breaking news

Technical analysis of China-linked Earth Preta APT’s infection chain

GlobalDefenseBot
3 minutes

China-linked Earth Preta cyberespionage group has been observed adopting new techniques to bypass security solutions. Trend Micro researchers reported that the China-linked Earth Preta group (aka Mustang Panda) is actively changing its tools, tactics, and procedures (TTPs) to bypass security solutions. Earth Preta, also known as “RedDelta” or “Bronze President,” has been active since at least […]

The post Technical analysis of China-linked Earth Preta APT’s infection chain appeared first on Security Affairs.

breaking news

Malicious Python Package uses Unicode support to evade detection 

GlobalDefenseBot
3 minutes

Researchers discovered a malicious package on PyPI that uses Unicode to evade detection while stealing sensitive data. Supply chain security firm Phylum discovered a malicious Python package on the Python Package Index (PyPI) repository that uses Unicode to evade detection and deliver information-stealing malware. The package, named onyxproxy, was uploaded to the PyPI repository on March […]

The post Malicious Python Package uses Unicode support to evade detection  appeared first on Security Affairs.

CISA to Start Issuing Early-Stage Ransomware Alerts

CySecBot
1 minute

By Deeba Ahmed
According to CISA, this new initiative will be helpful for organizations/institutions in the public health, education, and government sectors.
This is a post from HackRead.com Read the original post: CISA to Start Issuing Early-Stage Ra…

New Backdoor Attack Uses Russian-Ukrainian Conflict Phishing Emails

CySecBot
1 minute

By Deeba Ahmed
The backdoors used in this campaign are never-before-seen malware strains called CommonMagic and PowerMagic.
This is a post from HackRead.com Read the original post: New Backdoor Attack Uses Russian-Ukrainian Conflict Phishing Emails

breaking news

Vice Society claims attack on Puerto Rico Aqueduct and Sewer Authority

GlobalDefenseBot
3 minutes

Puerto Rico Aqueduct and Sewer Authority (PRASA) is investigating a cyber attack with the help of the FBI and US CISA. The Puerto Rico Aqueduct and Sewer Authority (PRASA) is investigating a cyberattack that last week hit the agency. The agency quickly activated the incident response procedure after the attack. The attack was disclosed on […]

The post Vice Society claims attack on Puerto Rico Aqueduct and Sewer Authority appeared first on Security Affairs.

Hackers Inject Weaponized JavaScript (JS) on 51,000 Websites

CySecBot
1 minute

Researchers from Unit 42 have been monitoring a widespread campaign of harmful JavaScript (JS) injections. The campaign aims to redirect unsuspecting victims to dangerous content, including adware and fraudulent pages. Websites continue to be infected …

breaking news

CISA announced the Pre-Ransomware Notifications initiative

GlobalDefenseBot
2 minutes

The US Cybersecurity and Infrastructure Security Agency (CISA) announced the Pre-Ransomware Notifications service to help organizations stop ransomware attacks before damage occurs. The US Cybersecurity and Infrastructure Security Agency announced a new Pre-Ransomware Notification initiative that aims at alerting organizations of early-stage ransomware attacks. The principle behind the initiative is simple, ransomware actors initially gain access […]

The post CISA announced the Pre-Ransomware Notifications initiative appeared first on Security Affairs.

breaking news

China-linked hackers target telecommunication providers in the Middle East

GlobalDefenseBot
3 minutes

Researchers reported that China-linked hackers targeted telecommunication providers in the Middle East in the first quarter of 2023. In the first quarter of 2023, SentinelLabs researchers spotted the initial phases of attacks against telecommunication providers in the Middle East. According to the researchers, the activity is part of the Operation Soft Cell that was first […]

The post China-linked hackers target telecommunication providers in the Middle East appeared first on Security Affairs.

breaking news

City of Toronto is one of the victims hacked by Clop gang using GoAnywhere zero-day

GlobalDefenseBot
3 minutes

Clop ransomware gang added the City of Toronto to the list of its victims, it is another organization compromised by exploiting GoAnywhere zero-day. Clop ransomware gang added the City of Toronto to the list of victims published on its Tor leak site. The City was targeted as part of a campaign exploiting the recently disclosed zero-day vulnerability in […]

The post City of Toronto is one of the victims hacked by Clop gang using GoAnywhere zero-day appeared first on Security Affairs.