Active Threats
New ‘Powerdrop’ Powershell Malware Targets U.S. Aerospace Industry
[ Posted: 2023-06-06 ]
A new PowerShell malware called "PowerDrop" specifically targets the U.S. aerospace defense industry. The cybersecurity firm Adlumin, found a sample of this malware in the network of a defense contractor in the U.S. PowerDrop utilizes PowerShell and Windows Management Instrumentation (WMI) to establish a persistent remote access trojan (RAT) within the compromised networks. The tactics employed by the malware fall somewhere between "off-the-shelf" malware and sophisticated advanced persistent threat (APT) techniques. Based on the timing and targets of the attacks, it is highly probable that the perpetrator behind the malware is a state-sponsored entity.
Cyclops Ransomware Gang Offers Go-Based Info Stealer to Cybercriminals
[ Posted: 2023-06-06 ]
Threat actors associated with the Cyclops ransomware have been observed offering an information stealer malware that's designed to capture sensitive data from infected hosts. ‘The threat actor behind this [ransomware-as-a-service] promotes its offering on forums," Uptycs said in a new report.' ‘There it requests a share of profits from those engaging in malicious activities using its malware.’ The Go-based stealer, for its part, is designed to target Windows and Linux systems, capturing details such as operating system information, computer name, number of processes, and files of interest matching specific extensions.
Google Fixes New Chrome Zero-Day Flaw With Exploit in the Wild
[ Posted: 2023-06-06 ]
Yesterday, Google released security updates to address a zero-day flaw in its Chrome web browser. Tracked as CVE-2023-3079, the bug has been assessed as a high-severity issue and is related to a type confusion bug in the Chrome V8 JavaScript engine. “Type confusion bugs arise when the engine misinterprets the type of an object during runtime, potentially leading to malicious memory manipulation and arbitrary code execution.
Iowa Reports Third Big Vendor Breach This Year
[ Posted: 2023-06-06 ]
The state government of Iowa has recently reported its third major health data breach since April, all involving third-party vendors. The most recent breach occurred at dental health insurer MCNA Insurance Co., with the Iowa Department of Health and Human Services disclosing that hackers compromised the protected health information of nearly 234,000 Iowa residents.
Alarming Surge in TrueBot Activity Revealed with New Delivery Vectors
[ Posted: 2023-06-06 ]
VMware’s Carbon Black Managed Detection and Response (MDR) team saw a surge in TrueBot activity in May 2023. TrueBot is a botnet that has been active since 2017 and is linked to the Silence group, a cybercriminal group that is known for targeting banks and financial institutions, in addition to the educator sector. According to VMware’s MDR team, TrueBot has been under active development by Silence, with the latest versions now leveraging a Netwrix vulnerability (CVE-2022-31199, CVSS score: 9.8) as a delivery vector.
Cyber Security Cafe
Cyber Security Cafe is a private public service and offers no goods or services other than posting the current cyber threats we are facing and what we can do to prevent us from being affected and if we are, what we can do to correct the problems and to avoid intrusions in the future.
- Prevention often means not accepting the 'easy' ways.
- Most of Modern Technology exists in order to obtain your personal data.
Current Threats
Current Treats so you the latest and often most dangerous cyber threats. They indicate where they orininated from, and what areas they are targeting. By knowing in advance you can take precautionary actions now, before it's too late.
Cyber Solutions
Are a group of tools and information that is designed to keep you up to date and to give you the tools to protect both your network and equipment. Most of the tools are available 'free of charge' too and are provided by safe governmental agencies.