Mar 23, 2023Ravie LakshmananCyber Attack / Browser Security German and South Korean government agencies have warned about cyber attacks mounted by a threat actor tracked as Kimsuky using rogue browser extensions to steal users' Gmail inboxes. The joint advisory comes from Germany's domestic intelligence apparatus, the Federal Office for the Protection of the Constitution … [Read more...] about German and South Korean Agencies Warn of Kimsuky’s Expanding Cyber Attack Tactics
Agencies
Researchers Warn of ReverseRAT Backdoor Targeting Indian Government Agencies
Feb 21, 2023Ravie LakshmananCyber Threat / Cyber Attack A spear-phishing campaign targeting Indian government entities aims to deploy an updated version of a backdoor called ReverseRAT. Cybersecurity firm ThreatMon attributed the activity to a threat actor tracked as SideCopy. SideCopy is a threat group of Pakistani origin that shares overlaps with another actor called … [Read more...] about Researchers Warn of ReverseRAT Backdoor Targeting Indian Government Agencies
Falcon Spotlight ExPRT.AI Helps Federal Agencies Meet CISA Mandate
The Cybersecurity and Infrastructure Security Agency (CISA) issued a mandate on November 2, 2021, for all U.S. federal agencies to fix hundreds of known vulnerabilities. Binding Operational Directive 22-01 (BOD 22-01) compels all federal departments and agencies to specifically address the vulnerabilities in the published catalog to protect and safeguard valuable federal data … [Read more...] about Falcon Spotlight ExPRT.AI Helps Federal Agencies Meet CISA Mandate
U.S. Federal Agencies Ordered to Patch Hundreds of Actively Exploited Flaws
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a catalog of vulnerabilities, including from Apple, Cisco, Microsoft, and Google, that have known exploits and are being actively exploited by malicious cyber actors, in addition to requiring federal agencies to prioritize applying patches for those security flaws within "aggressive" … [Read more...] about U.S. Federal Agencies Ordered to Patch Hundreds of Actively Exploited Flaws
Russian Federal Agencies Were Attacked With Chinese Webdav-O Virus
An amalgam of multiple state-sponsored threat groups from China may have been behind a string of targeted attacks against Russian federal executive authorities in 2020. The latest research, published by Singapore-headquartered company Group-IB, delves into a piece of computer virus called "Webdav-O" that was detected in the intrusions, with the cybersecurity firm observing … [Read more...] about Russian Federal Agencies Were Attacked With Chinese Webdav-O Virus
Iranian Hackers Utilize ScreenConnect to Spy On UAE, Kuwait Government Agencies
UAE and Kuwait government agencies are targets of a new cyberespionage campaign potentially carried out by Iranian threat actors, according to new research. Attributing the operation to be the work of Static Kitten (aka MERCURY or MuddyWater), Anomali said the "objective of this activity is to install a remote management tool called ScreenConnect (acquired by ConnectWise 2015) … [Read more...] about Iranian Hackers Utilize ScreenConnect to Spy On UAE, Kuwait Government Agencies
US Agencies and FireEye Were Hacked Using SolarWinds Software Backdoor
State-sponsored actors allegedly working for Russia have targeted the US Treasury, the Commerce Department's National Telecommunications and Information Administration (NTIA), and other government agencies to monitor internal email traffic as part of a widespread cyberespionage campaign. The Washington Post, citing unnamed sources, said the latest attacks were the work of APT29 … [Read more...] about US Agencies and FireEye Were Hacked Using SolarWinds Software Backdoor
Chinese Hackers Exploiting Unpatched Devices to Target U.S. Agencies
The US Cybersecurity and Infrastructure Security Agency (CISA) issued a new advisory on Monday about a wave of cyberattacks carried by Chinese nation-state actors targeting US government agencies and private entities."CISA has observed Chinese [Ministry of State Security]-affiliated cyber threat actors operating from the People's Republic of China using commercially available … [Read more...] about Chinese Hackers Exploiting Unpatched Devices to Target U.S. Agencies