Infosecurity News
Linux Malware Targets Docker, Apache Hadoop, Redis and Confluence
Cado said the payloads facilitated RCE attacks by leveraging common misconfigurations and known vulnerabilities
EU Agrees 'Cyber Solidarity Act' to Bolster Incident Response and Recovery
The EU has agreed new rules to strengthen cyber incident response and recovery across member states, encompassing closer cooperation mechanisms
Cyber Pros Turn to Cybercrime as Salaries Stagnate
The UK’s Chartered Institute of Information Security warns that many professionals are prepared to moonlight for cybercrime groups
Skype, Google Meet, and Zoom Used in New Trojan Scam Campaign
A new threat actor has been observed by Zscaler distributing remote access Trojans (RATs) via online meeting lures
US Sanctions Predator Spyware Maker Intellexa
The US Treasury has designated individuals and entities associated with Predator spyware developer, Intellexa
GhostSec Evolves With Website Compromise Tools
Cisco Talos uncovered two new tools developed by the group: the “GhostSec Deep Scan tool” and “GhostPresser”
South Korean Police Develops Deepfake Detection Tool Ahead of April Elections
With a claimed 80% efficiency, the new AI detection tool will be used to inform the police during criminal investigations
ALPHV/BlackCat Ransomware Servers Go Down
Speculations about the shut down range from a potential exit scam to a rebranding initiative
American Express Warns Credit Card Data Exposed in Third-Party Breach
American Express has informed customers that their credit card details may have been compromised following a breach of a third-party merchant processor
Ukraine Claims it Hacked Russian MoD
Ukraine’s military intelligence service says it hacked and stole sensitive documents from Russia’s Ministry of Defense
TeamCity Users Urged to Patch Critical Vulnerabilities
JetBrains says on-premises TeamCity servers must be upgraded to mitigate two new bugs
Self-Propagating Worm Created to Target Generative AI Systems
The researchers developed a worm, dubbed “Morris II,” which targets generative AI ecosystems through the use of adversarial self-replicating prompts
Hacktivist Collective NoName057 Strikes European Targets
Sekoia.io observed developments in the group’s DDoS tools, including updates enhancing compatibility with different processor architectures and OS
TA577 Exploits NTLM Authentication Vulnerability
Proofpoint warned the method could be used for data gathering and further malicious activities
Predator Spyware Targeted Mobile Phones in New Countries
Despite being exposed to human rights violations, the Predator spyware continues to be used across the world – including in new countries
Securing Perimeter Products Must Be a Priority, Says NCSC
UK’s National Cyber Security Centre warns of dangers of insecure perimeter products
Drugs and Cybercrime Market Busted By German Cops
German police have dismantled the country’s largest underground marketplace: Crimemarket
Biden Warns Chinese Cars Could Steal US Citizens' Data
President Biden warned that connected vehicles built in China could be used to steal sensitive data of US citizens and critical infrastructure
Five Eyes Warn of Ivanti Vulnerabilities Exploitation, Detection Tools Insufficient
Government agencies from the Five Eyes coalition said that Ivanti’s own tools are not sufficient to detect compromise
UK Home Office Breached Data Protection Law with Migrant Tracking Program, ICO Finds
The Home Office failed to assess the privacy intrusion of the continuous collection of migrants’ location information in breach of UK data protection law, according to the ICO
