DarkReading
US AI Experts Targeted in SugarGh0st RAT Campaign
Researchers believe the attacker is likely China-affiliated, since a previous version of the malware was used by a China nation-state attack group.
CyberScoop
Arizona woman arrested and charged in North Korean IT worker scheme
Christina Chapman facilitated remote work and financial transfers for North Koreans tied to that nation’s weapons development programs, according to the U.S. government.
Bleeping Computer
Norway recommends replacing SSL VPN to prevent breaches
The Norwegian National Cyber Security Centre (NCSC) recommends replacing SSLVPN/WebVPN solutions with alternatives due to the repeated exploitation of related vulnerabilities in edge network devices to breach corporate networks.
Infosecurity News
Windows Quick Assist Exploited in Ransomware Attacks
Microsoft warned Storm-1811 started vishing attacks in April to gain access to target devices
Bleeping Computer
Russian hackers use new Lunar malware to breach a European govt's agencies
Security researchers discovered two previously unseen backdoors dubbed LunarWeb and LunarMail that were used to compromise a European government's diplomatic institutions abroad.
DarkReading
FCC Reveals 'Royal Tiger' Robocall Campaign
In a first-ever move, the commission's enforcement bureau has high hopes that official classification will allow law enforcement partners to better combat these kinds of threats.
The Hacker News
North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign
Kimsuky hackers launch new social engineering attack using fake Facebook accounts. Learn how they target activists via Messenger and deliver malware.
DarkReading
Windows Quick Assist Anchors Black Basta Ransomware Gambit
When abused by threat actors with sophisticated social-engineering chops, remote-access tools demand that enterprises remain sharp in both defense strategy and employee-awareness training.
Bleeping Computer
Kimsuky hackers deploy new Linux backdoor via trojanized installers
The North Korean hacker group Kimsuki has been using trojanized software packages to deliver a new Linux malware called Gomir in cyberespionage campaigns against targets in South Korea.
Bleeping Computer
Kimsuky hackers deploy new Linux backdoor in attacks on South Korea
The North Korean hacker group Kimsuki has been using a new Linux malware called Gomir that is a version of the GoBear backdoor delivered via trojanized software installers.
SecurityWeek
Nissan Data Breach Impacts 53,000 Employees
Nissan North America determined recently that a ransomware attack launched last year resulted in employee personal information compromise.
The Cyber Express
Russian Hackers Used Two New Backdoors to Spy on European Foreign Ministry
Researchers recently uncovered two new backdoors implanted within the infrastructure of a European Ministry of Foreign Affairs (MFA) and its
CSO
BreachForums seized by law enforcement, admin Baphomet arrested
Official telegram channels operated by BreachForums members confirm law enforcement seizures and arrest.
Cyber Security News
Hackers Exploiting Microsoft's Quick Assist Tool To Deliver Ransomware
Remote assist tools are often targeted by hackers as they create a direct channel that can be used to get into desired systems while using
SecurityWeek
Personal Information Stolen in City of Wichita Ransomware Attack
The City of Wichita says files containing personal information were exfiltrated in a recent ransomware attack.
%20(1).webp)
Cyber Security News
Earth Hundun Hacker Group Employs Advanced Tactics to Evade Detection
Earth Hundun, a notable Asia-Pacific malware organization, uses Waterbear and Deuterbear, first encountered Deuterbear.
The Cyber Express
GhostSec Announces Shift in Operations from Ransomware to Hacktivism
GhostSec, a threat actor group previously involved in financially motivated cybercrimes, announced a significant shift in their focus to depart
Security Affairs
Santander: a data breach at a third-party provider impacted customers and employees
The Spanish bank Santander disclosed a data breach at a third-party provider that impacted customers in Chile, Spain, and Uruguay.
%20(2)%20(1).webp)
Cyber Security News
Authorities Seized Notorious Data Leak Site BreachForums
The notorious data leak site BreachForums has been taken over by the police. Cybercrime and data leaks are still being fought.
DarkReading
Nigeria Halts Cybersecurity Tax After Public Outrage
In an economy choking on swelling inflation, the Nigerian government paused plans for a levy on domestic transactions, aimed at enhancing cybersecurity.
SecurityWeek
BreachForums Shut Down in Apparent Law Enforcement Operation
The hacking forum BreachForums is displaying a notice claiming that the website is under the control of the FBI.
The Hacker News
Cybercriminals Exploiting Microsoft’s Quick Assist Feature in Ransomware Attacks
Beware of Storm-1811! This financially motivated group is abusing Microsoft's Quick Assist tool in social engineering attacks.
Trend Micro
Tracking the Progression of Earth Hundun's Cyberespionage Campaign in 2024
This report describes how Waterbear and Deuterbear — two of the tools in Earth Hundun's arsenal — operate, based on a campaign from 2024.
Ars Technica
Google unveils Veo, a high-definition AI video generator that may rival Sora
Google's video synthesis model creates minute-long 1080p videos from written prompts.
DarkReading
FBI, DoJ Shut Down BreachForums, Launch Investigation
Instead of online contraband, the website now asks anyone with information that could help with the investigation to contact authorities.
Security Affairs
A Tornado Cash developer has been sentenced to 64 months in prison
One of the developers of the Tornado Cash cryptocurrency mixer has been sentenced to 64 months in prison.........
The Cyber Express
Banco Santander Confirms Data Breach, Assures Customers’ Transactions Remain Secure
Santander, one of the largest banks in the eurozone, confirmed that an unauthorized party had gained access to a database
Infosecurity News
Cyber-Attack Disrupts Christie’s $840M Art Auctions
Despite this setback, the auction house said bids can still be placed by phone and in-person
Bleeping Computer
Windows Quick Assist abused in Black Basta ransomware attacks
Financially motivated cybercriminals abuse the Windows Quick Assist feature in social engineering attacks to deploy Black Basta ransomware payloads on victims' networks.
HACKRead
Popular Cyber Crime Forum Breach Forums Seized by Police
The cybercrime and hacker forum Breach Forums has been seized by the Federal Bureau of Investigation (FBI) and the Department of Justice.
The Cyber Express
The Cybersecurity Guardians: Meet the Top 30 cybersecurity Influencers to Follow in 2024
The ever-evolving landscape of cybersecurity is shaped by a dedicated group of individuals. These pioneers, through their research, entrepreneurship, and
Bleeping Computer
Banco Santander warns of a data breach exposing customer info
Banco Santander S.A. announced it suffered a data breach impacting customers after an unauthorized actor accessed a database hosted by one of its third-party service providers.
.webp)
Cyber Security News
Turla APT Group Attacking European Ministry of Foreign Affairs
The well-known advanced persistent threat (APT) group Turla, which is based in Russia, is said to be going after the European Ministry.
Bleeping Computer
Tornado Cash cryptomixer dev gets 64 months for laundering $2 billion
Alexey Pertsev, one of the main developers of the Tornado Cash cryptocurrency tumbler has been sentenced to 64 months in prison for his part in helping launder more than $2 billion worth of cryptocurrency.
The Hacker News
Turla Group Deploys LunarWeb and LunarMail Backdoors in Diplomatic Missions
Two new backdoors, LunarWeb and LunarMail, have targeted a European ministry of foreign affairs and its diplomatic missions in the Middle East
CSO
Singing River ransomware attack now thought to have affected over 895,000
The health care provider has dramatically increased its estimate of the number of patients affected by the August 2023 attack.
Infosecurity News
Santander Customer Data Compromised Following Third-Party Breach
Santander has warned that customer and employee data has been breached following unauthorized access to a database held by a third-party provider
The Cyber Express
Tornado Cash Co-Founder Gets Over 5 Years for Laundering $1.2Bn
A Dutch court ruling on Tuesday found one of the co-founders of the now-sanctioned Tornado Cash cryptocurrency mixer service guilty
The Cyber Express
DragonForce Cyberattack Strikes Again: Malone & Co and Watt Carmicheal Added as Victims
The notorious DragonForce ransomware group has expanded its list of victims, adding two new names to their dark web portal
The Hacker News
(Cyber) Risk = Probability of Occurrence x Damage
CVSS v4.0 evaluates vulnerabilities using a revised scoring system, emphasizing environmental and threat metrics.
.webp)
Cyber Security News
Hackers Abusing to GitHub to Host Malicious Infrastructure
Cybercriminals have been exploiting GitHub, a platform widely trusted by developers, to host malicious infrastructure.
Bleeping Computer
Save $170 on 1TB of high-speed file storage with FolderFort
As our gadgets multiply and our jobs grow in complexity, we need file storage that's friendly on the wallet and easy to use. Get 1TB of fast file storage with FolderFort for $79.99, $171 off the $251 MSRP.
The Hacker News
Ebury Botnet Malware Compromises 400,000 Linux Servers Over Past 14 Years
Ebury malware botnet has compromised an estimated 400,000 servers since 2009. Learn how to protect your systems from this advanced threat.
The Cyber Express
Santander Confirms Data Breach, Assures Customers’ Transactions Remain Secure
Santander, one of the largest banks in the eurozone, confirmed that an unauthorized party had gained access to a database
SecurityWeek
Senators Urge $32 Billion in Emergency Spending on AI After Finishing Yearlong Review
Senators are recommending that Congress spend at least $32 billion over the next three years to develop AI and place safeguards around it.
The Cyber Express
Microsoft Addresses Zero-Day Vulnerability Exploited by QakBot Malware
Microsoft patched a zero-day vulnerability exploited by attackers to distribute QakBot and other malware payloads on susceptible Windows systems. Identified
The Hacker News
Dutch Court Sentences Tornado Cash Co-Founder to 5 Years in Prison for Money Laundering
Alexey Pertsev, co-founder of Tornado Cash, sentenced to 5+ years in prison by Dutch court. The crypto mixer service was sanctioned by the U.S.
The Cyber Express
SideCopy APT Campaign Found Targeting Indian Universities
Cyble Research and Intelligence Labs (CRIL) researchers have uncovered a new SideCopy campaign. The threat actor group has previously been
The Hacker News
Microsoft Patches 61 Flaws, Including Two Actively Exploited Zero-Days
Microsoft has patched 61 new security flaws, including two zero-days actively exploited in the wild.
CyberNews
North Korea launders $148 million of stolen crypto using Tornado Cash
A UN sanctions investigation says North Korea laundered $147.5 million of stolen crypto through the virtual mixer platform Tornado Cash in March.
DarkReading
Singapore Cybersecurity Update Puts Cloud Providers on Notice
The nation amends its Cybersecurity Act, giving its primary cybersecurity agency more power to regulate critical infrastructure and third parties, and requiring cyber incidents be reported.
The Record
New backdoors on a European government's network appear to be Russian
Researchers with cybersecurity company ESET have labeled two new pieces of suspected Russian malware as LunarWeb and LunarMail.
The Record
EU failure to rein in spyware reflects lack of political will, parliamentarian says
“They know what they have to do,” said Sophie in’t Veld, who led the European Parliament investigation into spyware. “The problem is they don't want to do it.”
SC Magazine
Microsoft fixes exploited Qakbot-delivering 0-day in May Patch Tuesday
In this month’s release, Redmond patched 60 CVEs including two other zero-days and a SharePoint Server remote code execution vulnerability rated critical.
The Record
Law enforcement data stolen in Wichita ransomware attack
In a data breach notice about the incident, which is still affecting numerous city services, the municipality said hackers copied files from its network.
SC Magazine
BreachForums seized by FBI for 2nd time
The infamous data leak site’s domain and Telegram account were seized Wednesday morning.
DarkReading
As the FBI Closes In, Scattered Spider Attacks Finance, Insurance Orgs
Scattered Spider is as active as ever, despite authorities claiming that they're close to nailing its members.
Cyber Security News
Alert! Microsoft Fixes 60 Vulnerabilities With 2 Actively Exploited Zero-Days
Microsoft fixed 60 vulnerabilities in its Patch Tuesday release in May 2024, including 2 zero-day vulnerabilities actively exploited in the wild
Bleeping Computer
VMware makes Workstation Pro and Fusion Pro free for personal use
VMWare has made Workstation Pro and Fusion Pro free for personal use, allowing home users and students to set up their own virtualized test labs and play with another operating system at little to no cost.
SecurityWeek
Microsoft Warns of Active Zero-Day Exploitation, Patches 60 Windows Vulnerabilities
Microsoft patched 60 security bugs in multiple products and waned of an actively exploited Windows zero-day (CVE-2024-30051)
Bleeping Computer
Microsoft fixes Windows zero-day exploited in QakBot malware attacks
Microsoft has fixed a zero-day vulnerability exploited in attacks to deliver QakBot and other malware payloads on vulnerable Windows systems.
Bleeping Computer
Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws
Today is Microsoft's May 2024 Patch Tuesday, which includes security updates for 61 flaws and three actively exploited or publicly disclosed zero days.
Infosecurity News
Ebury Botnet Operators Diversify with Financial and Crypto Theft
The 15-year-old Ebury botnet is more active than ever, as ESET found 400,000 Linux servers compromised for cryptocurrency theft and financial gain
Infosecurity News
China Presents Defining Challenge to Global Cybersecurity, Says GCHQ
GCHQ chief warns China's cyber actions threaten global internet security, while Russia and Iran pose immediate risks
Infosecurity News
Russian Actors Weaponize Legitimate Services in Multi-Malware Attack
Recorded Future details a novel campaign that abuses legitimate internet services to deploy multiple malware variants for credential theft
Ars Technica
The hunt for rare bitcoin is nearing an end
Rare bitcoin fragments are worth many times their face value.
.webp)
Cyber Security News
400k Linux Servers Hacked to Mine Cryptocurrency
The botnet, operated by the threat group behind the Ebury malware, has been active since at least 2009 but has evolved over the past decade.
HACKRead
Kaspersky Reveals Global Rise in APTs, Hacktivism and Targeted Attacks
The Israel-Hamas conflict has fueled a wave of hacktivism activity, with groups like SiegedSec launching attacks and leaking sensitive information.
The Hacker News
Ongoing Campaign Bombarded Enterprises with Spam Emails and Phone Calls
A new social engineering campaign is targeting enterprises with spam emails to gain initial access. The threat actor overwhelms users' email and calls
SecurityWeek
Student, Personnel Information Stolen in City of Helsinki Cyberattack
The City of Helsinki says usernames, email addresses, and personal information was stolen in a recent cyberattack.
SecurityWeek
MITRE EMB3D Threat Model Officially Released
MITRE announced the public availability of the EMB3D threat model for embedded devices used in critical infrastructure.
The Cyber Express
Hackers Exploit Unpatched Bug in Helsinki Education Division Data Breach
Hackers exploited an unpatched remote access server vulnerability in the Helsinki education division data breach to scour through records of
SecurityWeek
FCC Warns of 'Royal Tiger' Robocall Scammers
The FCC has issued a public notice on robocall scammer group ‘Royal Tiger’, the first designated threat actor.
Infosecurity News
FCC Names and Shames First Robocall Threat Actor
In a first, the FCC has designated “Royal Tiger” as a malicious robocall threat group
.webp)
Cyber Security News
Royal Tiger Group With Spoofed Phone Numbers Stealing Credit Card Data: FCC
According to the FCC, the Royal Tiger Group and the people who work with it are a C-Communications Information Services Threat (C-CIST).
The Cyber Express
R00TK1T Group Intensifies Cyberattacks on Egyptian Firms After Clash with Anonymous Egypt
In the latest twist of the cyber warfare between Anonymous Egypt group and R00TK1T hackers, the latter has turned up
The Hacker News
Apple and Google Launch Cross-Platform Feature to Detect Unwanted Bluetooth Tracking Devices
pple and Google just rolled out a cross-platform feature called "Detecting Unwanted Location Trackers" (DULT) on iOS and Android to protect users.
SC Magazine
Royal Tiger robocall gang impersonated feds, banks, utilities, FCC says
The FCC has smacked the group with a first-of-its-kind threat classification for its persistent, fraudulent activity.
The Record
Tornado Cash co-founder convicted of laundering $1.2 billion by Dutch court
Alexey Pertsev's case has been seen as a bellwether pitting financial privacy advocates who view blockchain anonymity as a fundamental right against law enforcement intent on tracking the source of funds.
The Record
UK 'increasingly concerned' about Russian intelligence links to hacktivists
GCHQ Director Anne Keast-Butler warned at the CyberUK conference that the Kremlin’s partnership with criminal groups was contributing to cyberattacks as well as other operations.
The Record
Civil society under increasing threats from ‘malicious’ state cyber actors, US
State-linked hackers from Russia, China, Iran and North Korea are setting their sights set their sights on NGOs, think tanks, human rights activists and journalists, the advisory warned.
DarkReading
500 Victims In, Black Basta Reinvents With Novel Vishing Strategy
Ransomware groups have always created problems for their victims that only they could solve. Black Basta is taking that core idea in a creative, new direction.
Bleeping Computer
FCC reveals Royal Tiger, its first tagged robocall threat actor
The Federal Communications Commission (FCC) has named its first officially designated robocall threat actor 'Royal Tiger,' a move aiming to help international partners and law enforcement more easily track individuals and entities behind repeat robocall campaigns.
Ars Technica
Black Basta ransomware group is imperiling critical infrastructure, groups warn
Threat group has targeted 500 organizations. One is currently struggling to cope.
Infosecurity News
Mallox Ransomware Deployed Via MS-SQL Honeypot Attack
Analyzing Mallox samples, Sekoia identified two distinct affiliates using different approaches
SecurityWeek
Europol Investigating Breach After Hacker Offers to Sell Classified Data
Europol is investigating a data breach, but says no core systems are impacted and no operational data has been compromised.
Security Affairs
Russian hackers defaced British newspaper websites
A group of hackers that defines itself as 'first-class Russian hackers' claims the defacement of hundreds of British newspaper websites
SecurityWeek
NATO Draws a Cyber Red Line in Tensions With Russia
Weakening liberal democracies and weakening the NATO alliance are conjoined in the hybrid war that Russia is conducting against Ukraine.
Cyber Security News
Hackers Exploiting MS-SQL Severs To Deploy Mallox Ransomware
Information such as financial records, customer information, and intellectual property that may be sold on the black web markets is what
CyberNews
Russia-linked group incorporating AI in its new automated propaganda machine
A Russia-linked group is automating fake news fabrication and publishing with AI.
Infosecurity News
Ascension Ransomware Attack Diverts Ambulances, Delays Appointments
A ransomware attack on US private healthcare provider Ascension has disrupted patient care, with several hospitals currently on diversion
CyberNews
Europol confirms web platform breach
Europol confirmed one of it web portals was breached.
The Cyber Express
CBSE Results 2024 Under Threat: Database Vulnerability Could Compromise Student Scores
As the Central Board of Secondary Education (CBSE) in India released the CBSE results 2024 for its class 10th and
CyberSecurity Dive
Black Basta ransomware is toying with critical infrastructure providers, authorities say
The threat group has impacted more than 500 targets worldwide and the vast majority of critical infrastructure sectors. Numerous attacks have exploited vulnerabilities in ConnectWise ScreenConnect.
SecurityWeek
Black Basta Ransomware Hit Over 500 Organizations
The US government warns of Black Basta ransomware attacks targeting critical infrastructure organizations.
Infosecurity News
Black Basta Ransomware Victim Count Tops 500
Affiliates of prolific Black Basta ransomware group have breached over 500 global organizations
The Hacker News
Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia
Black Basta ransomware-as-a-service (RaaS) operation has targeted over 500 private industry and critical infrastructure entities in North America, Eur
The Cyber Express
Alleged Hosocongty Data Breach Exposes Vietnamese Job Seekers
A dark web hacker, known as "makishimaaaa," has recently advertised a significant data breach on the Nuovo BreachForums. The compromised
.webp)
Cyber Security News
Ascension Healthcare Systems Hacked, Hospitals Diverting Emergency Service
Ascension is one of the most extensive charity healthcare systems in the US. It has been hit hard by a ransomware attack.
The Cyber Express
Hacktivist Group R00TK1T ISC Claims Breach of Egyptian Ministry’s Systems
Hacktivist collective R00TK1T ISC CyberTeam has claimed responsibility for breaching the Ministry of Supply and Internal Trade in Egypt. The
Loading more articles....