#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
Get the Free Newsletter
Volexity | Breaking Cybersecurity News | The Hacker News
Unmasking XE Group: Experts Reveal Identity of Suspected Cybercrime Kingpin
Jun 01, 2023
Cybercrime / Malware
Cybersecurity researchers have unmasked the identity of one of the individuals who is believed to be associated with the e-crime actor known as XE Group . According to Menlo Security , which pieced together the information from different online sources, "Nguyen Huu Tai, who also goes by the names Joe Nguyen and Thanh Nguyen, has the strongest likelihood of being involved with the XE Group." XE Group (aka XeThanh), previously documented by Malwarebytes and Volexity , has a history of carrying out cyber criminal activities since at least 2013. It's suspected to be a threat actor of Vietnamese origin. Some of the entities targeted by the threat actor span government agencies, construction organizations, and healthcare sectors. It's known to compromise internet-exposed servers with known exploits and monetize the intrusions by installing password theft or credit card skimming code for online services. "As far back as 2014, the threat actor was seen crea
Microsoft Alerts Cryptocurrency Industry of Targeted Cyberattacks
Dec 07, 2022
Cryptocurrency / Threat Intelligence
Cryptocurrency investment companies are the target of a developing threat cluster that uses Telegram groups to seek out potential victims. Microsoft's Security Threat Intelligence Center (MSTIC) is tracking the activity under the name DEV-0139 , and builds upon a recent report from Volexity that attributed the same set of attacks to North Korea's Lazarus Group . "DEV-0139 joined Telegram groups used to facilitate communication between VIP clients and cryptocurrency exchange platforms and identified their target from among the members," the tech giant said . The adversary subsequently impersonated another cryptocurrency investment company and invited the victim to join a different Telegram chat group under the pretext of asking for feedback on the trading fee structure used by exchange platforms across VIP tiers. It's worth pointing out that the VIP program is designed to reward high-volume traders with exclusive trading fee incentives and discount
Guide: How to Minimize Third-Party Risk With Vendor Management
Vendor Risk Management
Manage third-party risk while dealing with challenges like limited resources and repetitive manual processes.
AI Solutions Are the New Shadow IT
Nov 22, 2023
AI Security / SaaS Security
Ambitious Employees Tout New AI Tools, Ignore Serious SaaS Security Risks Like the SaaS shadow IT of the past, AI is placing CISOs and cybersecurity teams in a tough but familiar spot. Employees are covertly using AI with little regard for established IT and cybersecurity review procedures. Considering ChatGPT's meteoric rise to 100 million users within 60 days of launch , especially with little sales and marketing fanfare, employee-driven demand for AI tools will only escalate. As new studies show some workers boost productivity by 40% using generative AI , the pressure for CISOs and their teams to fast-track AI adoption — and turn a blind eye to unsanctioned AI tool usage — is intensifying. But succumbing to these pressures can introduce serious SaaS data leakage and breach risks, particularly as employees flock to AI tools developed by small businesses, solopreneurs, and indie developers. AI Security Guide Download AppOmni's CISO Guide to AI Security - Part 1 AI evoke
North Korean Hackers Using Malicious Browser Extension to Spy on Email Accounts
Jul 30, 2022
A threat actor operating with interests aligned with North Korea has been deploying a malicious extension on Chromium-based web browsers that's capable of stealing email content from Gmail and AOL. Cybersecurity firm Volexity attributed the malware to an activity cluster it calls SharpTongue , which is said to share overlaps with an adversarial collective publicly referred to under the name Kimsuky . SharpTongue has a history of singling out individuals working for organizations in the U.S., Europe, and South Korea who "work on topics involving North Korea, nuclear issues, weapons systems, and other matters of strategic interest to North Korea," researchers Paul Rascagneres and Thomas Lancaster said . Kimsuky 's use of rogue extensions in attacks is not new. In 2018, the actor was seen utilizing a Chrome plugin as part of a campaign called Stolen Pencil to infect victims and steal browser cookies and passwords. But the latest espionage effort is different
Befriend Your Mom with Technology
Explain cybersecurity with Moonlock
Discover Our Unparalleled Threat Detection Capabilities
Try Fidelis Elevate for 30 days and discover threats your current provider missed.
Webinar: A New Approach to Mitigating Insider Risks
Learn how you can easily mitigate the modern security risks introduced by your employees.
Advance in the Field of Cybersecurity with Georgetown
Learn cybersecurity strategies from the experts. Attend a sample class on Nov. 30.
Join 120,000+ Professionals
Sign up for free and start receiving your daily dose of cybersecurity news, insights and tips.