The Lancefly APT group is targeting government, aviation, education, and telecom sectors in South and Southeast Asia using a powerful backdoor called Merdoor for intelligence gathering. The exact initial intrusion vector is not clear at present, though attackers are believed to have used SSH brute-forcing or phishing lures.
The issue, assigned the identifier CVE-2023-27217, was discovered and reported to Belkin on January 9, 2023, by Israeli IoT security company Sternum, which reverse-engineered the device and gained firmware access.
The newly formed Justice and Commerce Department’s joint Disruptive Technology Strike Force announced five coordinated enforcement actions taking aim at individuals seeking to help China, Russia and Iran gain access to sensitive U.S. technologies.
Google this week announced the release of a Chrome 113 security update that resolves a total of 12 vulnerabilities, including one rated ‘critical’. Six of the flaws were reported by external researchers.
An Illinois man pleaded guilty Monday to eight criminal counts stemming from the three years he spent leading a conspiracy to sell stolen financial information on darknet markets.
A joint Cybersecurity Advisory from government agencies in the U.S. and Australia, and published by the CISA, is warning organizations of the latest tactics, techniques, and procedures (TTPs) used by the BianLian ransomware group.
The Department of Transportation should better implement its policies for established cyber roles, including improving training and role expectations, according to a recent GAO report.
According to a statement from schools Superintendent Bernice Cobbs, the decision was made to cancel classes Monday in the interest of on-campus security as the impact of the cyberattack was being reviewed.
In an effort to grow its hybrid cloud and artificial intelligence capabilities, IBM announced on Tuesday that it was acquiring Polar Security, an Israel-based company specializing in data security posture management.
From April to May 2022, as Saudi Arabia hosted negotiations between Yemeni leaders involved in the nearly decade-long civil war, OilAlpha sent malicious Android files through WhatsApp to political representatives and journalists, researchers noted.