Eskenzi PR ad banner Eskenzi PR ad banner

Cyber Bites

Laptop screen displaying code

Cybereason Nocturnos has published a new report disclosing the discovery of three cyberespionage campaigns that have been targeting major telecommunications companies. The attackers are suspected to be working for "Chinese state interests" and have been tied to the name "DeadRinger". The campaign have been ongoing in Southeast Asia, and have been specifically focused on telcos, similarly to the recent cases of SolarWinds and Kaseya. Cybereason has found overlaps within the tactics and techniques used by...

Read more
aerobics

Proofpoint has uncovered a scheme by a group of Iranian hackers posing as a flirty aerobics instructor to target employees of American defence contractors. The hackers created a fake persona named Marcella Flores to try to dupe employees and compromise their computers, according to Proofpoint researchers. The group, also known as TA456 or Tortoiseshell, has sought out smaller subsidiaries and contractors in an effort to use them as a launching pad to compromise larger defense...

Read more
patch

Recent Trend Micro research points to a big problem when it comes to keeping up with patching in legacy IT equipment. It found that nearly a quarter (22%) of exploits sold on cybercriminal underground are more than three years old, indicating the scale of threat from unpatched legacy vulnerabilities. Trend Micro has thus urged organisations to focus patching efforts on the vulnerabilities that pose the greatest risk to their organisation, even if they are years old....

Read more
sign

US President Biden has signed a national security directive aimed at boosting defences against ransomware attacks and the hacking of critical infrastructure, such as energy, food, water and power systems.   Crucially, the directive sets performance standards for technology and systems used by private companies in these sectors — although it can't force those companies to comply. The memorandum follows a series of high-profile attacks on Colonial Pipeline and the United States' biggest meat supplier....

Read more
IBM Logo

IBM research indicates that the cost of an enterprise data breach reached a record high during the COVID-19 pandemic. IBM has estimated in its new "Cost of a Data Breach" report that the average data breach now runs upward of $4 million. In fact, in 2021, a typical data breach experienced by companies now costs $4.24 million per incident, with expenses incurred now 10% higher than in 2020 when 1,000 - 100,000 records are involved....

Read more
Praying Mantis hacker group strikes IIS web servers

An APT group dubbed Praying Mantis or TG1021, by researchers from incident response firm Sygnia, has hit IIS web servers with deserialization flaws and memory-resident malware. It says Praying Mantis group is likely a nation-state threat actor using custom malware that is especially good at avoiding detection to compromise major public and private organisations over the past year. It exploits deserialization flaws in public-facing ASP.NET applications to deploy evasive fileless malware. This custom malware toolset...

Read more
race car

PwC is being sued by a racing car dealer for failing to spot alleged fraud. The UK accounting firm giant has been sued by the administrators of JD Classics, a racing car dealership, for allegedly failing to to spot fraud resulting in losses of over £41m. PwC was accused by administrators from Alvarez & Marsal of "being negligent in their handling of accounts between 2016 and 2017" according to the Financial Times. The administrators also said...

Read more
covid passport

The CEO of Egress has warned that COVID passport phishing emails are circulating - and directed users to fake NHS websites. The NHS COVID passes allow people to show their coronavirus vaccination details or COVID test results, and are considered an official COVID-19 status. These passes may be requested if a person is travelling abroad or attending an event but, unfortunately, they have now been targeted by scammers. As the economy reopens, these passes may...

Read more
South Korean regulator fines TikTok for mishandling child data

TikTok has announced it it opening a new cybersecurity centre to fight ‘next-generation security threats’ in Ireland. The social media giant said Dublin will be the first location of what it calls 'regional fusion centres' around the world, to help the company respond to security incidents in real time, 24 hours a day. ‘When people use TikTok, we know they’re entrusting us with their data, and we take our duty to protect that data very...

Read more
discord

In a new campaign, cybercriminals are using Discord to target gamers and steal their credentials and financial info. The bad actors have abused Discord to host, spread, and control malware aimed at the users of this chat service, according to new research from Sophos.   Since last year, Discord has increased in popularity with 140 times more URLs hosting malware were blocked in the past two months, compared with the same period in 2020. The...

Read more
Page 50 of 262 1 49 50 51 262