APT groups use ransomware TTPs as cover for intelligence gathering and sabotage
Changing tactics by North Korean, Russian, and Chinese APT groups suggest that Western companies are at greater risk.
Stories by Lucian Constantin
-
-
Remote code execution exploit chain available for VMware vRealize Log Insight
Researchers found four vulnerabilities in vRealize Log Insight that were relatively non-threatening on their own but lead to significant compromise when used together.
-
Ransomware ecosystem becoming more diverse for 2023
The decline of big ransomware groups like Conti and REvil has given rise to smaller gangs, presenting a threat intelligence challenge.
-
Hackers abuse legitimate remote monitoring and management tools in attacks
Researchers and government agencies warn that threat actors are increasing their use of commercial RMM tools to enable financial scams.
-
Attackers exploiting critical flaw in many Zoho ManageEngine products
The ManageEngine vulnerability is easy to exploit and enables remote code execution. Patches are available.
-
Many ICS flaws remain unpatched as attacks against critical infrastructure rise
More than a third of ICS device vulnerabilities have no patch available at a time when ICS environments face threats from new cyber crime groups.
-
How attackers might use GitHub Codespaces to hide malware delivery
A feature that allows developers to make applications accessible by a public GitHub URL could enable attackers to deliver malware and avoid detection.
-
Attackers deploy sophisticated Linux implant on Fortinet network security devices
In December network security vendor Fortinet disclosed that a critical vulnerability in its FortiOS operating system was being exploited by attackers in the wild.
-
Log4Shell remains big threat and common cause for security breaches
Log4Shell is likely to remain a favored vulnerability to exploit as organisations lack visibility into their software supply chains.
-
Attackers create 130K fake accounts to abuse limited-time cloud computing resources
Cybercriminal group Automated Libra's PurpleUrchin campaign uses the fake accounts for cryptomining operations.
-
Cuba ransomware group used Microsoft developer accounts to sign malicious drivers
The ransomware gang was able to use signed malicious drivers to disable endpoint security tools. Microsoft has revoked the certificates.
-
Researchers found security pitfalls in IBM’s cloud infrastructure
A demonstrated attack in IBM’s cloud infrastructure allowed them access to the internal server used to build database images for customer deployments.
-
What is Ransom Cartel? A ransomware gang focused on reputational damage
Ransom Cartel, a RaaS operation, has stepped up its attacks over the past year after the disbanding of prominent gangs such as REvil and Conti.
-
Why businesses should have Cobalt Strike detection in place
Abusing variants of legitimate penetration testing tools has become a standard tactic for many attackers seeking to fool security teams.
-
Vietnamese DUCKTAIL malware campaign targeting Facebook business and ads accounts is back
A group of attackers, likely based in Vietnam, that specialises in targeting employees with potential access to Facebook business has re-emerged.
Events
EDGE 2023
EDGE is the leading technology conference for business leaders in Australia and New Zealand, built on the foundations of collaboration, education and advancement.
WIICTA 2023
ARN has celebrated gender diversity and recognised female excellence across the Australian tech channel since first launching WIICTA in 2012, acknowledging the achievements of a talented group of female front runners who have become influential figures across the local industry.
ARN Innovation Awards 2023
Innovation Awards is the market-leading awards program for celebrating ecosystem innovation and excellence across the technology sector in Australia.
Brand Post
Building cyber resilience – a partner action plan
Sponsored By
