Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks

/in

A nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks targeting Russian businesses and government agencies with ransomware with the twin goals of disrupting business operations and financial gain.
“The group under review has a toolkit that includes utilities such as Mimikatz, XenAllPasswordPro, PingCastle, Localtonet, resocks, AnyDesk, PsExec, and others,”

The Hacker News – ​Read More

The Disinformation Warning Coming From the Edge of Europe

/in

Moldova is facing a tide of disinformation unprecedented in complexity and aggression, the head of a new center meant to combat it tells WIRED. And platforms like Facebook, TikTok, Telegram and YouTube could do more.

Security Latest – ​Read More

Southeast Asia reiterates pledge to collaborate amid growing cyber threats in AI era

/in

ASEAN member states now have a physical CERT facility located in Singapore to exchange threat intel and best practices.

Latest stories for ZDNET in Security – ​Read More

MacOS Safari ‘HM Surf’ Exploit Exposes Camera, Mic, Browser Data

/in

Microsoft researchers toyed with app permissions to uncover CVE-2024-44133, using it to access sensitive user data. Adware merchants may have as well.

darkreading – ​Read More

Time to Get Strict With DMARC

/in

Adoption of the email authentication and policy specification remains low, and only about a tenth of DMARC-enabled domains enforce policies. Everyone is waiting for major email providers to get strict.

darkreading – ​Read More

CISOs: Throwing Cash at Tools Isn’t Helping Detect Breaches

/in

A survey shows three-quarters of CISOs are drowning in threat detections put out by a sprawling stack of tools, yet still lack the basic visibility necessary to identify breaches.

darkreading – ​Read More

ESET-Branded Wiper Attack Targets Israel; Firm Denies Compromise

/in

The security firm is denying an assessment that its systems were compromised in Israel by pro-Palestinian cyberattackers, but acknowledged an attack on one of its partners.

darkreading – ​Read More

Vulnerabilities, AI Compete for Software Developers’ Attention

/in

This year, the majority of developers have adopted AI assistants to help with coding and improve code output, but most are also creating more vulnerabilities that take longer to remediate.

darkreading – ​Read More

Iranian Hackers Target Microsoft 365, Citrix Systems with MFA Push Bombing

/in

Iranian hackers are targeting critical infrastructure organizations with brute force tactics. This article explores their techniques, including MFA…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Are your Venmo transactions still public? Here’s why – and how – to change that ASAP

/in

You’re probably revealing more information than you realize when you use Venmo.

Latest stories for ZDNET in Security – ​Read More