Defending your organization’s security is like fortifying a castle—you need to understand where attackers will strike and how they’ll try to breach your walls. And hackers are always searching for weaknesses, whether it’s a lax password policy or a forgotten backdoor. To build a stronger defense, you must think like a hacker and anticipate their moves. Read on to learn more about hackers’
CISA Kicks Off Critical Infrastructure Security and Resilience Month 2024
Canada Orders TikTok’s Canadian Business to Be Dissolved but Won’t Block App
Canada won’t block access to TikTok but is ordering the dissolution of its Canadian business after a national security review.
The post Canada Orders TikTok’s Canadian Business to Be Dissolved but Won’t Block App appeared first on SecurityWeek.
Cyberattack on Microlise Disables Tracking in Prison Vans, Courier Vehicles
Vehicle tracking services for Serco, DHL, and other fleets were disrupted after Microlise fell victim to a cyberattack.
The post Cyberattack on Microlise Disables Tracking in Prison Vans, Courier Vehicles appeared first on SecurityWeek.
5 Most Common Malware Techniques in 2024
Tactics, techniques, and procedures (TTPs) form the foundation of modern defense strategies. Unlike indicators of compromise (IOCs), TTPs are more stable, making them a reliable way to identify specific cyber threats. Here are some of the most commonly used techniques, according to ANY.RUN’s Q3 2024 report on malware trends, complete with real-world examples.
Disabling of Windows Event Logging
Disabling of Windows Event Logging
SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims
An ongoing phishing campaign is employing copyright infringement-related themes to trick victims into downloading a newer version of the Rhadamanthys information stealer since July 2024.
Cybersecurity firm Check Point is tracking the large-scale campaign under the name CopyRh(ight)adamantys. Targeted regions include the United States, Europe, East Asia, and South America.
“The campaign
Cybersecurity firm Check Point is tracking the large-scale campaign under the name CopyRh(ight)adamantys. Targeted regions include the United States, Europe, East Asia, and South America.
“The campaign
Android Banking Trojan ToxicPanda Targets Europe
ToxicPanda is a China-linked Android banking trojan spotted targeting over a dozen banks in Europe and Latin America.
The post Android Banking Trojan ToxicPanda Targets Europe appeared first on SecurityWeek.
Malicious PyPI Package ‘Fabrice’ Found Stealing AWS Keys from Thousands of Developers
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads for over three years while stealthily exfiltrating developers’ Amazon Web Services (AWS) credentials.
The package in question is “fabrice,” which typosquats a popular Python library known as “fabric,” which is designed to execute shell commands remotely over
The package in question is “fabrice,” which typosquats a popular Python library known as “fabric,” which is designed to execute shell commands remotely over
Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems
Cisco has released security updates to address a maximum severity security flaw impacting Ultra-Reliable Wireless Backhaul (URWB) Access Points that could permit unauthenticated, remote attackers to run commands with elevated privileges.
Tracked as CVE-2024-20418 (CVS score: 10.0), the vulnerability has been described as stemming from a lack of input validation to the web-based management
Tracked as CVE-2024-20418 (CVS score: 10.0), the vulnerability has been described as stemming from a lack of input validation to the web-based management
Canada Orders TikTok to Shut Down Canadian Operations Over Security Concerns
The Canadian government on Wednesday ordered ByteDance-owned TikTok to dissolve its operations in the country, citing national security risks, but stopped short of instituting a ban on the popular video-sharing platform.
“The decision was based on the information and evidence collected over the course of the review and on the advice of Canada’s security and intelligence community and other
“The decision was based on the information and evidence collected over the course of the review and on the advice of Canada’s security and intelligence community and other