New RAMBO Attack Uses RAM Radio Signals to Steal Data from Air-Gapped Networks https://firewall.firm.in/wp-content/uploads/2024/09/airgap.png Sep 09, 2024Ravie LakshmananVulnerability / Hardware Security A novel side-channel attack has been found to leverage radio signals emanated by a device’s random access memory (RAM) as a data exfiltration mechanism, posing a threat to air-gapped networks. The technique has been codenamed RAMBO by Dr. Mordechai ...

GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware https://firewall.firm.in/wp-content/uploads/2024/09/jeo.jpg Sep 06, 2024Ravie LakshmananCryptocurrency / APT Attack A recently disclosed security flaw in OSGeo GeoServer GeoTools has been exploited as part of multiple campaigns to deliver cryptocurrency miners, botnet malware such as Condi and JenX, and a known backdoor called SideWalk. The security vulnerability is a critical remote ...

SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation https://firewall.firm.in/wp-content/uploads/2024/09/sonic.jpg Sep 06, 2024Ravie LakshmananNetwork Security / Threat Detection SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible. The vulnerability, tracked as CVE-2024-40766, carries a CVSS score of ...

FBI Cracks Down on Dark Web Marketplace Managed by Russian and Kazakh Nationals https://firewall.firm.in/wp-content/uploads/2024/09/lock.jpg Sep 07, 2024Ravie LakshmananCybercrime / Dark Web Two men have been indicted in the U.S. for their alleged involvement in managing a dark web marketplace called WWH Club that specializes in the sale of sensitive personal and financial information. Alex Khodyrev, a 35-year-old Kazakhstan national, and ...

North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams https://firewall.firm.in/wp-content/uploads/2024/09/korea.jpg Sep 07, 2024Ravie LakshmananCyber Security / Malware Threat actors affiliated with North Korea have been observed leveraging LinkedIn as a way to target developers as part of a fake job recruiting operation. These attacks employ coding tests as a common initial infection vector, Google-owned Mandiant said in a ...

Clearview AI fined by Dutch agency for facial recognition database – ET CISO https://etimg.etb2bimg.com/thumb/msid-113051010,imgsize-8792,width-1200,height=765,overlay-etciso/data-breaches/clearview-ai-fined-by-dutch-agency-for-facial-recognition-database.jpg U.S. facial recognition company Clearview AI has been fined 30.5 million euros ($33.7 million) for building what Dutch data protection watchdog DPA said on Tuesday was an illegal database. DPA also issued an additional order, imposing a penalty of up to 5 million euros on Clearview ...

New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm https://firewall.firm.in/wp-content/uploads/2024/09/chinesehackerz.jpg Sep 05, 2024Ravie LakshmananCyber Attack / Malware The Chinese-speaking threat actor known as Earth Lusca has been observed using a new backdoor dubbed KTLVdoor as part of a cyber attack targeting an unnamed trading company based in China. The previously unreported malware is written in Golang, and thus ...

New Rust-Based Ransomware Cicada3301 Targets Windows and Linux Systems https://firewall.firm.in/wp-content/uploads/2024/09/linux.png Sep 03, 2024Ravie LakshmananEndpoint Security / Malware Cybersecurity researchers have unpacked the inner workings of a new ransomware variant called Cicada3301 that shares similarities with the now-defunct BlackCat (aka ALPHV) operation. “It appears that Cicada3301 ransomware primarily targets small to medium-sized businesses (SMBs), likely through opportunistic attacks that exploit vulnerabilities ...

Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus https://firewall.firm.in/wp-content/uploads/2024/09/chart.jpg Sep 03, 2024Ravie LakshmananRansomware / Malware A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and Belarus. “Head Mare uses more up-to-date methods for obtaining initial access,” Kaspersky said in a Monday analysis of the group’s tactics and ...

RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors https://firewall.firm.in/wp-content/uploads/2024/09/ransomware.jpg Threat actors linked to the RansomHub ransomware group encrypted and exfiltrated data from at least 210 victims since its inception in February 2024, the U.S. government said. The victims span various sectors, including water and wastewater, information technology, government services and facilities, healthcare and public health, emergency services, food and ...