LATEST CYBERTHREATS AND ADVISORIES – JANUARY 27, 2023

Alerts from national cybersecurity agencies, gaming developer attacks and the Mailchimp/FanDuel breach. Here are the latest threats and advisories for the week of January 27, 2023. Threat Advisories and Alerts CISA Publishes Report to Help Protect Schools from Cyberthreats The recent surge in cyberattacks against the education sector has led the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to release a report addressing the issue. The COVID-19 pandemic made educational institutions increasingly vulnerable to cyberthreats, as virtual learning became widespread and led to the rapid adoption of new and untested technologies. The report titled “Partnering to Safeguard K-12 Organizations from…

January 27, 2023
Read More >>

BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer

The BlackCat Ransomware group claims to have hacked SOLAR INDUSTRIES INDIA and to have stolen 2TB of “secret military data.” The BlackCat Ransomware gang added SOLAR INDUSTRIES INDIA to the list of victims published on its Tor leak site. The company is a globally recognised industrial explosives manufacturer, it provides complete blasting solutions, including packaged, […]

The post BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer appeared first on Security Affairs.

January 27, 2023
Read More >>

Threat Groups Distributing Malware via Google Ads

Security researchers are warning that Google Ads are being actively leveraged to distribute malware to unsuspecting victims searching for software downloads. On January 20, CronUp researcher Germán Fernández warned that the DEV-0569 ransomware group is using Google Ads to distribute Gozi/Ursnif malware, RedLine stealer, and Royal ransomware. “For deployment, they use Add-MpPreference to configure exclusions […]

The post Threat Groups Distributing Malware via Google Ads appeared first on eSecurityPlanet.

January 26, 2023
Read More >>

Hive Ransomware Tor leak site apparently seized by law enforcement

The leak site of the Hive ransomware gang was seized due to an international operation conducted by law enforcement in ten countries. The Tor leak site used by Hive ransomware operators has been seized as part of an international operation conducted by law enforcement in 10 countries. “The Federal Bureau of Investigation seized this site […]

The post Hive Ransomware Tor leak site apparently seized by law enforcement appeared first on Security Affairs.

January 26, 2023
Read More >>

Experts warn of a surge of attacks exploiting a Realtek Jungle SDK RCE (CVE-2021-35394)

Experts warn of a spike in the attacks that between August and October 2022 attempted to exploit a Realtek Jungle SDK RCE (CVE-2021-35394). Palo Alto Networks researchers reported that between August and October 2022 the number of attacks that attempted to exploit a Realtek Jungle SDK RCE (CVE-2021-35394) (CVSS score 9.8) accounted for more than […]

The post Experts warn of a surge of attacks exploiting a Realtek Jungle SDK RCE (CVE-2021-35394) appeared first on Security Affairs.

January 26, 2023
Read More >>

North Korea-linked TA444 group turns to credential harvesting activity

North Korea-linked TA444 group is behind a credential harvesting campaign targeting a number of industry verticals. Proofpoint researchers reported that North Korea-linked TA444 APT group (aka APT38, BlueNoroff, Copernicium, and Stardust Chollima) is behind a credential harvesting campaign targeting a number of industry verticals. APT38 appears to be a North Korea-linked group separate from the infamous Lazarus group, […]

The post North Korea-linked TA444 group turns to credential harvesting activity appeared first on Security Affairs.

January 25, 2023
Read More >>