Stay informed with Security World Trend Now! Discover the latest security trends, technologies, and strategies to protect your data, networks, and digital identity. Get expert insights and practical advice for ensuring your online safety. Explore now!
Low-Level Motherboard Security Keys Leaked in MSI Breach, Claim Researchers By undefined | May 10, 2023 The recent data breach experienced by major motherboard manufacturer MSI has led to a leak of low-level motherboard security keys. According to researchers at vulnerability research company Binarly, the breach resulted in the theft of MSI source code, BIOS…
Iran‘s Charming Kitten advanced persistent threat (APT) group has been using a new malware strain dubbed BellaCiao to gain initial access and maintain a low profile on target systems in a highly targeted manner. According to researchers at Bitdefender, who discovered the malware during their investigation of activity related to other recent malware tools associated…
## FBI Disrupts a Sophisticated Russian Cyberespionage Operation The FBI has disrupted a well-known Russian cyberespionage operation as part of an international effort. The Federal Security Service (FSB) unit, Turla, was using a malware known as “Snake” (which dates back to 2004) to steal sensitive documents from hundreds of computer systems in at least 50…
Chinese Cyber Espionage Group UNC3886’s Stealthy Attack on Fortinet Firewalls A stealthy and sophisticated cyber-espionage attack on a defense industry organization in 2022 has been attributed to Chinese hacking group UNC3886, according to Mandiant CEO, Kevin Mandia. The attackers managed to gain administrator privileges in the Fortinet FortiGate firewalls and set up a virtual API…
The Growing Threat of Malicious Package Attacks: Tactics and Impact on Cybersecurity Introduction Malicious package attacks are not a new threat; however, their proliferation is on the rise. In a recent report, Mend identified a 315% increase in malicious packages published to popular open source libraries from 2021 to 2022, and it expects this trend…
IRS provides assistance to Ukraine for tracking Russian oligarchs’ hidden assets in crypto exchanges The Internal Revenue Service Criminal Investigative Division (IRS-CI) of the United States has donated 15 licenses of the Chainalysis Reactor platform to a team of Ukrainian investigators this week, as part of a larger effort to unravel the financial networks that…
An Israel-Based Threat Group Carries Out Sophisticated Business Email Compromise Campaigns A new report from Abnormal Security, a US-based cybersecurity firm, highlights the growing prevalence, geographic expansion, and sophistication of Business Email Compromise (BEC) attacks, with an Israel-based group found to be targeting primarily large and multinational enterprises. The group has conducted over 350 BEC…
India’s SideWinder advanced persistent threat group (APT) has expanded its target range beyond Southeast Asia to include Pakistani government officials and individuals in Turkey, according to researchers at BlackBerry Threat Research and Intelligence team. The group uses polymorphism techniques to bypass traditional signature-based antivirus detection to deliver a next-stage payload. The attacks use content-targeted documents…
Advanced Persistent Threat Group TA423 Uses Watering Hole Attacks to Plant ScanBox Keylogger The Threat China-based advanced persistent threat group TA423, also known as Red Ladon, has been identified as the perpetrator of a watering hole attack using the ScanBox JavaScript-based reconnaissance framework. The group targeted domestic Australian organizations and offshore energy firms in the…
Vulnerable Software Supply Chains Remain a Multi-billion Dollar Problem for Businesses Globally A new study from Juniper Research, a leading expert in the cybersecurity market, has highlighted the need for businesses to prioritize secure software supply chain procedures to avoid cyberattacks. According to the report, the total cost of software supply chain attacks to businesses…