Security Affairs

CISA orders federal agencies to patch CVE-2022-26925 by July 22

The flaw is a Windows LSA Spoofing vulnerability actively exploited in the wild. The vulnerability can be exploited by an unauthenticated attacker to force a domain controller to authenticate against another server using NTLM.

Korean cybersecurity agency released a free decryptor for Hive ransomware

The Hive ransomware operation has been active since June 2021, it provides Ransomware-as-a-Service Hive and adopts a double-extortion model threatening to publish data stolen from the victims on their leak site (HiveLeaks).

An Analysis of the Non-State Actors in the Cyberspace

The number of cyberattacks continues to increase as well as their level of sophistication. For this reason, the behavior of each actor in the cyber arena is becoming a national security concern for every government.

Threat Actors Stole $100M in Crypto Assets From Harmony

Harmony pointed out that the consensus layer of the Harmony blockchain remains secure. No steps have currently been taken by the hacker to anonymize ownership of these assets.

Lithuanian Government Under Cyber Assault After the Ban on Russian Railway Goods

Today, the group has announced multiple targets for coordinated DDoS attacks – the resources to be attacked are distributed between so-called “units” who are based on members and volunteers who joined previous and current campaigns.

Update: Russian APT28 hacker accused of the NATO think tank hack in Germany

The Attorney General has issued an arrest warrant for the Russian hacker Nikolaj Kozachek who is accused to have carried out a cyber-espionage attack against the NATO think tank Joint Air Power Competence Center in Germany.

Cybercriminals Use Azure Front Door in Phishing Attacks

One of the typical phishing page scenarios observed in a recent campaign – a fake billing notification sent on behalf of SendGrid, a Colorado-based customer communication platform for transactional and marketing email.

Researchers Use WiFi Connection Probe Requests to Track Users

A group of academics at the University of Hamburg (Germany) demonstrated that it is possible to use WiFi connection probe requests to identify and track devices and thereby their users.

Black Basta ransomware now supports encrypting VMware ESXi servers

The move aims at expanding potential targets, the support for VMware ESXi was already implemented by many ransomware families, including LockBit, HelloKitty, BlackMatter, and REvil.

Hackers Stole Over $250,000 in Ethereum from Bored Ape Yacht Club NFT Holders

The hacker conducted a phishing attack, they set up a phishing site that impersonated the official BAYC site claiming that BAYC, MAYC, and OthersideMeta holders were able to claim a free NFT for a short period of time.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags