Prevalent, a third-party risk management solutions provider, has partnered with Indigocube Security, a cybersecurity consultancy in SA. This collaboration aims to enhance the way organizations in SA manage and mitigate third-party risks, offering comprehensive solutions that enhance security, resilience, and business continuity. Through this partnership, Prevalent and Indigocube Security will combine their expertise to deliver a robust, AI-driven third-party risk management solution tailored to the South African market. This solution will empower businesses to confidently navigate the complexities of third-party risks, ensuring they can maintain secure and sustainable supplier relationships. Tallen Harmsen, Director at Indigocube Security, said the partnership would…
Author: ISB Staff Reporter
Intellexa’s Predator spyware is back. After facing sanctions and exposure by the US government, the scourge appeared to decline. However, recent findings from Insikt Group, the threat research arm of cyber security company Recorded Future, reveal that Predator’s infrastructure is active again. However, it has come back with modifications designed to evade detection and anonymize its users. This resurgence highlights Predator’s ongoing use by customers in countries such as the Democratic Republic of the Congo (DRC) and Angola, raising serious privacy and security concerns. Infrastructure Changes and Evasion Tactics The Predator spyware operators have revamped their infrastructure, making it harder…
Bitdefender has unveiled Bitdefender Security for Creators, a service specifically designed for digital content producers, online creative professionals, and social media influencers who are prime targets for account takeovers, fraud, and other cybercrimes. Initially the new offering protects YouTube accounts with additional platform support such as Facebook, TikTok, Instagram and others to follow. In the 2024 Consumer Cybersecurity Assessment Report, based on an independent global survey of over 7,000 consumers, nearly a quarter (24.3%) experienced a security incident over the last 12 months, with 44% of those incidents relating to fraud and 42% phishing attempts. In addition, according to Social Blade…
Kaspersky has discovered that an advanced persistent threat (APT) group, Tropic Trooper, also known as KeyBoy and Pirate Panda, has been linked to a series of targeted attacks on a government entity in the Middle East. This is a strategic expansion for the group, which has historically focused on sectors like government, healthcare, transportation, and high-tech industries in Taiwan, the Philippines, and Hong Kong. It is now targeting a governmental entity related to human rights studies. New Targets, New Tactics The intrusion campaign began in June last year and was detected in June 2024 when cybersecurity researchers observed a new…
A newly discovered PyPI hijack technique called “Revival Hijack” has been exploited in the wild, posing a significant threat to thousands of Python packages. Identified by JFrog’s security research team, the method takes advantage of a loophole in the PyPI software registry that allows attackers to re-register package names that have been removed by their original owners. Jfrog researchers Andrey Polkovnichenko and Brian Moussalli said this technique has the potential to affect over 22,000 packages, putting countless systems at risk. What is the “Revival Hijack” Technique? The Revival Hijack method allows attackers to take control of package names that have been deleted…
The US Department of Justice has disrupted a covert Russian government-sponsored influence operation targeting audiences within its borders and other nations. The operation, dubbed “Doppelganger,” involved using influencers, AI-generated content, and paid social media advertisements to spread disinformation aimed at undermining international support for Ukraine and influencing the 2024 US Presidential Election. Authorities revealed the seizure of 32 internet domains used by Russian entities, including Social Design Agency (SDA), Structura National Technology (Structura), and ANO Dialog. These companies, directed by Sergei Kiriyenko, a key figure in President Vladimir Putin’s inner circle, employed tactics like cybersquatting to impersonate legitimate news outlets…
Cisco has warned of multiple critical vulnerabilities in its Smart Licensing Utility, potentially enabling unauthenticated, remote attackers to collect sensitive information or gain administrative control over the software. The vulnerabilities, identified as CVE-2024-20439 and CVE-2024-20440, can be found in several versions of the software. Both have been rated a critical severity score of 9.8 on the CVSS scale, meaning exploitation of the flaw could result in a full system or data compromise. The company has released software updates to address these issues but emphasized that there are no workarounds available for the vulnerabilities. It also said that, to date, it…
Phishing remains the most common cyber threat, representing 37% of incidents in Q3 2024. However, incidents of credential exposure have increased to almost 89%, raising concerns about data security risks across industries, according to the latest report by ReliaQuest on quarterly attacker trends analysis. Between May 1 and July 31, 2024, ReliaQuest analyzed customer incident data and cybercriminal forums to identify common cyber threats. While phishing still leads the list of threats, its impact has slightly diminished from previous years. On the other hand, exposed credentials are skyrocketing, now making up a substantial portion of security alerts—a jump of 29%…
A sophisticated cyber campaign, dubbed SLOW#TEMPEST, has been uncovered by the Securonix Threat Research team, targeting Chinese-speaking users. The attack, characterized by the deployment of Cobalt Strike payloads, managed to evade detection for over two weeks, demonstrating the malicious actors’ ability to establish persistence and move laterally within compromised systems. SLOW#TEMPEST primarily targets victims in China, with evidence suggesting that the attack leverages phishing emails to deliver malicious ZIP files. The lure files and the command-and-control (C2) infrastructure are predominantly written in Chinese, reinforcing the likelihood that Chinese users are the primary targets. The C2 infrastructure is hosted by Shenzhen…
Cybersecurity researchers discovered a vulnerability in the Known Crewmember (KCM) system, a TSA program that allows airline pilots and flight attendants to bypass security screening. The flaw, which could potentially compromise the safety of millions of air travelers, was found by researchers Ian Carroll and Sam Curry in a system operated by FlyCASS – a service used by smaller airlines to manage KCM and Cockpit Access Security System (CASS) authorizations. Gaining Administrative Access KCM and CASS are crucial security programs that streamline airport security checks for airline personnel. KCM enables pilots and flight attendants to bypass regular security lines by…
