"EU Sanctioned the leader of North Korea-linked APT groups."

Views expressed in this cybersecurity, cyber espionage, and cyber crime update are those of the reporters and correspondents.  Accessed on 25 February 2025, 1549 UTC.

Content and Source:  Email subscription via https://feedly.com.

 https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security Affairs

71K followers27 articles per week

#security#tech

9

Today

EU sanctioned the leader of North Korea-linked APT groups

EU strengthens sanctions on Russia

•

by Pierluigi Paganini / 50min

The European Union sanctioned the leader of North Korea-linked APT groups for aiding Russia in its war against Ukraine. The European Union announced sanctions against entities aiding Russia in the ongoing conflict with Ukraine, including Lee Chang Ho, who is the leader of North Korea-linked APT groups. Lee Chang Ho coordinated North Korean soldiers in Ukraine and led North Korea-linked APT groups

U.S. CISA adds Adobe ColdFusion and Oracle Agile PLM flaws to its Known Exploited Vulnerabilities catalog

by Pierluigi Paganini / 4h

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe ColdFusion and Oracle Agile Product Lifecycle Management (PLM) vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS and Palo Alto PAN-OS vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog . The two vulnerabili

Yesterday

Russia warns financial sector organizations of IT service provider LANIT compromise

Russia warns of IT provider hack

•

by Pierluigi Paganini / 6h

Russia’s NKTsKI warns financial sector organizations about a breach at major Russian IT service and software provider LANIT. Russia’s National Coordination Center for Computer Incidents (NKTsKI) warns the financial sector of security breach at IT service and software provider LANIT , potentially affecting LANTER and LAN ATMservice. According to the security breach notification published by GosSOP

A large botnet targets M365 accounts with password spraying attacks

8 TTPs

•

by Pierluigi Paganini / 18h

•

Massive botnet attacks Microsoft 365

A botnet of 130,000+ devices is attacking Microsoft 365 accounts via password-spraying, bypassing MFA by exploiting basic authentication. SecurityScorecard researchers discovered a botnet of over 130,000 devices that is conducting password-spray attacks against Microsoft 365 (M365) accounts worldwide. The attackers targeted accounts protected with basic authentication bypassing multi-factor authe

Australia bans Kaspersky over national security concerns

Australia bans Kaspersky antivirus software

•

by Pierluigi Paganini / 1d

Australia bans Kaspersky software over national security concerns, citing risks of foreign interference, espionage, and sabotage of government networks. Australian Government banned products and services provided by Russian cybersecurity firm Kaspersky over national security concerns. The Secretary of the Department of Home Affairs has issued a mandatory directive under the Protective Security Po

A data leak exposes the operations of the Chinese private firm TopSec, which provides Censorship-as-a-Service

TopSec linked to Chinese censorship

•

by Pierluigi Paganini / 1d

A leak suggests that Chinese cybersecurity firm TopSec offers censorship-as-a-service services, it provided bespoke monitoring services to a state-owned enterprise facing a corruption scandal. SentinelLABS researchers analyzed a data leak that suggests that the Chinese cybersecurity firm TopSec offers censorship-as-a-service services. The origin of the data leak is unclear, the leak is large and

Feb 23, 2025

SpyLend Android malware found on Google Play enabled financial cyber crime and extortion

SpyLend malware targets Indian users

•

by Pierluigi Paganini / 1d

CYFIRMA researchers discovered that the SpyLend Android malware was downloaded 100,000 times from the official app store Google Play. CYFIRMA researchers discovered an Android malware, named SpyLend, which was distributed through Google Play as Finance Simplified. The malware targets Indian users with unauthorized loan apps, enabling predatory lending, blackmail, and extortion. The Finance Simpli

Data Leak Exposes TopSec’s Role in China’s Censorship-as-a-Service Operations A...

by Pierluigi Paganini / 1d

Data Leak Exposes TopSec’s Role in China’s Censorship-as-a-Service Operations An analysis of a data leak from a Chinese cybersecurity company TopSec has revealed that it likely offers censorship-as-a-service solutions to prospective customers, including a state-owned enterprise in the country. Founded in 1995, TopSec ostensibly offers services such as Endpoint Detection and Response (EDR) and vul

Leaked Black Basta chat logs reveal the gang’s operations

by Pierluigi Paganini / 1d

Leaked Black Basta chat logs reveal internal conflicts, exposing member details and hacking tools as the gang reportedly falls apart. An unknown actor, named ExploitWhispers, leaked Matrix chat logs of the Black Basta ransomware gang revealing internal conflicts, and exposing member details and hacking tools as the gang reportedly collapses. ExploitWhispers first uploaded the chat messages on MEG

End of feed