DarkReading
US AI Experts Targeted in SugarGh0st RAT Campaign
Researchers believe the attacker is likely China-affiliated, since a previous version of the malware was used by a China nation-state attack group.
DarkReading
Researchers believe the attacker is likely China-affiliated, since a previous version of the malware was used by a China nation-state attack group.
CyberScoop
Christina Chapman facilitated remote work and financial transfers for North Koreans tied to that nation’s weapons development programs, according to the U.S. government.
Bleeping Computer
The Norwegian National Cyber Security Centre (NCSC) recommends replacing SSLVPN/WebVPN solutions with alternatives due to the repeated exploitation of related vulnerabilities in edge network devices to breach corporate networks.
Infosecurity News
Microsoft warned Storm-1811 started vishing attacks in April to gain access to target devices
Bleeping Computer
Security researchers discovered two previously unseen backdoors dubbed LunarWeb and LunarMail that were used to compromise a European government's diplomatic institutions abroad.
DarkReading
In a first-ever move, the commission's enforcement bureau has high hopes that official classification will allow law enforcement partners to better combat these kinds of threats.
The Hacker News
Kimsuky hackers launch new social engineering attack using fake Facebook accounts. Learn how they target activists via Messenger and deliver malware.
DarkReading
When abused by threat actors with sophisticated social-engineering chops, remote-access tools demand that enterprises remain sharp in both defense strategy and employee-awareness training.
Bleeping Computer
The North Korean hacker group Kimsuki has been using trojanized software packages to deliver a new Linux malware called Gomir in cyberespionage campaigns against targets in South Korea.
Bleeping Computer
The North Korean hacker group Kimsuki has been using a new Linux malware called Gomir that is a version of the GoBear backdoor delivered via trojanized software installers.
SecurityWeek
Nissan North America determined recently that a ransomware attack launched last year resulted in employee personal information compromise.
The Cyber Express
Researchers recently uncovered two new backdoors implanted within the infrastructure of a European Ministry of Foreign Affairs (MFA) and its
CSO
Official telegram channels operated by BreachForums members confirm law enforcement seizures and arrest.
Cyber Security News
Remote assist tools are often targeted by hackers as they create a direct channel that can be used to get into desired systems while using
SecurityWeek
The City of Wichita says files containing personal information were exfiltrated in a recent ransomware attack.
Cyber Security News
Earth Hundun, a notable Asia-Pacific malware organization, uses Waterbear and Deuterbear, first encountered Deuterbear.
The Cyber Express
GhostSec, a threat actor group previously involved in financially motivated cybercrimes, announced a significant shift in their focus to depart
Security Affairs
The Spanish bank Santander disclosed a data breach at a third-party provider that impacted customers in Chile, Spain, and Uruguay.
Cyber Security News
The notorious data leak site BreachForums has been taken over by the police. Cybercrime and data leaks are still being fought.
DarkReading
In an economy choking on swelling inflation, the Nigerian government paused plans for a levy on domestic transactions, aimed at enhancing cybersecurity.
SecurityWeek
The hacking forum BreachForums is displaying a notice claiming that the website is under the control of the FBI.
The Hacker News
Beware of Storm-1811! This financially motivated group is abusing Microsoft's Quick Assist tool in social engineering attacks.
Trend Micro
This report describes how Waterbear and Deuterbear — two of the tools in Earth Hundun's arsenal — operate, based on a campaign from 2024.
Ars Technica
Google's video synthesis model creates minute-long 1080p videos from written prompts.
DarkReading
Instead of online contraband, the website now asks anyone with information that could help with the investigation to contact authorities.
Security Affairs
One of the developers of the Tornado Cash cryptocurrency mixer has been sentenced to 64 months in prison.........
The Cyber Express
Santander, one of the largest banks in the eurozone, confirmed that an unauthorized party had gained access to a database
Infosecurity News
Despite this setback, the auction house said bids can still be placed by phone and in-person
Bleeping Computer
Financially motivated cybercriminals abuse the Windows Quick Assist feature in social engineering attacks to deploy Black Basta ransomware payloads on victims' networks.
HACKRead
The cybercrime and hacker forum Breach Forums has been seized by the Federal Bureau of Investigation (FBI) and the Department of Justice.
The Cyber Express
The ever-evolving landscape of cybersecurity is shaped by a dedicated group of individuals. These pioneers, through their research, entrepreneurship, and
Bleeping Computer
Banco Santander S.A. announced it suffered a data breach impacting customers after an unauthorized actor accessed a database hosted by one of its third-party service providers.
Cyber Security News
The well-known advanced persistent threat (APT) group Turla, which is based in Russia, is said to be going after the European Ministry.
Bleeping Computer
Alexey Pertsev, one of the main developers of the Tornado Cash cryptocurrency tumbler has been sentenced to 64 months in prison for his part in helping launder more than $2 billion worth of cryptocurrency.
The Hacker News
Two new backdoors, LunarWeb and LunarMail, have targeted a European ministry of foreign affairs and its diplomatic missions in the Middle East
CSO
The health care provider has dramatically increased its estimate of the number of patients affected by the August 2023 attack.
Infosecurity News
Santander has warned that customer and employee data has been breached following unauthorized access to a database held by a third-party provider
The Cyber Express
A Dutch court ruling on Tuesday found one of the co-founders of the now-sanctioned Tornado Cash cryptocurrency mixer service guilty
The Cyber Express
The notorious DragonForce ransomware group has expanded its list of victims, adding two new names to their dark web portal
The Hacker News
CVSS v4.0 evaluates vulnerabilities using a revised scoring system, emphasizing environmental and threat metrics.
Cyber Security News
Cybercriminals have been exploiting GitHub, a platform widely trusted by developers, to host malicious infrastructure.
Bleeping Computer
As our gadgets multiply and our jobs grow in complexity, we need file storage that's friendly on the wallet and easy to use. Get 1TB of fast file storage with FolderFort for $79.99, $171 off the $251 MSRP.
The Hacker News
Ebury malware botnet has compromised an estimated 400,000 servers since 2009. Learn how to protect your systems from this advanced threat.
The Cyber Express
Santander, one of the largest banks in the eurozone, confirmed that an unauthorized party had gained access to a database
SecurityWeek
Senators are recommending that Congress spend at least $32 billion over the next three years to develop AI and place safeguards around it.
The Cyber Express
Microsoft patched a zero-day vulnerability exploited by attackers to distribute QakBot and other malware payloads on susceptible Windows systems. Identified
The Hacker News
Alexey Pertsev, co-founder of Tornado Cash, sentenced to 5+ years in prison by Dutch court. The crypto mixer service was sanctioned by the U.S.
The Cyber Express
Cyble Research and Intelligence Labs (CRIL) researchers have uncovered a new SideCopy campaign. The threat actor group has previously been
The Hacker News
Microsoft has patched 61 new security flaws, including two zero-days actively exploited in the wild.
CyberNews
A UN sanctions investigation says North Korea laundered $147.5 million of stolen crypto through the virtual mixer platform Tornado Cash in March.
DarkReading
The nation amends its Cybersecurity Act, giving its primary cybersecurity agency more power to regulate critical infrastructure and third parties, and requiring cyber incidents be reported.
The Record
Researchers with cybersecurity company ESET have labeled two new pieces of suspected Russian malware as LunarWeb and LunarMail.
The Record
“They know what they have to do,” said Sophie in’t Veld, who led the European Parliament investigation into spyware. “The problem is they don't want to do it.”
SC Magazine
In this month’s release, Redmond patched 60 CVEs including two other zero-days and a SharePoint Server remote code execution vulnerability rated critical.
The Record
In a data breach notice about the incident, which is still affecting numerous city services, the municipality said hackers copied files from its network.
SC Magazine
The infamous data leak site’s domain and Telegram account were seized Wednesday morning.
DarkReading
Scattered Spider is as active as ever, despite authorities claiming that they're close to nailing its members.
Cyber Security News
Microsoft fixed 60 vulnerabilities in its Patch Tuesday release in May 2024, including 2 zero-day vulnerabilities actively exploited in the wild
Bleeping Computer
VMWare has made Workstation Pro and Fusion Pro free for personal use, allowing home users and students to set up their own virtualized test labs and play with another operating system at little to no cost.
SecurityWeek
Microsoft patched 60 security bugs in multiple products and waned of an actively exploited Windows zero-day (CVE-2024-30051)
Bleeping Computer
Microsoft has fixed a zero-day vulnerability exploited in attacks to deliver QakBot and other malware payloads on vulnerable Windows systems.
Bleeping Computer
Today is Microsoft's May 2024 Patch Tuesday, which includes security updates for 61 flaws and three actively exploited or publicly disclosed zero days.
Infosecurity News
The 15-year-old Ebury botnet is more active than ever, as ESET found 400,000 Linux servers compromised for cryptocurrency theft and financial gain
Infosecurity News
GCHQ chief warns China's cyber actions threaten global internet security, while Russia and Iran pose immediate risks
Infosecurity News
Recorded Future details a novel campaign that abuses legitimate internet services to deploy multiple malware variants for credential theft
Ars Technica
Rare bitcoin fragments are worth many times their face value.
Cyber Security News
The botnet, operated by the threat group behind the Ebury malware, has been active since at least 2009 but has evolved over the past decade.
HACKRead
The Israel-Hamas conflict has fueled a wave of hacktivism activity, with groups like SiegedSec launching attacks and leaking sensitive information.
The Hacker News
A new social engineering campaign is targeting enterprises with spam emails to gain initial access. The threat actor overwhelms users' email and calls
SecurityWeek
The City of Helsinki says usernames, email addresses, and personal information was stolen in a recent cyberattack.
SecurityWeek
MITRE announced the public availability of the EMB3D threat model for embedded devices used in critical infrastructure.
The Cyber Express
Hackers exploited an unpatched remote access server vulnerability in the Helsinki education division data breach to scour through records of
SecurityWeek
The FCC has issued a public notice on robocall scammer group ‘Royal Tiger’, the first designated threat actor.
Infosecurity News
In a first, the FCC has designated “Royal Tiger” as a malicious robocall threat group
Cyber Security News
According to the FCC, the Royal Tiger Group and the people who work with it are a C-Communications Information Services Threat (C-CIST).
The Cyber Express
In the latest twist of the cyber warfare between Anonymous Egypt group and R00TK1T hackers, the latter has turned up
The Hacker News
pple and Google just rolled out a cross-platform feature called "Detecting Unwanted Location Trackers" (DULT) on iOS and Android to protect users.
SC Magazine
The FCC has smacked the group with a first-of-its-kind threat classification for its persistent, fraudulent activity.
The Record
Alexey Pertsev's case has been seen as a bellwether pitting financial privacy advocates who view blockchain anonymity as a fundamental right against law enforcement intent on tracking the source of funds.
The Record
GCHQ Director Anne Keast-Butler warned at the CyberUK conference that the Kremlin’s partnership with criminal groups was contributing to cyberattacks as well as other operations.
The Record
State-linked hackers from Russia, China, Iran and North Korea are setting their sights set their sights on NGOs, think tanks, human rights activists and journalists, the advisory warned.
DarkReading
Ransomware groups have always created problems for their victims that only they could solve. Black Basta is taking that core idea in a creative, new direction.
Bleeping Computer
The Federal Communications Commission (FCC) has named its first officially designated robocall threat actor 'Royal Tiger,' a move aiming to help international partners and law enforcement more easily track individuals and entities behind repeat robocall campaigns.
Ars Technica
Threat group has targeted 500 organizations. One is currently struggling to cope.
Infosecurity News
Analyzing Mallox samples, Sekoia identified two distinct affiliates using different approaches
SecurityWeek
Europol is investigating a data breach, but says no core systems are impacted and no operational data has been compromised.
Security Affairs
A group of hackers that defines itself as 'first-class Russian hackers' claims the defacement of hundreds of British newspaper websites
SecurityWeek
Weakening liberal democracies and weakening the NATO alliance are conjoined in the hybrid war that Russia is conducting against Ukraine.
Cyber Security News
Information such as financial records, customer information, and intellectual property that may be sold on the black web markets is what
CyberNews
A Russia-linked group is automating fake news fabrication and publishing with AI.
Infosecurity News
A ransomware attack on US private healthcare provider Ascension has disrupted patient care, with several hospitals currently on diversion
CyberNews
Europol confirmed one of it web portals was breached.
The Cyber Express
As the Central Board of Secondary Education (CBSE) in India released the CBSE results 2024 for its class 10th and
CyberSecurity Dive
The threat group has impacted more than 500 targets worldwide and the vast majority of critical infrastructure sectors. Numerous attacks have exploited vulnerabilities in ConnectWise ScreenConnect.
SecurityWeek
The US government warns of Black Basta ransomware attacks targeting critical infrastructure organizations.
Infosecurity News
Affiliates of prolific Black Basta ransomware group have breached over 500 global organizations
The Hacker News
Black Basta ransomware-as-a-service (RaaS) operation has targeted over 500 private industry and critical infrastructure entities in North America, Eur
The Cyber Express
A dark web hacker, known as "makishimaaaa," has recently advertised a significant data breach on the Nuovo BreachForums. The compromised
Cyber Security News
Ascension is one of the most extensive charity healthcare systems in the US. It has been hit hard by a ransomware attack.
The Cyber Express
Hacktivist collective R00TK1T ISC CyberTeam has claimed responsibility for breaching the Ministry of Supply and Internal Trade in Egypt. The
Loading more articles....