breaking news

HinataBot, a new Go-Based DDoS botnet in the threat landscape

GlobalDefenseBot
3 minutes

A new Golang-based DDoS botnet, tracked as HinataBot, targets routers and servers by exploiting known vulnerabilities. Akamai researchers spotted a new DDoS Golang-based botnet, dubbed HinataBot, which has been observed exploiting known flaws to compromise routers and servers. The experts reported that the HinataBot bot was seen being distributed since the beginning of 2023 and its operators are actively […]

The post HinataBot, a new Go-Based DDoS botnet in the threat landscape appeared first on Security Affairs.

China-linked APT likely linked to Fortinet zero-day attacks

GlobalDefenseBot
3 minutes

An alleged Chinese threat actor group is behind attacks on government organizations exploiting a Fortinet zero-day flaw (CVE-2022-41328). A suspected China-linked group is exploiting a Fortinet zero-day vulnerability, tracked as CVE-2022-41328, in attacks aimed at government organizations. A few days ago, Fortinet researchers warned of an advanced threat actor that is targeting governmental or government-related […]

The post China-linked APT likely linked to Fortinet zero-day attacks appeared first on Security Affairs.

Latest Cyberthreats and Advisories – March 17, 2023

CySecBot
4 minutes

Cybercriminals pounce on SVB collapse, privacy concerns around ChatGPT and the FBI warns of a rise in crypto scams. Here are the latest threats and advisories for the week of March 17, 2023. By John Weiler Threat Advisories and Alerts FBI Warning: Cryptocurrency Investment Schemes on the Rise The U.S. Federal Bureau of Investigation (FBI) is warning internet users of an increase in cryptocurrency investment scam schemes, which defrauded victims of over $2 billion in 2022. Cybercriminals (usually located overseas) use social media platforms, dating apps, professional networking apps and other online means to connect with targets. The criminals then…

Tracking the global spread of malware

CySecBot
1 minute

Approximately 10-16 percent of organizations have shown evidence of malicious command and control (C2) activities, strongly indicating a network breach within the last year, according to Akamai. Emotet and QSnatch Akamai observes nearly seven trillion …

breaking news

Microsoft sheds light on a year of Russian hybrid warfare in Ukraine

GlobalDefenseBot
3 minutes

Russia-linked threat actors targeted at least 17 European nations in 2023, and 74 countries since the start of the invasion of Ukraine. Microsoft revealed that Russia-linked threat actors targeted at least 17 European nations between January and mid-February 2023. According to a report published by the IT giant, the state-sponsored hackers have targeted 74 countries […]

The post Microsoft sheds light on a year of Russian hybrid warfare in Ukraine appeared first on Security Affairs.

breaking news

Multiple threat actors exploited Progress Telerik bug to breach U.S. federal agency

GlobalDefenseBot
3 minutes

Multiple threat actors exploited a critical flaw in Progress Telerik to breach an unnamed US federal agency, said the US government. A joint advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) revealed that multiple threat actors, including a nation-state actor, exploited a […]

The post Multiple threat actors exploited Progress Telerik bug to breach U.S. federal agency appeared first on Security Affairs.

breaking news

Russia-linked APT29 abuses EU information exchange systems in recent attacks

GlobalDefenseBot
3 minutes

Russia-linked APT29 group abused the legitimate information exchange systems used by European countries to target government entities. Russia-linked APT29 (aka SVR group, Cozy Bear, Nobelium, and The Dukes) was spotted abusing the legitimate information exchange systems used by European countries in attacks aimed at governments. In early March, BlackBerry researchers uncovered a new cyber espionage campaign aimed at EU […]

The post Russia-linked APT29 abuses EU information exchange systems in recent attacks appeared first on Security Affairs.

breaking news

YoroTrooper APT group targets CIS countries and embassies

GlobalDefenseBot
3 minutes

A new APT group, dubbed YoroTrooper, has been targeting government and energy organizations across Europe, experts warn. Cisco Talos researchers uncovered a new cyber espionage group targeting CIS countries, embassies and EU health care agency since at least June 2022. The APT group focuses on government or energy organizations in Azerbaijan, Tajikistan, Kyrgyzstan and other Commonwealth […]

The post YoroTrooper APT group targets CIS countries and embassies appeared first on Security Affairs.

For credentials, these are the new Seven Commandments for zero trust

CySecBot
1 minute

With backing from major firms, credential security company Beyond Identity has launched the Zero Trust Authentication initiative for organizations to hack-proof user credentials.
The post For credentials, these are the new Seven Commandments for zero t…

breaking news

CrowdStrike discovered the first-ever Dero cryptocurrency mining campaign

GlobalDefenseBot
3 minutes

CrowdStrike researchers discovered the first-ever cryptocurrency mining campaign aimed at Dero mining since February 2023. CrowdStrike has discovered the first-ever Dero cryptojacking campaign aimed at Kubernetes infrastructure. Dero is a general-purpose, private, and decentralized application platform that allows developers to deploy powerful and unstoppable applications. It claims to offer improved privacy, anonymity and higher monetary rewards compared […]

The post CrowdStrike discovered the first-ever Dero cryptocurrency mining campaign appeared first on Security Affairs.