Researchers have disclosed details of three new security vulnerabilities affecting operational technology (OT) products from CODESYS and Festo that could lead to source code tampering and denial-of-service (DoS). The vulnerabilities, reported by Forescout Vedere Labs, are the latest in a long list of flaws collectively tracked under the name OT:ICEFALL. "These issues exemplify … [Read more...] about 3 New Vulnerabilities Affect OT Products from German Festo and CODESYS Companies
Companies
Worok Hackers Target High-Profile Asian Companies and Governments
High-profile companies and local governments located primarily in Asia are the subjects of targeted attacks by a previously undocumented espionage group dubbed Worok that has been active since late 2020. "Worok's toolset includes a C++ loader CLRLoad, a PowerShell backdoor PowHeartBeat, and a C# loader PNGLoad that uses steganography to extract hidden malicious payloads from … [Read more...] about Worok Hackers Target High-Profile Asian Companies and Governments
Callback Phishing Campaigns Impersonate CrowdStrike, Other Cybersecurity Companies
Today CrowdStrike sent the following Tech Alert to our customers: On July 8, 2022, CrowdStrike Intelligence identified a callback phishing campaign impersonating prominent cybersecurity companies, including CrowdStrike. The phishing email implies the recipient’s company has been breached and insists the victim call the included phone number. This campaign leverages similar … [Read more...] about Callback Phishing Campaigns Impersonate CrowdStrike, Other Cybersecurity Companies
Facebook Bans 7 ‘Cyber Mercenary’ Companies for Spying on 50,000 Users
Meta Platforms on Thursday revealed it took steps to deplatform seven cyber mercenaries that it said carried out "indiscriminate" targeting of journalists, dissidents, critics of authoritarian regimes, families of opposition, and human rights activists located in over 100 countries, amid mounting scrutiny of surveillance technologies. To that end, the company said it alerted … [Read more...] about Facebook Bans 7 ‘Cyber Mercenary’ Companies for Spying on 50,000 Users
Ransomware Taxonomy: Four Scenarios Companies Should Safeguard Against
While October is designated as Cybersecurity Awareness Month, focusing on keeping your company and customers safe should be a constant priority, especially with the growing number and sophistication of ransomware attacks worldwide. As companies interact more digitally with customers and end-users, their attack surface increases, presenting more opportunities for would-be … [Read more...] about Ransomware Taxonomy: Four Scenarios Companies Should Safeguard Against
LuckyMouse Hackers Target Banks, Companies and Governments in 2020
An adversary known for its watering hole attacks against government entities has been linked to a slew of newly detected intrusions targeting various organizations in Central Asia and the Middle East. The malicious activity, collectively named "EmissarySoldier," has been attributed to a threat actor called LuckyMouse, and is said to have happened in 2020 with the goal of … [Read more...] about LuckyMouse Hackers Target Banks, Companies and Governments in 2020
Experts Uncover Malware Attacks Against Colombian Government and Companies
Cybersecurity researchers took the wraps off an ongoing surveillance campaign directed against Colombian government institutions and private companies in the energy and metallurgical industries. In a report published by ESET on Tuesday, the Slovak internet security company said the attacks — dubbed "Operation Spalax" — began in 2020, with the modus operandi sharing some … [Read more...] about Experts Uncover Malware Attacks Against Colombian Government and Companies
Hackers Targeting Companies Involved in Covid-19 Vaccine Distribution
A global spear-phishing campaign has been targeting organizations associated with the distribution of COVID-19 vaccines since September 2020, according to new research. Attributing the operation to a nation-state actor, IBM Security X-Force researchers said the attacks took aim at the vaccine cold chain, companies responsible for storing and delivering the COVID-19 vaccine at … [Read more...] about Hackers Targeting Companies Involved in Covid-19 Vaccine Distribution
Premium-Rate Phone Fraudsters Hack VoIP Servers of 1200 Companies
Cybersecurity researchers today took the wraps off an on-going cyber fraud operation led by hackers in Gaza, West Bank, and Egypt to compromise VoIP servers of more than 1,200 organizations across 60 countries over the past 12 months. According to findings published by Check Point Research, the threat actors — believed to be located in the Palestinian Gaza Strip — have targeted … [Read more...] about Premium-Rate Phone Fraudsters Hack VoIP Servers of 1200 Companies
Microsoft and Other Tech Companies Take Down TrickBot Botnet
Days after the US Government took steps to disrupt the notorious TrickBot botnet, a group of cybersecurity and tech companies has detailed a separate coordinated effort to take down the malware's back-end infrastructure. The joint collaboration, which involved Microsoft's Digital Crimes Unit, Lumen's Black Lotus Labs, ESET, Financial Services Information Sharing and Analysis … [Read more...] about Microsoft and Other Tech Companies Take Down TrickBot Botnet