More results...
In 2022 we investigated a series of attacks against industrial organizations in Eastern Europe. In the campaigns, the attackers aimed to establish a permanent channel for data exfiltration, including data stored on air-gapped systems.
By Habiba Rashid
Aquasec Investigation Exposes Alarming Rise in Kubernetes Misconfigurations Leading to Catastrophic Breaches.
This is a post from HackRead.com Read the original post: Cryptomining and Malware Flourish on Misconfigured Kubernetes Clusters
North Korean state-sponsored hackers have breached Russian missile maker NPO Mashinostroyeniya, according to SentinelLabs researchers. North Korean hackers discovered The researchers came across leaked email communication between NPO Mashinostroyeniya&…
Two North Korea-linked APT groups compromised the infrastructure of the major Russian missile engineering firm NPO Mashinostroyeniya. Cybersecurity firm SentinelOne linked the compromise of the major Russian missile engineering firm NPO Mashinostroyeniya to two different North Korea-linked APT groups. NPO Mashinostroyeniya (JSC MIC Mashinostroyenia, NPO Mash) is a leading Russian manufacturer of missiles and military […]
The post North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya appeared first on Security Affairs.
The Cybersecurity and Infrastructure Agency (CISA) has published an analysis report on the backdoors dropped by attackers exploiting CVE-2023-2868, a remote command injection vulnerability in Barracuda Email Security Gateway (ESG) appliances. Barracuda…
Turla has been targeting defense sector organizations in Ukraine and Eastern Europe with DeliveryCheck and Kazuar backdoors / infostealers and has been using compromised Microsoft Exchange servers to control them. Turla APT Turla (aka Secret Blizzard, …
By Habiba Rashid
At the time of writing, all reported fake repositories have been taken down and the malicious PoC has been removed from GitHub.
This is a post from HackRead.com Read the original post: Fake GitHub Repos Caught Dropping Malware as PoCs …
By Waqas
Fortunately, the infected version of Telegram carrying Triada malware is being distributed through third-party stores rather than the official Google Play Store.
This is a post from HackRead.com Read the original post: Triada Malware Infects A…
Iran-linked Charming Kitten group used an updated version of the PowerShell backdoor called POWERSTAR in a spear-phishing campaign. Security firm Volexity observed the Iran-linked Charming Kitten (aka APT35, Phosphorus, Newscaster, and Ajax Security Team) group using an updated version of the PowerShell backdoor POWERSTAR in a spear-phishing campaign. Iran-linked Charming Kitten group, (aka APT35, Phosphorus, Newscaster, and Ajax Security Team) made the headlines in 2014 when experts at iSight issued […]
The post Iran-linked Charming Kitten APT enhanced its POWERSTAR Backdoor appeared first on Security Affairs.
This report contains statistics on cybersecurity threats to small and medium-sized businesses in 2023, and examples of cyberattacks on SMBs.