China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access

/in

The China-lined threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange servers in January 2021 has shifted its tactics to target the information technology (IT) supply chain as a means to obtain initial access to corporate networks.
That’s according to new findings from the Microsoft Threat Intelligence team, which said the Silk Typhoon (formerly Hafnium) hacking

The Hacker News – ​Read More

China Hackers Behind US Treasury Breach Caught Targeting IT Supply Chain

/in

Silk Typhoon APT caught using IT supply chain entry points to conduct reconnaissance, siphon data, and move laterally on victim networks.

The post China Hackers Behind US Treasury Breach Caught Targeting IT Supply Chain appeared first on SecurityWeek.

SecurityWeek – ​Read More

Broadcom urges VMware customers to patch ‘emergency’ zero-day bugs under active exploitation

/in

Security experts warn of ‘huge impact’ of actively exploited hypervisor flaws that allow sandbox escape

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

Defending against USB drive attacks with Wazuh

/in

USB drive attacks constitute a significant cybersecurity risk, taking advantage of the everyday use of USB devices to deliver malware and circumvent traditional network security measures. These attacks lead to data breaches, financial losses, and operational disruptions, with lasting impacts on an organization’s reputation. An example is the Stuxnet worm discovered in 2010, a malware designed to

The Hacker News – ​Read More

Alli AI Announces Upcoming Public Launch of AI-Powered Content Creation Platform

/in

London, United Kingdom, 5th March 2025, CyberNewsWire

Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – ​Read More

CIA director says US has paused sharing intelligence with Ukraine

/in

The confirmation of the pause on intelligence sharing follows a heated exchange between the U.S. and Ukrainian presidents

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

Iranian Hackers Target UAE Firms With Polyglot Files

/in

An Iranian threat actor was seen targeting UAE organizations with polyglot files to deliver a new backdoor named Sosano.

The post Iranian Hackers Target UAE Firms With Polyglot Files appeared first on SecurityWeek.

SecurityWeek – ​Read More

Black Basta Pivots to Cactus Ransomware Group

/in

The future of the formerly fearsome cybercriminal group remains uncertain as key members have moved to a new affiliation, in fresh attacks that use novel persistence malware BackConnect.

darkreading – ​Read More

North Korean Fake IT Workers Pose as Blockchain Developers on GitHub

/in

North Korean fake IT workers are creating personas on GitHub to land blockchain developer jobs at US and Japanese firms.

The post North Korean Fake IT Workers Pose as Blockchain Developers on GitHub appeared first on SecurityWeek.

SecurityWeek – ​Read More

Two Venezuelans Arrested in US for ATM Jackpotting

/in

Several Venezuelans have been arrested and charged in the US in recent months for their role in ATM jackpotting schemes.

The post Two Venezuelans Arrested in US for ATM Jackpotting appeared first on SecurityWeek.

SecurityWeek – ​Read More