warning
-
Blog
Warning issued after Chinese hacker group breaches telco firms in “dozens of countries”
A senior national security adviser in the Biden Administration has warned that a Chinese state-sponsored hacking group has breached telecommunications firms in “dozens of countries”. Anne Neuberger, President Biden’s deputy national security adviser, said the campaign attributed to the threat actor known as Salt Typhoon is ongoing, and has breached at least eight US telcos, according to reporting in the…
Read More » -
Blog
Fresh warning issued over encryption-less ransomware as notorious threat group shifts tactics
Security agencies have updated their information on notorious ransomware gang BianLian, warning the group has shifted its tactics and is moving away from encryption based attacks. A cybersecurity advisory issued by the FBI, CISA, and Australia Cyber Security Centre was recently updated on 20 November 2024 to reflect a change in tactics from the group, signaling a potentially wider shift…
Read More » -
Blog
Microsoft Exchange adds warning to emails abusing spoofing flaw
Microsoft has disclosed a high-severity Exchange Server vulnerability that allows attackers to forge legitimate senders on incoming emails and make malicious messages a lot more effective. The security flaw (CVE-2024-49040) impacts Exchange Server 2016 and 2019, and was discovered by Solidlab security researcher Vsevolod Kokorin, who reported it to Microsoft earlier this year. “The problem is that SMTP servers parse…
Read More » -
Blog
Warning issued after SharePoint flaw puts entire corporate networks at risk
Security researchers have issued an alert over threat actors exploiting a recently disclosed vulnerability in Microsoft Sharepoint, warning the weakness could allow attackers to compromise the entire network. Researchers from Rapid7’s incident response team have published findings from an investigation where hackers compromised a Microsoft Exchange service account by exploiting a vulnerability in a public-facing application. The attacker was able…
Read More » -
Blog
Why experts are warning businesses to prepare for quantum now – or face critical cyber risks when it arrives
Quantum computing is a technology that has repeatedly been hyped as around the corner, despite many being unable to pinpoint exactly when it will materialize. While its unknown arrival date has allowed CISOs to kick the can down the road, experts have declared that there is limited time to get a quantum resilience strategy in place. Speaking to ITPro, Colin…
Read More » -
Blog
Microsoft issues warning over potent malware strain developed by Iranian threat actor
Microsoft has published information on a highly concerning malware campaign being carried out by suspected Iranian state-backed threat group, Peach Sandstorm. Between April and July 2024, Microsoft’s threat intelligence arm observed the collective deploying a newly developed custom multi-stage backdoor, which it has dubbed Tickler. The malware has been used to target businesses operating in the satellite, communications equipment, oil…
Read More »