Numerous Israeli IT, software development, and staffing services firms have been compromised with malware through Word and PDF documents that impersonate antivirus tools as part of the Operation IconCat campaign that commenced last month, Cyber Security News reports.
Half a dozen ransomware variants and over 6,000 nefarious links have been decrypted and dismantled, respectively, while $3 million associated with ransomware, extortion, and business email compromise attacks has been sequestered as part of the Interpol-led effort Operation Sentinel that clamped down on cybercriminal activities across Africa, reports BleepingComputer.
Endpoints are no longer static assets; they constantly change as users move, software updates deploy, configurations drift, and cloud-connected services evolve.
Interview with Frank Vukovits: Focusing inward: there lie threats also. External threats get discussed more than internal threats. There’s a bit of a streetlight effect here: external threats are more visible, easier to track, and sharing external threat intelligence doesn’t infringe on any individual organization’s privacy. That’s why we hear the ...
Updated DocSwap Android malware deployed by Kimsuky Malicious QR codes and pop-up notifications on websites spoofing South Korean logistics company CJ Logistics have been used by North Korean state-backed advanced persistent threat operation Kimsuky to distribute the updated DocSwap Android malware, reports The Hacker News.
BleepingComputer reports that automated credential-based intrusions were launched against Palo Alto Networks GlobalProtect and Cisco SSL VPN instances last week.
The campaign begins with emails impersonating eLibrary, a Russian scientific electronic library, using a domain registered six months prior to avoid detection.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.