Franklin Ifeanyichukwu Okwonna and Ebuka Raphael Umeti were sentenced to prison in the US for business email compromise (BEC) fraud.
The post Two Nigerians Sentenced to Prison in US for BEC Fraud appeared first on SecurityWeek.
SecurityWeek – Read More
It’s been a decade since the National Institute of Standards and Technology (NIST) introduced its Cybersecurity Framework (CSF) 1.0. Created following a 2013 Executive Order, NIST was tasked with designing a voluntary cybersecurity framework that would help organizations manage cyber risk, providing guidance based on established standards and best practices. While this version was originally
The Hacker News – Read More
Two DrayTek vulnerabilities added by CISA to its KEV catalog have been exploited by multiple threat groups to steal data from organizations worldwide.
The post DrayTek Vulnerabilities Added to CISA KEV Catalog Exploited in Global Campaign appeared first on SecurityWeek.
SecurityWeek – Read More
Malicious actors potentially utilized the MacroPack red-teaming framework to distribute harmful payloads like Brute Ratel and Havoc tools, as well as a new version of the PhantomCore remote access trojan.
Cyware News – Latest Cyber News – Read More
Threat actors are likely employing a tool designated for red teaming exercises to serve malware, according to new findings from Cisco Talos.
The program in question is a payload generation framework called MacroPack, which is used to generate Office documents, Visual Basic scripts, Windows shortcuts, and other formats for penetration testing and social engineering assessments. It was developed
The Hacker News – Read More
The US has cracked down on an influence operation sponsored by the Russian government, announcing charges, sanctions and domain seizures.
The post US Targets Russian Election Influence Operation With Charges, Sanctions, Domain Seizures appeared first on SecurityWeek.
SecurityWeek – Read More
The FBI issued a warning about aggressive social engineering attacks by North Korean hacking groups targeting cryptocurrency firms. The attacks involve deploying malware to steal crypto assets through highly targeted tactics that are hard to detect.
Cyware News – Latest Cyber News – Read More
The Chinese-speaking threat actor known as Earth Lusca has been observed using a new backdoor dubbed KTLVdoor as part of a cyber attack targeting an unnamed trading company based in China.
The previously unreported malware is written in Golang, and thus is a cross-platform weapon capable of targeting both Microsoft Windows and Linux systems.
“KTLVdoor is a highly obfuscated malware that
The Hacker News – Read More
Cisco has released security updates for two critical security flaws impacting its Smart Licensing Utility that could allow unauthenticated, remote attackers to elevate their privileges or access sensitive information.
A brief description of the two vulnerabilities is below –
CVE-2024-20439 (CVSS score: 9.8) – The presence of an undocumented static user credential for an administrative account
The Hacker News – Read More
For three years now, more than a thousand social media accounts have been reposting the same pro-India, anti-Pakistan content on Facebook and X.
darkreading – Read More