Blind Eagle Targets Colombian Insurance Sector with Customized Quasar RAT https://firewall.firm.in/wp-content/uploads/2024/09/zscaler.png Sep 09, 2024Ravie LakshmananFinancial Security / Malware The Colombian insurance sector is the target of a threat actor tracked as Blind Eagle with the end goal of delivering a customized version of a known commodity remote access trojan (RAT) referred to as Quasar RAT since June 2024. “Attacks have ...

One More Tool Will Do It? Reflecting on the CrowdStrike Fallout https://firewall.firm.in/wp-content/uploads/2024/09/one.png Sep 09, 2024The Hacker NewsData Protection / Threat Detection The proliferation of cybersecurity tools has created an illusion of security. Organizations often believe that by deploying a firewall, antivirus software, intrusion detection systems, identity threat detection and response, and other tools, they are adequately protected. However, this approach ...

New RAMBO Attack Uses RAM Radio Signals to Steal Data from Air-Gapped Networks https://firewall.firm.in/wp-content/uploads/2024/09/airgap.png Sep 09, 2024Ravie LakshmananVulnerability / Hardware Security A novel side-channel attack has been found to leverage radio signals emanated by a device’s random access memory (RAM) as a data exfiltration mechanism, posing a threat to air-gapped networks. The technique has been codenamed RAMBO by Dr. Mordechai ...

GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware https://firewall.firm.in/wp-content/uploads/2024/09/jeo.jpg Sep 06, 2024Ravie LakshmananCryptocurrency / APT Attack A recently disclosed security flaw in OSGeo GeoServer GeoTools has been exploited as part of multiple campaigns to deliver cryptocurrency miners, botnet malware such as Condi and JenX, and a known backdoor called SideWalk. The security vulnerability is a critical remote ...

SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation https://firewall.firm.in/wp-content/uploads/2024/09/sonic.jpg Sep 06, 2024Ravie LakshmananNetwork Security / Threat Detection SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible. The vulnerability, tracked as CVE-2024-40766, carries a CVSS score of ...

FBI Cracks Down on Dark Web Marketplace Managed by Russian and Kazakh Nationals https://firewall.firm.in/wp-content/uploads/2024/09/lock.jpg Sep 07, 2024Ravie LakshmananCybercrime / Dark Web Two men have been indicted in the U.S. for their alleged involvement in managing a dark web marketplace called WWH Club that specializes in the sale of sensitive personal and financial information. Alex Khodyrev, a 35-year-old Kazakhstan national, and ...

North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams https://firewall.firm.in/wp-content/uploads/2024/09/korea.jpg Sep 07, 2024Ravie LakshmananCyber Security / Malware Threat actors affiliated with North Korea have been observed leveraging LinkedIn as a way to target developers as part of a fake job recruiting operation. These attacks employ coding tests as a common initial infection vector, Google-owned Mandiant said in a ...

Clearview AI fined by Dutch agency for facial recognition database – ET CISO https://etimg.etb2bimg.com/thumb/msid-113051010,imgsize-8792,width-1200,height=765,overlay-etciso/data-breaches/clearview-ai-fined-by-dutch-agency-for-facial-recognition-database.jpg U.S. facial recognition company Clearview AI has been fined 30.5 million euros ($33.7 million) for building what Dutch data protection watchdog DPA said on Tuesday was an illegal database. DPA also issued an additional order, imposing a penalty of up to 5 million euros on Clearview ...

New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm https://firewall.firm.in/wp-content/uploads/2024/09/chinesehackerz.jpg Sep 05, 2024Ravie LakshmananCyber Attack / Malware The Chinese-speaking threat actor known as Earth Lusca has been observed using a new backdoor dubbed KTLVdoor as part of a cyber attack targeting an unnamed trading company based in China. The previously unreported malware is written in Golang, and thus ...

New Rust-Based Ransomware Cicada3301 Targets Windows and Linux Systems https://firewall.firm.in/wp-content/uploads/2024/09/linux.png Sep 03, 2024Ravie LakshmananEndpoint Security / Malware Cybersecurity researchers have unpacked the inner workings of a new ransomware variant called Cicada3301 that shares similarities with the now-defunct BlackCat (aka ALPHV) operation. “It appears that Cicada3301 ransomware primarily targets small to medium-sized businesses (SMBs), likely through opportunistic attacks that exploit vulnerabilities ...