Breaking News

•••  All important news related to new attacks and see the solutions we can offer you  •••

31/08/2020

North Korea's BeagleBoyz Robbing Banks

Lees de originele artikel hier
Cyber Defense

 

This joint advisory is the result of analytic efforts among the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury (Treasury), the Federal Bureau of Investigation (FBI) and U.S. Cyber Command (USCYBERCOM). Working with U.S. government partners, CISA, Treasury, FBI, and USCYBERCOM identified malware and indicators of compromise (IOCs) used by the North Korean government in an automated teller machine (ATM) cash-out scheme—referred to by the U.S. Government as “FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks.”

 

New identified malware used by the NorthKorean government in an automated teller machine (ATM) cash-out.

 

This mallware can be simulated and your can test if your environment is vulnerable using Cymulate BAS solution
 

Contact us for a test with Cymulate breach and Attack simulation
27/08/2020

'Next-Gen' Open Source Component Attacks Surge 430%

Lees de originele artikel hier
Software Security

As commercial and enterprise software developers become more disciplined about keeping their open source software components updated to reduce the risk of software supply chain attacks, the bad guys are getting craftier: Researchers warn that they're over-running open source projects to turn them into malware distribution channels.

It used to be that attackers simply preyed on existing vulnerabilities within well-used open source components, with the understanding they could victimize the many organizations relying on outdated dependencies. Attackers are now more frequently getting proactive by infiltrating open source projects to seed them with compromised components that they can pounce on once they're downloaded and used by unsuspecting organizations.

Contact us for more information about Checkmarx SCA
27/08/2020

DeathStalker APT Targets SMBs with Cyber Espionage

Cyber Defense

The hacker-for-hire group, operating since at least 2012, primarily targets financial firms.
Small and midsize businesses (SMBs) should have a new advanced persistent threat (APT) on their collective radar: DeathStalker has been targeting SMBs in the financial sector since at least 2012.

Kaspersky researchers tracking the group since 2018 report DeathStalker has targeted companies around the world.
Attackers don't seem motivated by financial gain; they don't deploy ransomware or steal payment data.
The focus is sensitive business data, which could mean DeathStalker offers hacker-for-hire services, or serves as a sort of "information broker," in financial circles.

Contact us for a test with Cymulate Breach and Attack Simulation
Load more