Month: November 2021

 Securing the Supply Chain by Working With Ethical Hackers

At HackerOne’s recent Security@ global cybersecurity conference, three HackerOne experts—CTO and Co-founder Alex Rice, Senior Security Technologist Kayla Underkoffler, and Security Engineer Chris Dickens—presented practical approaches to how the industry can work together to address vulnerabilities with the help of...

/ November 30, 2021

Panasonic Begins Investigation Following A Recent Data Breach

Posted on November 30, 2021 at 5:47 PM Japanese multinational conglomerate Panasonic has confirmed a data breach after an unauthorized third party had access to its network. The electronics giant, in a press release, stated that an investigation into the hacking incident...

/ November 30, 2021

Unpatched Microsoft Exchange Servers abused in new phishing campaign

phishing emails to unsuspected customers. This is yet another campaign in which unpatched Exchange Servers are being abused for malicious purposes. In August 2021, attackers were found targeting unpatched Exchange servers with ProxyShell attack – In September 2021, Conti ransomware...

/ November 30, 2021

New Hub for Lean IT Security Teams

One of the harsh realities of cybersecurity today is that malicious actors and attackers don’t distinguish between organizations that have seemingly endless resources and those operating with lean IT security teams. For these lean teams, meeting the challenges in the...

/ November 30, 2021

APT annual review 2021

In the Global Research and Analysis Team at Kaspersky, we track the ongoing activities of more than 900 advanced threat actors and activity clusters; you can find our quarterly overviews here, here and here. For this annual review, we have...

/ November 30, 2021

North Korean Hackers Group Posed as Samsung Recruiters To Target Security Firms

At South Korean security companies that sell anti-malware software and security solutions, the North Korean state-sponsored hackers group recently posed as Samsung recruiters to target their employees with fake job offers. It is being reported that this state-sponsored North Korean...

/ November 29, 2021

How To Secure Your Broadband?

Having an internet connection is very crucial whether you are using your desktop, phone, or smart TV. But if you are planning on availing of internet connectivity at a fixed address, then a broadband connection can serve as your best...

/ November 29, 2021

Remote access tools abused to spread malware and steal cryptocurrency

TeamViewer. Safib assistant also abused in the scam According to a report from Trend Micro, the campaign involves abusing a legitimate Russian RAT called Safib Assistant through a new variant of SpyAgent malware. The scammers exploit a DLL sideloading vulnerability that...

/ November 29, 2021

4 Android Banking Trojan Campaigns Targeted Over 300,000 Devices in 2021

Four different Android banking trojans were spread via the official Google Play Store between August and November 2021, resulting in more than 300,000 infections through various dropper apps that posed as seemingly harmless utility apps to take full control of...

/ November 29, 2021

Telecom operators can now block spam SMS messages under proposed legislation amendment

Posted on November 29, 2021 at 3:36 PM The Australian federal government is planning to amend legislation that will allow telecom operators to block spam messages. According to the Minister for Home Affairs, Karen Andrews, the new amendment protects Australians...

/ November 29, 2021

ScarCruft surveilling North Korean defectors and human rights activists

The ScarCruft group (also known as APT37 or Temp.Reaper) is a nation-state sponsored APT actor we first reported in 2016. ScarCruft is known to target North Korean defectors, journalists who cover North Korea-related news and government organizations related to the...

/ November 29, 2021

WIRTE’s campaign in the Middle East ‘living off the land’ since at least 2019

Overview This February, during our hunting efforts for threat actors using VBS/VBA implants, we came across MS Excel droppers that use hidden spreadsheets and VBA macros to drop their first stage implant. The implant itself is a VBS script with...

/ November 29, 2021