Tag: Reputation

Over 100 Siemens PLC Models Found Vulnerable to Firmware Takeover
Risk, Security

Over 100 Siemens PLC Models Found Vulnerable to Firmware Takeover

Multiple architectural flaws in Siemens SIMATIC and SIPLUS S7-1500 programmable logic controllers (PLCs) have been revealed by security researchers. These flaws could be used by a hostile actor to covertly instal firmware on the vulnerable devices and seize control of them. The vulnerabilities were identified by Red Balloon Security and are categorised as CVE-2022-38773 (CVSS score: 4.6), with the low severity resulting from the requirement that physical device tampering is required for exploitation. According to the business, the holes "may allow attackers to bypass all protected boot protections, resulting in persistent arbitrary change of operating code and data." There are more than 100 models that are weak. To put it another way, the flaws arise from the absence of asymmetri...
The Guardian Confirms UK Members Data Was Accessed in Ransomware Attack
Risk, Security

The Guardian Confirms UK Members Data Was Accessed in Ransomware Attack

The Guardian has revealed that during the ransomware attack that hit its systems on December 20, 2022, threat actors obtained the personal information of UK staff members. Anna Bateson, the chief executive of The Guardian Media Group, and Katharine Viner, the editor-in-chief of The Guardian, sent an email to staff members on Wednesday with the changes. The incident has been referred to by the executives as a "very sophisticated cyber-attack involving unauthorized third-party access to parts of our network," which was probably brought on by a successful phishing attempt. Additionally, they said that The Guardian was not the direct target of the attack. A ransomware assault invading a network via a simple phishing attempt is a tale as old as time, but we frequently hear events of t...
Australian Healthcare Sector Targeted in Latest Gootkit Malware Attacks
Business, Risk, Security

Australian Healthcare Sector Targeted in Latest Gootkit Malware Attacks

By using trustworthy tools like VLC Media Player, recent Gootkit malware loader attacks have targeted the Australian healthcare industry. For first access, Gootkit, also known as Gootloader, is known to use spamdexing and other SEO poisoning techniques. The way it usually operates is by subverting and abusing genuine infrastructure, then seeding those sites with popular terms. Similar to other malware of its ilk, Gootkit is capable of keylogging, adversary-in-the-browser (AitB) assaults, data theft from the browser, screenshotting, and other nefarious deeds. According to recent research from Trend Micro, the infection has spread beyond accounting and legal services providers, with the words read the complete article Australian Healthcare Sector Targeted in Latest Gootkit Malware ...
Twitter is considering selling usernames through online auctions, new report claims
News

Twitter is considering selling usernames through online auctions, new report claims

According to a recent The New York Times report, Twitter is exploring selling usernames as a strategy to increase money. Elon Musk, the owner of the social network, has been seeking for ways to increase the company's revenue since the study was released. According to the story, developers at the business have thought about holding online auctions where buyers can compete for usernames, also known as handles. Since at least December, there have been discussions about the prospective new funding source. It's uncertain whether the proposal will materialize, and if it does, whether it will have an impact on all users or just a subset of them. In a tweet from last month, Musk stated that dormant accounts would be erased and that Twitter would soon start releasing 1.5 billion usernames re...
Multiple Danish Banks Disrupted By DDoS Cyber Attack
Risk, Security

Multiple Danish Banks Disrupted By DDoS Cyber Attack

This week, distributed denial of service (DDoS) attacks that affected seven private banks, including Jyske Bank and Sydbank, as well as the central bank of Denmark, caused disruptions in their business operations. A central bank representative told Reuters that by Tuesday afternoon, the website was operating normally. According to reports, the attack, which also hit IT financial sector solutions provider Bankdata, had no effect on the bank's other systems or regular business activities. However, it had an effect on website access, which was briefly restricted on Tuesday as a result of the DDoS attack on Bank data. Another example of how the financial services sector is a top target for cybercriminals is the recent DDoS attack on Denmark's central bank and an IT partner read the c...
OpenAI begins piloting ChatGPT Professional, a premium version of its viral chatbot
News

OpenAI begins piloting ChatGPT Professional, a premium version of its viral chatbot

This week, OpenAI hinted that it might soon start charging for ChatGPT, a popular chatbot powered by AI that can create documents like essays, emails, poems, and even computer code. OpenAI stated that one of the ways it is "beginning to think about how to commercialize ChatGPT" is to "guarantee [the tool's] long-term viability" in a post on the company's official Discord channel. Evidently, ChatGPT Professional will be the name of the commercialized version of the software. In the Discord server, OpenAI provided a waitlist link that includes a series of questions about payment preferences, including one that asks, "At what price (per month) would you consider ChatGPT to be so expensive that you would not consider buying it?" The waitlist also lists the advantages of ChatGPT Professi...
Dark Pink APT Group Targets Governments and Military in APAC Region
Risk, Security

Dark Pink APT Group Targets Governments and Military in APAC Region

According to the most recent study, a previously unidentified advanced persistent threat (APT) actor is targeting government and military institutions in the Asia-Pacific area. In a report published with The Hacker News, Group-IB, based in Singapore, claimed to be monitoring the ongoing Dark Pink campaign and had linked seven successful attacks between June and December 2022 to the adversarial collective. In Cambodia, Indonesia, Malaysia, Philippines, Vietnam, and Bosnia and Herzegovina, the majority of attacks have targeted military institutions, government ministries, and agencies, as well as religious and nonprofit organizations. One unsuccessful intrusion against an unidentified European state development organization with a Vietnam office has also been reported read the com...
Freejacking Campaign By PurpleUrchin Bypasses Captchas
Risk, Security

Freejacking Campaign By PurpleUrchin Bypasses Captchas

The "Automated Libra" threat actors from South Africa have been honing their methods to take advantage of cloud platform resources for cryptocurrency mining. Palo Alto Networks Unit 42 claims that the threat actors have combined "freejacking" with the "Play and Run" technique, as well as a new Captcha-solving system, with a more aggressive usage of CPU resources for mining. Technically speaking, freejacking is the practise of leveraging free (or temporary) cloud resources to carry out cryptomining operations. While freejacking may initially appear to be a victimless crime, if these abusive patterns start to target for-profit businesses that depend on cloud infrastructure for operations, data storage, and other purposes, they could have serious downstream effects, according to Dig...
Kinsing Crypto Malware Hits Kubernetes Clusters via Misconfigured PostgreSQL
Risk, Security

Kinsing Crypto Malware Hits Kubernetes Clusters via Misconfigured PostgreSQL

In order to get early access to Kubernetes setups, the threat actors behind the Kinsing cryptojacking operation have been seen taking advantage of unprotected and improperly configured PostgreSQL servers. According to a paper published last week by Sunders Bruskin, a security researcher at Microsoft Defender for Cloud, a second initial access vector strategy involves the use of weak pictures. Kinsing has a long history of attacking containerized environments, frequently employing open Docker daemon API ports that have been misconfigured as well as making use of recently discovered exploits to install cryptocurrency mining software. The threat actor has already been identified by terminating and uninstalling competing for resource-intensive services and processes, as well as using...
Unregistered devices in hybrid work increase hacking risk in India
Risk, Security

Unregistered devices in hybrid work increase hacking risk in India

The usage of unregistered devices by employees has increased the hazards associated with hybrid work in India, according to a new report released on Monday. Hybrid work allows employees to work from any location while also guaranteeing business continuity for organizations. Over 90% (95%) of respondents in the country, according to a study by networking giant Cisco, claim that their employees log onto work platforms using unregistered devices. More than 8% of employers report that their staff uses these unauthorized gadgets for more than 10% of the workday. Disruption is occurring now more quickly than ever. In order to provide real-time visibility into dispersed applications, security, networks, users, and services, it asks for a re-evaluation of the cybersecurity architecture to e...