As of December 2022, Unit 42 researchers observed 134 million exploit attempts in total leveraging this vulnerability, and about 97% of these attacks occurred after the start of August 2022. At the time of writing, the attack is still ongoing.
Businesses that invest in cybersecurity as a competitive advantage are transforming their business models. Every company is or will become a technology company, and those doing it faster are winning.
PublicWWW results show over 4,500 websites impacted by this malware at the time of writing, while urlscan.io shows evidence of the campaign operating since December 26, 2022.
Fujitsu said it ran trials using its 39-qubit quantum simulator hardware to assess how difficult it would be for quantum computers to crack data encrypted with the RSA cipher, using a Shor’s algorithm approach.
A spokesperson for the company said they are aware of the post, which was created on Tuesday morning and offers emails, phone numbers, courses taken, and other information on how customers use the platform.
This week, Ticketmaster testified in Senate Judiciary Committee hearings that it’s not the company’s monopoly on the live music market that caused the Swifty sales collapse — it was instead a cyberattack, executives said.
Mandiant suspects that Chinese hackers may have abused the FortiOS SSL-VPN flaw to target the European government and an African MSP with Boldmove, a Linux and Windows malware. Hackers exploited a previously patched flaw, CVE-2022-42475, in FortiOS as a zero-day. The exploitation occurred as early as October 2022 and the patch was out in December.
Cyber adversaries were found leveraging OneNote attachments to infect victims with remote access malware to harvest their credentials or even cryptocurrency wallets. Researchers spotted criminals installing malware, such as Quasar RAT, AsyncRAT, and XWorm RAT, on infected machines via OneNote files. For this infection, the computer does warn users with a pop-up.
New telemetry from SecurityScorecard reflects a 38% rise in high-severity flaws in manufacturing organizations. Almost half of the critical manufacturing organizations, 48%, received poor security ratings on SecurityScorecard’s platform. It is crucial for policymakers and business leaders to have a clear understanding of the security measures in place for their manufacturing environments.
The Russian advanced persistent threat (APT) group Gamaredon has also put LNK files to work, including a campaign that started in August 2022 against organizations in Ukraine.