Researchers discovered that the SideCopy APT group targeted government officials in India and Afghanistan via the new AuTo data stealer for cyberespionage. Hackers use ActionRAT and AuTo Stealer malware in this campaign. Government entities are suggested to invest more in security and stay vigilant against such threat groups.
Cerber ransomware is active again with new attack tactics. This time it has been observed targeting remote code execution vulnerabilities in Atlassian Confluence and GitLab servers.
The Nickel group was using several malicious domains for intelligence gathering from multiple government agencies, think tanks, and human rights organizations worldwide.
Some 84% of organizations believe supply chain attacks can become a major threat within the next three years, with 48% in APAC reporting at least one such attack in the past year.
Insikt said it determined that the high-profile military and government organizations in Southeast Asia had been compromised over the last nine months by hackers using custom malware families.
The figure set a record for the fifth straight year in a row. The number of high severity vulnerabilities fell slightly, with 3,646 high-risk vulnerabilities this year compared to 4,381 in 2020.
“If the attack had been successful, 3500 megawatts of power would have been taken out of the grid, enough for between 1.4 and three million homes.” reported the website News.com.au.
Attackers falsely inflate the search engine ranking of malicious webpages by injecting keywords, pushing them onto the first page of search results where possible to catch out unsuspecting victims.
“Over 90% of ID fraud in the past year involved counterfeit documents using a complete reproduction of an original document, instead of adapting an existing ID,” said Onfido.
SonicWall is urging customers to update their SMA 100 series appliances following the discovery of multiple security flaws that could be abused to take complete control of an affected system.