cloud-based environments, USB drives are a useful tool. Removable media can perform a variety of tasks, among them quick transfers between systems on different networks or moving installation and configuration files to air-gapped networks. Optical media, such as CDs and DVDs, are also still found in some networks. For all their versatility,