0 Comments
The Federal Bureau of Investigation and Michigan State Police are investigating a cyber-attack on a Michigan school district. District administrators at Saginaw Township Community Schools began experiencing IT issues on Sunday following what is believed to have been a ransomware attack on the district’s computer network.  Investigators are in contact with the cyber-criminals behind the attack. It
0 Comments
Cisco has addressed a maximum severity vulnerability in its Application Centric Infrastructure (ACI) Multi-Site Orchestrator (MSO) that could allow an unauthenticated, remote attacker to bypass authentication on vulnerable devices. “An attacker could exploit this vulnerability by sending a crafted request to the affected API,” the company said in an advisory published yesterday. “A successful exploit
0 Comments
Summary Secureworks® Counter Threat Unit™ (CTU) researchers have tracked the activities of the BRONZE UNION threat group (also known as Emissary Panda, APT 27, and LuckyMouse) since 2013. CTU™ analysis suggests that BRONZE UNION is located in the People’s Republic of China. The threat group has historically leveraged a variety of publicly available and self-developed
0 Comments
French multinational information technology services and consulting company Atos has completed the acquisition of two cybersecurity companies.  On February 24, the self-styled decarbonization services and products pioneer announced the successful acquisition of Motiv ICT Security. Founded in 1998, Motiv is the largest independent Managed Security Services (MSS) provider in the Netherlands. In a statement released Wednesday, Atos said
0 Comments
Neither clinical research into the coronavirus nor any patient data were affected by the incident Oxford University has confirmed that one of its biology laboratories that is researching ways to combat the COVID-19 pandemic has fallen victim to a cyberattack. Details about the incident at the Division of Structural Biology (Strubi) were released by Forbes.
0 Comments
The following analysis was compiled and published to Threat Intelligence clients in July 2018. The Secureworks® Counter Threat Unit™ (CTU) research team is publicly sharing insights about the IRON LIBERTY threat group, as well as details about the Karagany and MCMD malware used exclusively by IRON LIBERTY, to supplement the discussion of the man-on-the-side technique described in the
0 Comments
New research by cybersecurity company Kaspersky has found that Russia, Brazil, and the United States of America were the countries most affected by stalkerware last year.  A new report, “The State of Stalkerware 2020,” that was released today found that 53,870 Kaspersky users were affected globally by malicious surveillance software in 2020. Russia had the most affected users
0 Comments
The following analysis was compiled and published to Threat Intelligence clients in August 2018. The Secureworks® Counter Threat Unit™ (CTU) research team is publicly sharing insights about the IRON LIBERTY threat group, as well as details about the Karagany and MCMD malware used exclusively by IRON LIBERTY, to supplement the discussion of the man-on-the-side technique
0 Comments
Six school officials in Alabama have been indicted over a scheme to fraudulently obtain millions of dollars in state education funding by pretending to enroll private students into virtual schools. Federal prosecutors say educators in Athens City Schools and Limestone County Schools stole the identities of hundreds of private students and falsified enrollment records to
0 Comments
Cybersecurity researchers today unwrapped a new campaign aimed at spying on vulnerable Tibetan communities globally by deploying a malicious Firefox extension on target systems. “Threat actors aligned with the Chinese Communist Party’s state interests delivered a customized malicious Mozilla Firefox browser extension that facilitated access and control of users’ Gmail accounts,” Proofpoint said in an
0 Comments
It is near-certain the need for security across the enterprise will never cease – only increase if year-over-year trends are any indication. We constantly see headlines with repetitive buzzwords and phrases calling attention to the complexity of today’s security operations center (SOC) with calls to action to reimagine and modernize the SOC. We’re no different here at McAfee
0 Comments
The following analysis was compiled and published to Threat Intelligence clients in September 2018. The Secureworks® Counter Threat Unit™ (CTU) research team is publicly sharing insights about the IRON LIBERTY threat group, as well as details about the Karagany and MCMD malware used exclusively by IRON LIBERTY, to supplement the discussion of the man-on-the-side technique described in
0 Comments
The United States Senate’s select committee on intelligence met yesterday to hear evidence from tech executives regarding the historic hack on Texas-based company SolarWinds.  Government agencies issued emergency directives in December after cybersecurity company FireEye detected a supply-chain attack trojanizing SolarWinds’ Orion business software updates to distribute malware. Using SolarWinds and Microsoft programs, hackers believed to have been working for Russia attacked
0 Comments
The incident raises concerns about the privacy and security of conversations taking place on the platform Clubhouse, the social media platform du jour, has experienced a data incident as an unidentified user found a way to stream audio feeds from the app’s chat rooms to a third-party website. Speaking to Bloomberg, Clubhouse spokeswoman Reema Bahnasy confirmed
0 Comments
With browser makers steadily clamping down on third-party tracking, advertising technology companies are increasingly embracing a DNS technique to evade such defenses, thereby posing a threat to web security and privacy. Called CNAME Cloaking, the practice of blurring the distinction between first-party and third-party cookies not only results in leaking sensitive private information without users’
0 Comments
Executive Summary Babuk ransomware is a new ransomware threat discovered in 2021 that has impacted at least five big enterprises, with one already paying the criminals $85,000 after negotiations. As with other variants, this ransomware is deployed in the network of enterprises that the criminals carefully target and compromise. Using MVISION Insights, McAfee was able
0 Comments
Summary The REvil (also known as Sodinokibi) ransomware was first identified on April 17, 2019. It is used by the financially motivated GOLD SOUTHFIELD threat group, which distributes ransomware via exploit kits, scan-and-exploit techniques, RDP servers, and backdoored software installers. Secureworks® Counter Threat Unit™ (CTU) analysis suggests that REvil is likely associated with the GandCrab
0 Comments
The former comptroller of a Louisiana community college has been sent to prison for wire fraud after abusing her network access to issue fraudulent refunds. Carol Bates admitted committing wire fraud from 2013 to 2016 while working at Bossier Parish Community College (BPCC). The 50-year-old Shreveport resident conspired with her sister Audrey Williams and nine