chief security officer
-
North Korean hackers stole $3 billion in cryptocurrency
According to reports, North Korean state-level hacker groups Kimsuky, Lazarus Group and Andariel have stolen approximately $3 billion worth of cryptocurrency in the past six years. The hackers primarily targeted cryptocurrency exchanges, but also targeted individual users and venture capital firms.
-
Agent Racoon malicious backdoor attacks organizations in the Middle East, Africa and other countries
"This malware family is written using the .NET framework and leverages the Domain Name Service (DNS) protocol to create...
-
Mantis: New tool used in attacks on Palestinian targets
Espionage groups invest time and effort in avoiding detection and persisting on compromised networks.
The Mantis cyber espionage group (aka Arid Viper, Desert Falcon, APT-C-23), a threat actor believed to operate within the Palestinian territories, is conducting ongoing attacks, deploying an updated toolset and sparing no effort in targeting targets. Maintain a persistent presence on the web.
The group is known for targeting organizations in the Middle East, but the recent activity discovered by Symantec, a subsidiary of Broadcom Software, is focused on organizations in the Palestinian territories. The malicious activity began in September 2022 and continued until at least February 2023. moon. This kind of targeting is not unprecedented for the Mantis group, which previously revealed attacks against individuals located in the Palestinian territories in 2017. -
Open source browser engine WebKit arbitrary file reading vulnerability
Google Chrome is a web browser developed by Google. It is based on an open source kernel (such as WebKit) and aims to improve stability, speed and security, with a simple and efficient interface. However, by using XSL stylesheets and external entity references in SVG image links, an attacker can read arbitrary files on the victim's computer.
-
New “HrServ.dll” Web Shell Detected in APT Attack Against Afghan Government
The latest analysis released by Kaspersky security researcher Mert Degirmenci shows that the Web Shell is a dynamic link library (DLL) named "hrserv.dll" with complex functions, such as custom encoding methods for client communication and memory execution. . An investigation by the Russian cybersecurity firm Kaspersky found artifacts dating back to early 2021 based on their compilation timestamps...
-
Breaking News: National Data Administration discusses data infrastructure for the first time
Promote the construction of data infrastructure and contribute to the development of my country's data industry.
-
U.S. think tanks’ construction and enlightenment on my country’s cyber security issues
In today's globalized world, network security has become an important factor affecting national security. In recent years, the construction and enlightenment of China-related cybersecurity issues by Western think tanks has become an important research field. This article mainly analyzes the research results of six major American think tanks on China’s cyber security issues...
-
Overseas spy SDK illegally steals private data of Chinese users
Terminology explanation: SDK is the abbreviation of English Software Development Kit, that is, software development tool kit, which has various types. If developing a software system is compared to building a house with "three bedrooms and one living room", then different SD...
-
North Korea's Lazarus group exploits known security vulnerabilities to attack software vendors
The Lazarus group is a highly active cyber threat actor that reports may be related to the North Korean government. It has been continuously improving its attack techniques and finding new targets and vulnerabilities to exploit. They are known for their attacks against software vendors, financial institutions, and cryptocurrency exchanges, using social engineering, phishing emails, and malware distribution to steal sensitive information and funds.
-
Security vulnerability discovered in Kubernetes NGINX ingress controller
Kubernetes is a popular container orchestration platform used to manage and deploy containerized applications. NGINX is a commonly used open source reverse proxy and load balancer that is widely used in Kubernetes clusters as an ingress controller.