Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light. “Microsoft will automatically enable the logs in customer accounts and increase the default log retention period from 90

Tagged under: , , , , , , , , , , , , ,

FBI’s Most-Wanted Zeus and IcedID Malware Mastermind Pleads Guilty

A Ukrainian national has pleaded guilty in the U.S. to his role in two different malware schemes, Zeus and IcedID, between May 2009 and February 2021. Vyacheslav Igorevich Penchukov (aka Vyacheslav Igoravich Andreev, father, and tank), 37, was arrested by Swiss authorities in October 2022 and extradited to the U.S. last year. He was added to the

Tagged under: , , , , , , , , ,

Raspberry Robin Malware Upgrades with Discord Spread and New Exploits

The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be refined and improved to make it stealthier than before. This means that “Raspberry Robin has access to an exploit seller or its authors develop the exploits themselves in a short period,” Check Point

Tagged under: , , , , , , , , ,

U.S. Sanctions 6 Iranian Officials for Critical Infrastructure Cyber Attacks

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against six officials associated with the Iranian intelligence agency for attacking critical infrastructure entities in the U.S. and other countries. The officials include Hamid Reza Lashgarian, Mahdi Lashgarian, Hamid Homayunfal, Milad Mansuri, Mohammad Bagher Shirinkar, and Reza Mohammad Amin Saberian, who are part

Tagged under: , , , , , , , , , , , , , , , , , , , , , , , ,

Three Ways To Supercharge Your Software Supply Chain Security

Section four of the “Executive Order on Improving the Nation’s Cybersecurity” introduced a lot of people in tech to the concept of a “Software Supply Chain” and securing it. If you make software and ever hope to sell it to one or more federal agencies, you have to pay attention to this. Even if you never plan

Tagged under: , , , , , , , ,

Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.

In a recent analysis, Palo Alto Networks Unit 42 researcher Chema Garcia revealed a targeted cyber threat affecting organizations in the Middle East, Africa, and the United States. The unknown threat actor is distributing a sophisticated backdoor named Agent Racoon, developed using the .NET framework. The malware exploits the domain name service (DNS) protocol to

Tagged under: , , , , , , , , , , , , , , , , , , , , , ,

Signal App Refutes Alleged Zero-Day Flaw Amidst Security Debates

Signal, the renowned encrypted messaging app, has firmly pushed back against recent reports of an alleged zero-day vulnerability in its software. The company conducted a thorough investigation and stated that it found no concrete evidence to substantiate the claim. In a series of messages posted on social media platform X (formerly Twitter), Signal emphasized that

Tagged under: , , , , , , , , ,

CERT-UA Reports: 11 Ukrainian Telecom Providers Hit by Cyberattacks

Ukraine, a nation that has been no stranger to cyber threats, is again in the spotlight. The Ukrainian Computer Emergency Response Team (CERT-UA) has recently reported a series of cyberattacks targeting the country’s telecommunications providers. This alarming development raises concerns about critical infrastructure security and underscores the need for robust cybersecurity measures. In this blog

Tagged under: , , , , , , , , , , , , , ,

Microsoft Warns of Cyber Attacks Attempting to Breach Cloud via SQL Server Instance

In a recent cybersecurity incident, Microsoft has shed light on a thwarted cyber attack, where hackers made an unsuccessful attempt to breach a cloud environment through an SQL Server instance. The assault kicked off with the exploitation of an SQL injection vulnerability present in a particular application. This initial breach granted unauthorized access and escalated

Tagged under: , , , , , , , , ,

The new malware ‘Letscall’ uses voice traffic routing to send audio

A warning has been issued regarding a sophisticated form of voice phishing (vishing) called “Letscall” that specifically targets individuals in South Korea. This advanced technique involves deceiving victims into downloading malicious apps from a fake Google Play Store website. Once installed, the malware redirects incoming calls to a call center operated by criminals who pose

Tagged under: ,