'

North Korea’s Lazarus Group hits organizations with two new RATs

North Korea’s Lazarus Group hits organizations with two new RATs

One of North Korea’s most prominent cyberespionage groups has been using two new remote access trojans (RATs) in attack campaigns this year, researchers warn. One of the operations targeted internet backbone infrastructure and healthcare organizations from Europe and the United States. “Lazarus Group remains highly active, with this being their third documented campaign in less … Read more

Kroll Employee SIM-Swapped for Crypto Investor Data

Kroll Employee SIM-Swapped for Crypto Investor Data

Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. And there are indications that fraudsters may already be exploiting the stolen data in phishing attacks. Cryptocurrency lender … Read more

China-linked Flax Typhoon APT targets Taiwan

China-linked Flax Typhoon APT targets Taiwan

China-linked APT group Flax Typhoon targeted dozens of organizations in Taiwan as part of a suspected espionage campaign. Microsoft linked the Chinese APT Flax Typhoon (aka Ethereal Panda) to a cyber espionage campaign that targeted dozens of organizations in Taiwan. The researchers observed Flax Typhoon gaining and maintaining long-term access to Taiwanese organizations’ networks with … Read more

Top cybersecurity M&A deals for 2023

Top cybersecurity M&A deals for 2023

Uncertainty and instability marked the end of 2022 for many in the tech sector, a trend that bled into the beginning of 2023. Following on the heels of a drought in IT talent came mass layoffs at many of the world’s biggest tech companies as predictions of recession loomed and war in Ukraine dragged on … Read more

Whiffy Recon malware triangulates the position of infected systems via Wi-Fi

Whiffy Recon malware triangulates the position of infected systems via Wi-Fi

Experts observed the SmokeLoader malware delivering a new Wi-Fi scanning malware strain dubbed Whiffy Recon. Secureworks Counter Threat Unit (CTU) researchers observed the Smoke Loader botnet dropping a new Wi-Fi scanning malware named Whiffy Recon. The malicious code triangulates the positions of the infected systems using nearby Wi-Fi access points as a data point for Google’s … Read more

Flax Typhoon using legitimate software to quietly access Taiwanese organizations

Flax Typhoon using legitimate software to quietly access Taiwanese organizations

Summary Microsoft has identified a nation-state activity group tracked as Flax Typhoon, based in China, that is targeting dozens of organizations in Taiwan with the likely intention of performing espionage. Flax Typhoon gains and maintains long-term access to Taiwanese organizations’ networks with minimal use of malware, relying on tools built into the operating system, along … Read more

FBI: Patches for Barracuda ESG Zero-Day CVE-2023-2868 are ineffective

FBI: Patches for Barracuda ESG Zero-Day CVE-2023-2868 are ineffective

The FBI warned that patches for a critical Barracuda ESG flaw CVE-2023-2868 are “ineffective” and patched appliances are still being hacked. The Federal Bureau of Investigation warned that security patches for critical vulnerability CVE-2023-2868 in Barracuda Email Security Gateway (ESG) are “ineffective.” According to the feds, threat actors are still hacking the patched appliances in … Read more