The Cloak ransomware group has claimed responsibility for a February cyberattack on Virginia Attorney General’s Office.
The post Ransomware Group Claims Attack on Virginia Attorney General’s Office appeared first on SecurityWeek.
UAT-5918 Targets Taiwan’s Critical Infrastructure Using Web Shells and Open-Source Tools
Threat hunters have uncovered a new threat actor named UAT-5918 that has been attacking critical infrastructure entities in Taiwan since at least 2023.
“UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to conduct post-compromise activities to establish persistence in victim
“UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to conduct post-compromise activities to establish persistence in victim
Steam pulls game demo infecting Windows with info-stealing malware
Valve has removed a game titled ‘Sniper: Phantom’s Resolution’ from the Steam store following multiple user reports that indicated its demo installer actually infected their systems with information stealing malware. […]
Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates
The threat actors behind the Medusa ransomware-as-a-service (RaaS) operation have been observed using a malicious driver dubbed ABYSSWORKER as part of a bring your own vulnerable driver (BYOVD) attack designed to disable anti-malware tools.
Elastic Security Labs said it observed a Medusa ransomware attack that delivered the encryptor by means of a loader packed using a packer-as-a-service (PaaS
Elastic Security Labs said it observed a Medusa ransomware attack that delivered the encryptor by means of a loader packed using a packer-as-a-service (PaaS
Watch on Demand: Supply Chain & Third-Party Risk Security Summit
Join the virtual event as we explore of the critical nature of software and vendor supply chain security issues.
The post Watch on Demand: Supply Chain & Third-Party Risk Security Summit appeared first on SecurityWeek.
New Jailbreak Technique Uses Fictional World to Manipulate AI
Cato Networks discovers a new LLM jailbreak technique that relies on creating a fictional world to bypass a model’s security controls.
The post New Jailbreak Technique Uses Fictional World to Manipulate AI appeared first on SecurityWeek.
Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley
The FishMonger APT group, a subdivision of Chinese cybersecurity firm I-Soon, compromised seven organizations in a 2022 campaign.
The post Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley appeared first on SecurityWeek.
Industry Reactions to Google Buying Wiz: Feedback Friday
Industry professionals comment on Google acquiring cloud security giant Wiz for $32 billion in cash.
The post Industry Reactions to Google Buying Wiz: Feedback Friday appeared first on SecurityWeek.
China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families
The China-linked advanced persistent threat (APT) group. known as Aquatic Panda has been linked to a “global espionage campaign” that took place in 2022 targeting seven organizations.
These entities include governments, catholic charities, non-governmental organizations (NGOs), and think tanks across Taiwan, Hungary, Turkey, Thailand, France, and the United States. The activity, which took place
These entities include governments, catholic charities, non-governmental organizations (NGOs), and think tanks across Taiwan, Hungary, Turkey, Thailand, France, and the United States. The activity, which took place
10 Critical Network Pentest Findings IT Teams Overlook
After conducting over 10,000 automated internal network penetration tests last year, vPenTest has uncovered a troubling reality that many businesses still have critical security gaps that attackers can easily exploit.
Organizations often assume that firewalls, endpoint protection, and SIEMs are enough to keep them secure. But how effective are these defenses when put to the test? That’s where
Organizations often assume that firewalls, endpoint protection, and SIEMs are enough to keep them secure. But how effective are these defenses when put to the test? That’s where