The U.S. Department of the Treasury sanctioned cyber actor Song Kum Hyok for his association with North Korea’s hacking group Andariel and for facilitating IT worker schemes that generated revenue for the Pyongyang regime. […]
The MFA You Trust Is Lying to You – and Here’s How Attackers Exploit It
MFA Authenticator apps aren’t cutting it anymore. Attackers are bypassing legacy MFA with fake sites and real-time phishing. Token Ring and BioStick stop them cold—with fingerprint-bound hardware. Learn more from Token. […]
DoNot APT Expands Operations, Targets European Foreign Ministries with LoptikMod Malware
A threat actor with suspected ties to India has been observed targeting a European foreign affairs ministry with malware capable of harvesting sensitive data from compromised hosts.
The activity has been attributed by Trellix Advanced Research Center to an advanced persistent threat (APT) group called DoNot Team, which is also known as APT-C-35, Mint Tempest, Origami Elephant, SECTOR02, and
The activity has been attributed by Trellix Advanced Research Center to an advanced persistent threat (APT) group called DoNot Team, which is also known as APT-C-35, Mint Tempest, Origami Elephant, SECTOR02, and
Nippon Steel Subsidiary Blames Data Breach on Zero-Day Attack
Nippon Steel Solutions has disclosed a data breach that resulted from the exploitation of a zero-day in network equipment.
The post Nippon Steel Subsidiary Blames Data Breach on Zero-Day Attack appeared first on SecurityWeek.
New ServiceNow flaw lets attackers enumerate restricted data
A new vulnerability in ServiceNow, dubbed Count(er) Strike, allows low-privileged users to extract sensitive data from tables to which they should not have access. […]
Samsung Announces Security Improvements for Galaxy Smartphones
New Samsung Galaxy features include protections for on-device AI, expanded cross-device threat detection, and quantum-resistant encryption for network security.
The post Samsung Announces Security Improvements for Galaxy Smartphones appeared first on SecurityWeek.
U.S. Sanctions North Korean Andariel Hacker Behind Fraudulent IT Worker Scheme
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Tuesday sanctioned a member of a North Korean hacking group called Andariel for their role in the infamous remote information technology (IT) worker scheme.
The Treasury said Song Kum Hyok, a 38-year-old North Korean national with an address in the Chinese province of Jilin, enabled the fraudulent operation by using
The Treasury said Song Kum Hyok, a 38-year-old North Korean national with an address in the Chinese province of Jilin, enabled the fraudulent operation by using
How To Automate Ticket Creation, Device Identification and Threat Triage With Tines
Run by the team at workflow orchestration and AI platform Tines, the Tines library features over 1,000 pre-built workflows shared by security practitioners from across the community – all free to import and deploy through the platform’s Community Edition.
A recent standout is a workflow that handles malware alerts with CrowdStrike, Oomnitza, GitHub, and PagerDuty. Developed by Lucas Cantor at
A recent standout is a workflow that handles malware alerts with CrowdStrike, Oomnitza, GitHub, and PagerDuty. Developed by Lucas Cantor at
Unpatched Ruckus Vulnerabilities Allow Wireless Environment Hacking
Multiple vulnerabilities in Ruckus Wireless management products could be exploited to fully compromise the managed environments.
The post Unpatched Ruckus Vulnerabilities Allow Wireless Environment Hacking appeared first on SecurityWeek.
Canadian Electric Utility Says Power Meters Disrupted by Cyberattack
Nova Scotia Power is notifying individuals affected by the recent data breach, including in the United States.
The post Canadian Electric Utility Says Power Meters Disrupted by Cyberattack appeared first on SecurityWeek.