Latest News Articles
--- TLP:WHITE ---
News
− North Korean APT43 Group Uses Cybercrime to Fund Espionage Operations
A new North Korean nation-state cyber operator has been attributed to a series of campaigns orchestrated to gather strategic intelligence that aligns with Pyongyang's geopolitical interests since 2018.
https://www.mandiant.com/resources/reports/apt43-north-korea-cybercrime-espionage− Mélofée: Researchers Uncover New Linux Malware Linked to Chinese APT Groups
An unknown Chinese state-sponsored hacking group has been linked to a novel piece of malware aimed at Linux servers. French cybersecurity firm ExaTrack, which found three samples of the previously documented malicious software that date back to early 2022, dubbed it Mélofée.
https://blog.exatrack.com/melofee/− Over 200 Organizations Targeted in Chinese Cyberespionage Campaign
Chinese cyberespionage group Mustang Panda was seen targeting maritime, shipping, border control, and immigration organizations in recent attacks.
https://www.trendmicro.com/en_us/research/23/c/earth-preta-cyberespionage-campaign-hits-over-200.htmlVulnerabilities
− CISA orders agencies to patch bugs exploited to drop spyware
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies today to patch a set of security vulnerabilities exploited as zero-days in recent attacks to install commercial spyware on mobile devices
https://www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-patch-bugs-exploited-to-drop-spyware/− 3CX Supply Chain Compromise
The NCSC has been made aware of a digitally signed and trojanized version of the 3CX VOIP desktop client, DesktopApp.exe. 3CX is a software-based PBX system available across multiple platforms.
https://www.ncsc.gov.ie/pdfs/3CX_Supply_Chain_Compromise.pdf− 3CX Supply Chain Attack: North Korean Hackers Likely Targeted Cryptocurrency Firms
3CX supply chain attack appears to have been conducted by North Korean hackers with the goal of targeting cryptocurrency firms.
https://securelist.com/gopuram-backdoor-deployed-through-3cx-supply-chain-attack/109344/− Microsoft Tightens OneNote Security by Auto-Blocking 120 Risky File Extensions
Microsoft has announced plans to automatically block embedded files with "dangerous extensions" in OneNote following reports that the note-taking service is being increasingly abused for malware delivery.
https://learn.microsoft.com/en-us/deployoffice/security/onenote-extension-blockCommunity News
− Cyber Ireland 4 Pillars: A Cyber Security Baseline Framework for SME’s
The challenge for SMEs can be knowing where to start with establishing the basic steps for their cyber security posture. In order to initiate this framework, a Cyber Ireland sub-group partnered with the Small Firms Association (SFA) to enlist SMEs for piloting the framework and self-assessment.
https://cyberireland.ie/ci-four-pillars-cyber-security-baseline-framework/--- TLP:WHITE ---