Kubernetes RBAC Exploited in Large-Scale Campaign for Cryptocurrency Mining
By:
Apr 21, 2023Ravie LakshmananKubernetes / Cryptocurrency
A large-scale attack campaign discovered in the wild has been exploiting Kubernetes (K8s) Role-Based Access Control (RBAC) to create backdoors and run cryptocurrency...
Iranian Government-Backed Hackers Targeting U.S. Energy and Transit Systems
By:
Apr 19, 2023Ravie LakshmananCyber Threat / SCADA
An Iranian government-backed actor known as Mint Sandstorm has been linked to attacks aimed at critical infrastructure in the U.S. between late...
U.S. and U.K. Warn of Russian Hackers Exploiting Cisco Router Flaws for Espionage
By:
Apr 19, 2023Ravie LakshmananNetwork Security / Cyber Espionage
U.K. and U.S. cybersecurity and intelligence agencies have warned of Russian nation-state actors exploiting now-patched flaws in networking equipment from Cisco...
Pakistani Hackers Use Linux Malware Poseidon to Target Indian Government Agencies
By:
Apr 19, 2023Ravie LakshmananLinux / Malware
The Pakistan-based advanced persistent threat (APT) actor known as Transparent Tribe used a two-factor authentication (2FA) tool used by Indian government agencies as...
Google Uncovers APT41’s Use of Open Source GC2 Tool to Target Media and Job...
By:
Apr 17, 2023Ravie LakshmananCyber Threat / Cloud Security
A Chinese nation-state group targeted an unnamed Taiwanese media organization to deliver an open source red teaming tool known as Google...
New QBot Banking Trojan Campaign Hijacks Business Emails to Spread Malware
By:
Apr 17, 2023Ravie LakshmananFinancial Security / Malware
A new QBot malware campaign is leveraging hijacked business correspondence to trick unsuspecting victims into installing the malware, new findings from Kaspersky...
Kodi Confirms Data Breach: 400K User Records and Private Messages Stolen
By:
Apr 14, 2023Ravie LakshmananData Breach / Cyber Security
Open source media player software provider Kodi has confirmed a data breach after threat actors stole the company's MyBB forum database...
Severe Android and Novi Survey Vulnerabilities Under Active Exploitation
By:
Apr 14, 2023Ravie LakshmananMobile Security / Cyber Threat
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, based on...
Lazarus Hacker Group Evolves Tactics, Tools, and Targets in DeathNote Campaign
By:
Apr 13, 2023Ravie LakshmananCyber Attack / Cyber Threat
The North Korean threat actor known as the Lazarus Group has been observed shifting its focus and rapidly evolving its tools...
RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware
By:
Apr 13, 2023Ravie LakshmananRansomware / Cyber Attack
Cybersecurity researchers have detailed the tactics of a "rising" cybercriminal gang called "Read The Manual" (RTM) Locker that functions as a private...
