The Russian hacking group tracked as APT29 (aka “Midnight Blizzard”) is using a network of 193 remote desktop protocol proxy servers to perform man-in-the-middle (MiTM) attacks to steal data and credentials and to install malicious payloads. […]
US considers banning TP-Link routers over cybersecurity risks
The U.S. government is considering banning TP-Link routers starting next year if ongoing investigations find that their use in cyberattacks poses a national security risk. […]
HubSpot phishing targets 20,000 Microsoft Azure accounts
A phishing campaign targeting automotive, chemical, and industrial manufacturing companies in Germany and the UK is abusing HubSpot to steal Microsoft Azure account credentials. […]
CISA urges switch to Signal-like encrypted messaging apps after telecom hacks
Today, CISA urged senior government and political officials to switch to end-to-end encrypted messaging apps like Signal following a wave of telecom breaches across dozens of countries, including eight carriers in the United States. […]
Malicious Microsoft VSCode extensions target devs, crypto community
Malicious Visual Studio Code extensions were discovered on the VSCode marketplace that download heavily obfuscated PowerShell payloads to target developers and cryptocurrency projects in supply chain attacks. […]
Recorded Future CEO applauds “undesirable” designation by Russia
Recorded Future, an American threat intelligence company, has become the first cybersecurity firm designated by the Russian government as an “undesirable” organization. […]
Bureau Raises $30M to Tackle Deepfakes, Payment Fraud
San Francisco startup scores a Series B round to thwart money mule accounts, deep-fake identities, account takeovers and payment fraud.
The post Bureau Raises $30M to Tackle Deepfakes, Payment Fraud appeared first on SecurityWeek.
Interpol replaces dehumanizing “Pig Butchering” term with “Romance Baiting”
Interpol calls on the cybersecurity community, law enforcement, and the media to stop using the term “Pig Butchering” when referring to online relationship and investment scams, as it unnecessarily shames the victims impacted by these fraud campaigns. […]
Recorded Future Tagged as ‘Undesirable’ in Russia
The Russian government accuses the Mastercard-owned firm of participating in the collection and analysis of data on the actions of the Russia’s armed forces.
The post Recorded Future Tagged as ‘Undesirable’ in Russia appeared first on SecurityWeek.
HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential Theft
Cybersecurity researchers have disclosed a new phishing campaign that has targeted European companies with an aim to harvest account credentials and take control of the victims’ Microsoft Azure cloud infrastructure.
The campaign has been codenamed HubPhish by Palo Alto Networks Unit 42 owing to the abuse of HubSpot tools in the attack chain. Targets include at least 20,000 automotive, chemical,
The campaign has been codenamed HubPhish by Palo Alto Networks Unit 42 owing to the abuse of HubSpot tools in the attack chain. Targets include at least 20,000 automotive, chemical,