Malware Attack on South Korean Entities Was Work of Andariel Group – Tempemail

A malware campaign targeting South Korean entities that came to light earlier this year has been attributed to a North Korean nation-state hacking group called Andariel, once again indicating that Lazarus attackers are following the trends and their arsenal is in constant development. “The way Windows commands and their options Continue Reading

NoxPlayer Supply-Chain Attack is Likely the Work of Gelsemium Hackers – Tempemail

A new cyber espionage group named Gelsemium has been linked to a supply chain attack targeting the NoxPlayer Android emulator that was disclosed earlier this year. The findings come from a systematic analysis of multiple campaigns undertaken by the APT crew, with evidence of the earliest attack dating back all Continue Reading

New TLS Attack Lets Attackers Launch Cross-Protocol Attacks Against Secure Sites – Tempemail

Researchers have disclosed a new type of attack that exploits misconfigurations in transport layer security (TLS) servers to redirect HTTPS traffic from a victim’s web browser to a different TLS service endpoint located on another IP address to steal sensitive information. The attacks have been dubbed ALPACA, short for “Application Continue Reading

Critical RCE Bug in VMware vCenter Server Under Active Attack – Tempemail

Malicious actors are actively mass scanning the internet for vulnerable VMware vCenter servers that are unpatched against a critical remote code execution flaw, which the company addressed late last month. The ongoing activity was detected by Bad Packets on June 3 and corroborated yesterday by security researcher Kevin Beaumont. “Mass Continue Reading

Google Researchers Discover A New Variant of Rowhammer Attack – Tempemail

A team of security researchers from Google has demonstrated yet another variant of the Rowhammer attack that bypasses all current defenses to tamper with data stored in memory. Dubbed “Half-Double,” the new hammering technique hinges on the weak coupling between two memory rows that are not immediately adjacent to each Continue Reading

Watering Hole Attack Was Used to Target Florida Water Utilities – Tempemail

An investigation undertaken in the aftermath of the Oldsmar water plant hack earlier this year has revealed that an infrastructure contractor in the U.S. state of Florida hosted malicious code on its website in what’s known as a watering hole attack. “This malicious code seemingly targeted water utilities, particularly in Continue Reading

70 European and South American Banks Under Attack By Bizarro Banking Malware – Tempemail

A financially motivated cybercrime gang has unleashed a previously undocumented banking trojan, which can steal credentials from customers of 70 banks located in various European and South American countries. Dubbed “Bizarro” by Kaspersky researchers, the Windows malware is “using affiliates or recruiting money mules to operationalize their attacks, cashing out Continue Reading

Rapid7 Source Code Breached in Codecov Supply-Chain Attack – Tempemail

Cybersecurity company Rapid7 on Thursday revealed that unidentified actors improperly managed to get hold of a small portion of its source code repositories in the aftermath of the software supply chain compromise targeting Codecov earlier this year. “A small subset of our source code repositories for internal tooling for our Continue Reading

U.S. Declares Emergency in 17 States Over Fuel Pipeline Cyber Attack – Tempemail

The ransomware attack against Colonial Pipeline’s networks has prompted the U.S. Federal Motor Carrier Safety Administration (FMCSA) to issue a regional emergency declaration in 17 states and the District of Columbia (D.C.). The declaration provides a temporary exemption to Parts 390 through 399 of the Federal Motor Carrier Safety Regulations Continue Reading

Shutdown of US pipeline after cyber attack prompts worry over gas prices | Cybercrime

The hackers who caused the vast Colonial Pipeline to shut down on Friday reportedly began their cyberattack against the top US fuel pipeline operator a day earlier and stole a large amount of data. The attackers are part of a cybercrime group called DarkSide and took nearly 100 gigabytes of Continue Reading