Collaborate Disseminate
By Deeba Ahmed
Worok is primarily targeting organizations in banking, telecommunication, marine, military, energy, public sectors, and government in its current campaign.
This is a post from HackRead.com Read the original post: Worok Hackers Targeting … Continue reading Worok Hackers Targeting Orgs, Govts in Asia, Middle East and Africa
Companies and other organizations should be careful when employing IT freelancers, lest they end up hiring North Korean hackers. The advice comes from the U.S. Department of State, the U.S. Department of the Treasury, and the Federal Bureau of Investig… Continue reading U.S. warns of North Korean hackers posing as IT freelancers
U.S. and U.K. government agencies called out Iranian government-affiliated hackers Thursday, accusing them of being behind cyber-espionage targeting the defense, local government, oil and natural gas and telecommunications sectors across the globe. The joint alert points a finger at MuddyWater, which the U.S. government for the first time last month attributed directly to Tehran. In the latest warning, the government agencies said that they have observed MuddyWater on the move in Africa, Asia, Europe and North America since 2018. “MuddyWater actors are positioned both to provide stolen data and accesses to the Iranian government and to share these with other malicious cyber actors,” reads the alert. The bulletin is the joint work of the the FBI, Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the U.S. Cyber Command Cyber National Mission Force and the U.K.’s National Cyber Security Centre. MuddyWater has a long history of allegedly spying on primarily […]
The post FBI, CISA, Cyber Command take aim at cyber-espionage by Iran’s MuddyWater group appeared first on CyberScoop.
Continue reading FBI, CISA, Cyber Command take aim at cyber-espionage by Iran’s MuddyWater group
By Deeba Ahmed
According to researchers, the new CoinStomp malware is mainly targeting cloud service providers based in Asia. The IT…
This is a post from HackRead.com Read the original post: New CoinStomp cryptomining malware targeting cloud serv… Continue reading New CoinStomp cryptomining malware targeting cloud services
Attackers are trying out a new technique to widen the reach of their phishing campaigns: by using stolen Office 365 credentials, they try to connect rogue Windows devices to the victim organizations’ network by registering it with their Azure AD…. Continue reading Attackers connect rogue devices to organizations’ network with stolen Office 365 credentials
Business, now more than ever before, is going digital, and today a startup that’s building a vertically integrated solution to meet business banking needs is announcing a big round of funding to tap into the opportunity. Airwallex — which provides business banking services both directly to businesses themselves, as well as via a set of […] Continue reading Airwallex raises $200M at a $4B valuation to double down on business banking
Nium’s new round adds fuel to a fire shared by a number of companies all going after a global B2B payments market valued at $120 trillion annually. Continue reading Nium crosses $1B valuation with $200M Riverwood Capital-led round
Ransomware gangs have now struck two cybersecurity insurers in as many months, with AXA confirming over the weekend that an attack had affected its Asian operations. AXA joins CNA Insurance, which in April confirmed that a ransomware incident had forced the company to take its operations offline. The attack on AXA, though, comes shortly after the French insurer said it would no longer reimburse ransomware payments under new policies it writes in that country, although a source familiar with the attack said there was no connection between AXA’s decision and the attack on its own networks. The so-called Avaddon ransomware operators posted screenshots of information online that they said they obtained from AXA’s Asia Assistance subsidiary. The screenshots include a claim that the operators stole three terabytes of data, such as customer medical reports and claims, customer IDs and bank account papers, payments to customers and other health information. “Asia […]
The post Ransomware strikes AXA shortly after insurer announces it will stop covering extortion fees appeared first on CyberScoop.
Robotic process automation has become buzzy in the last few months. New York-based UiPath is on course to launch an initial public offering after gaining an astounding valuation of $35 billion in February. Over in China, homegrown RPA startup Laiye is making waves as well. Laiye, which develops software to mimic mundane workplace tasks like […] Continue reading Laiye, China’s answer to UiPath, closes $50 million Series C+
Gamers are familiar targets for hackers, but those operations often are broadly aimed at stealing data, installing nuisances like adware or disrupting the games themselves. Sometimes, though, attackers have other things in mind. A malware operation in Asia appears to be “highly targeted” toward spying on only a handful of users of a popular piece of gaming software, according to cybersecurity researchers at Slovakia-based ESET. The attackers compromised the update mechanism for NoxPlayer, an emulator program that allows Android games to be played on PCs and Macs, ESET says. It’s a supply-chain attack, not unlike others with much bigger footprints and much larger geopolitical effects. The perpetrators appear to have broken into infrastructure at Hong Kong-based BigNox, which makes NoxPlayer, to add the malware to the updates that go to customers. The details get fuzzy from there. About 150 million people, mostly in Asia, use NoxPlayer. ESET says it discovered […]
The post Spies target gamers with malware inserted into software updates, ESET says appeared first on CyberScoop.
Continue reading Spies target gamers with malware inserted into software updates, ESET says