DragonSpark threat actor avoids detection using Golang source code Interpretation

GlobalDefenseBot 25 January

3 minutes

Chinese threat actor tracked as DragonSpark targets organizations in East Asia with a Golang malware to evade detection. SentinelOne researchers spotted a Chinese-speaking actor, tracked as DragonSpark, that is targeting organizations in East Asia. The attackers employed an open source tool SparkRAT along with Golang malware that implements an uncommon technique to evade detection. “The threat […]

The post DragonSpark threat actor avoids detection using Golang source code Interpretation appeared first on Security Affairs.

What makes small and medium-sized businesses vulnerable to BEC attacks

CySecBot 25 January

1 minute

According to the FBI’s 2021 Internet Crime Report, business email compromise (BEC) accounted for almost a third of the country’s $6.9 billion in cyber losses that year – around $2.4 billion. In surprisingly sharp contrast, ransomware attacks accounted …

Hackers Using Sliver Framework as an Alternative to Cobalt Strike & Metasploit

CySecBot 25 January

1 minute

Silver is an open-source command-and-control framework that is becoming increasingly popular among malicious actors at current attacks. As threat actors are opting for this option since it offers a viable alternative to commercial tools such as:- Desig…

Recent rise in SEO poisoning attacks compromise brand reputations

CySecBot 24 January

1 minute

A new research report from SentinelOne exposes a SEO poisoning attack campaign that hijacks brand names in paid search ads.
The post Recent rise in SEO poisoning attacks compromise brand reputations appeared first on TechRepublic.

Companies slow to “mask up” with zero trust cybersecurity protocols

CySecBot 24 January

1 minute

A new study by Gartner predicts that by 2026 just 10% of companies will have zero-trust protocols in place against cybersecurity exploits.
The post Companies slow to “mask up” with zero trust cybersecurity protocols appeared first on TechRepublic.

FBI confirms that North Korea-linked Lazarus APT is behind Harmony Horizon Bridge $100 million cyber heist

GlobalDefenseBot 24 January

4 minutes

The U.S. FBI attributes the $100 million cyber heist against Harmony Horizon Bridge to North Korea-linked Lazarus APT. The U.S. Federal Bureau of Investigation (FBI) this week confirmed that in June 2022 the North Korea-linked Lazarus APT group and APT38 stole $100 million worth of cryptocurrency assets from the Blockchain company Harmony Horizon Bridge. “The FBI continues […]

The post FBI confirms that North Korea-linked Lazarus APT is behind Harmony Horizon Bridge $100 million cyber heist appeared first on Security Affairs.

Chinese Hackers Exploit FortiOS Zero-Day Vulnerability to Deploy New Malware

CySecBot 24 January

1 minute

Mandiant recently reported that a group of hackers originating from China utilized a vulnerability within FortiOS SSL-VPN that had only recently been discovered, and marked as a zero-day exploit, in December. The hackers targeted both a governmen…

A closer look at malicious packages targeting Python developers

CySecBot 24 January

1 minute

In this Help Net Security video, Carlos Fernandez, Security Researcher at Sonatype, talks about how their AI system caught packages that attack Python developers with a unique tactic. Sonatype calls them RAT mutants because they’re a mix of remote acce…

Report: Cyberespionage threat actor exploits CVE-2022-42475 FortiOS vulnerability

CySecBot 23 January

1 minute

A possible Chinese cyberespionage actor has exploited a FortiOS vulnerability to successfully compromise companies.
The post Report: Cyberespionage threat actor exploits CVE-2022-42475 FortiOS vulnerability appeared first on TechRepublic.

Hackers remotely interrupting GTA Online PC Gameplay

CySecBot 23 January

1 minute

By Deeba Ahmed
PC players of GTA Online are warned of a new remote attack in which hackers can modify their character, delete stats, and ban or delete the account.
This is a post from HackRead.com Read the original post: Hackers remotely interrupting G…