Infosecurity News
Netherlands Confirms China's Salt Typhoon Targeted Small Dutch Telcos
Salt Typhoon’s primary Dutch targets were small internet service providers and hosting providers
Malicious VS Code Extensions Exploit Name Reuse Loophole
Visual Studio Code extensions have been identified exploiting a loophole that allows reuse of names from removed packages
Nevada Confirms Ransomware Attack, State Data Stolen
Nevada’s CIO confirmed in a press conference that ransomware actors had exfiltrated data from state networks, amid an ongoing incident investigation
Chinese Tech Firms Linked to Salt Typhoon Espionage Campaigns
The US, UK and allies have called out China’s “commercial cyber ecosystem” for enabling large-scale Salt Typhoon campaigns
Crypto Companies Freeze $47m in Romance Baiting Funds
Chainalysis, OKX, Binance and Tether have managed to stop nearly $50m reaching romance baiting fraudsters
Ransomware Actor Deletes Data and Backups Post-Exfiltration on Azure
Microsoft observed Storm-0501 pivot to the victim’s cloud environment to exfiltrate data rapidly and prevent the victim’s recovery
CISA Strengthens Software Procurement Security With New Tool
CISA has launched a new Software Acquisition Guide Web Tool to enhance security in software procurement
Researchers Discover First Reported AI-Powered Ransomware
While still in development, PromptLock is described as the “first known AI-powered ransomware” by ESET researchers
Nevada “Network Security Incident” Shuts Down State Offices and Services
The Office of the Governor of Nevada revealed that the incident has shut down in-person State services, while government phone lines and websites are offline
ShadowSilk Campaign Targets Central Asian Governments
A series of cyber-attacks against government organizations in Central Asia and Asia- Pacific has been linked to the ShadowSilk threat cluster
Citrix Patches Three NetScaler Zero Days as One Sees Active Exploitation
Citrix customers are urged to patch their vulnerable NetScaler appliances, but “patching alone won’t cut it,” experts said
ENISA to Coordinate €36m EU-Wide Incident Response Scheme
EU security agency ENISA is being handed €36m to operate the EU Cybersecurity Reserve
New Data Theft Campaign Targets Salesforce via Salesloft App
Google is warning of a new credential theft campaign targeting Salesforce customers via Salesloft Drift
New Phishing Campaign Abuses ConnectWise ScreenConnect to Take Over Devices
Abnormal AI said the campaign, which lures victims into downloading legitimate RMM software, marks a major evolution in phishing tactics
New Android Trojan Variant Expands with Ransomware Tactics
A new version of the Hook Android banking Trojan features 107 remote commands, including ransomware overlays
Phishing Campaign Uses UpCrypter to Deploy Remote Access Tools
A global phishing campaign has been identified using personalized emails and fake websites to deliver malware via UpCrypter
US: Maryland Confirms Cyber Incident Affecting State Transport Systems
All previously scheduled mobility trips across Maryland for this week will be honored, said the state’s transportation administration
CIISec: Most Security Professionals Want Stricter Regulations
A new CIISec poll finds the majority of industry professionals would prefer more rigorous cybersecurity laws
Tech Manufacturer Data I/O Hit by Ransomware
Data I/O has revealed operational disruption following a ransomware breach that forced it to take some systems offline
Fake macOS Help Sites Seek to Spread Infostealer in Targeted Campaign
A variant of the Atomic macOS Stealer (AMOS) targets macOS users via fake support sites in malvertising campaign
