StormBamboo APT Targets ISPs, Spreads Malware via Software Updates
StormBamboo abuses insecure software updates! Don’t be a victim! This article explores how the StormBamboo group compromises ISPs to tamper with software update mechanisms and…
Author: Cybernoz
Keytronic reports losses of over $17 million after ransomware attack
Electronic manufacturing services provider Keytronic has revealed that it suffered losses of over $17 million due to a May ransomware attack. The American technology company started as…
Researchers warn of a new critical Apache OFBiz flaw
Researchers warn of a new critical Apache OFBiz flaw Pierluigi Paganini August 05, 2024 Researchers urge organizations using Apache OFBiz to address a critical bug,…
North Korean hackers exploit VPN update flaw to install malware
South Korea’s National Cyber Security Center (NCSC) warns that state-backed DPRK hackers hijacked flaws in a VPN’s software update to deploy malware and breach networks.…
AppOmni unveils SaaS-aware ITDR capabilities
AppOmni announced a series of technology advances to deliver identity and threat detection (ITDR) capabilities to protect SaaS environments. The newest capabilities complement traditional ITDR…
332 Million Email Addresses Scraped from SOCRadar.io Dumped Online
A hacker known as USDoD claims to have scraped 332 million email addresses from SOCRadar.io, which were later dumped online by another threat actor, Dominatrix.…
Malware induction into Windows and MacOS devices via ISP
Volexity, a cutting-edge cybersecurity firm based in Virginia, has uncovered a Chinese hacking group known as StormBamboo, which is injecting malware into software updates distributed…
Chinese cyber attack sparks alert over six year old MS vuln
The United States Cybersecurity and Infrastructure Security Agency (CISA) has added a Microsoft vulnerability dating back to 2018 to its Known Exploited Vulnerabilities (KEV) catalogue…
New LianSpy malware hides by blocking Android security feature
A previously undocumented Android malware named ‘LightSpy’ has been discovered targeting Russian users, posing on phones as an Alipay app or a system service to…
Russia’s luxury car phish continues to prove effective
Foreign diplomatic missions and non-governmental organisations (NGOs) in Ukraine are failing to adequately safeguard staffers from basic phishing attacks, putting government personnel and national security…
Bloody Wolf Attacking Organizations With $80 Malware From Underground Market
Cybersecurity experts have uncovered a series of attacks targeting organizations in Kazakhstan by a threat actor dubbed “Bloody Wolf.” The group utilizes STRRAT, an inexpensive…
World’s largest companies at near-universal risk of supply chain breach
Out of the world’s 2,000 largest companies, 1,980 have a direct connection to a technology supplier that has experienced a recent cyber security incident or…