SC Magazine
Senators grill UnitedHealth CEO on Change Healthcare cyberattack
Andrew Witty stuck with the familiar corporate line of providing consumers with two years of credit monitoring.
DarkReading
Dangerous New ICS Malware Targets Orgs in Russia and Ukraine
"Kapeka" and "Fuxnext" are the latest examples of malware to emerge from the long-standing conflict between the two countries.
The Hacker News
Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks
A new stealthy backdoor malware called Kapeka, likely created by Russia's APT group Sandworm, has been targeting Eastern Europe.
The Record
Prominent US senator sees new momentum for healthcare cybersecurity push
As U.S. hospitals struggle to pay their employees amid a cyberattack that knocked out a major payment vendor, a powerful Democratic senator is seizing the moment to push for better security in the sorely vulnerable healthcare sector.
PCMag
Terrorists, Iranian and Russian Media Allegedly Bought Verification on Musk's X
Twitter allegedly sold checkmarks to US-sanctioned persons and groups in the Middle East and Russia, a new nonprofit investigation reveals.
The Cyber Express
Anonymous Collective Launches Cyberattack on Bahrain Over Yemen Airstrikes
The Anonymous Collective has orchestrated an alleged cyberattack on Bahrain, pointing to the country's support for the US and UK
The Cyber Express
Maldivian Juvenile Court Website Hacked Amid India-Maldives Cyber Spat
In a continuing saga of cyber tensions, the Maldivian Juvenile Court website appears to be the latest target, following recent
Infosecurity News
Anti-Hezbollah Groups Hack Beirut Airport Screens
AP said departure and arrival screens displayed a message accusing Hezbollah of jeopardizing Lebanon
HACKRead
Beirut Airport Screens Hacked with Anti-Hezbollah Message
The airport’s advertisement and flight information screens were hacked with messages criticizing Hezbollah and its leaders, accusing them of jeopardizing Lebanon and risking war with Israel.
SecurityWeek
Lebanon Airport Screens Display Anti-Hezbollah Message After Being Hacked
The information display screens at Beirut’s international airport were hacked by domestic anti-Hezbollah groups
The Cyber Express
The Beirut International Airport Cyberattack: What Happened?
Beirut's international airport fell victim to a cyberattack that saw information display screens replaced with a message accusing the Hezbollah
The Cyber Express
Cyberattack Hits Maldives Government: Websites Recover Amid Diplomatic Tensions
Over the weekend, the Maldives faced a cyberattack, resulting in the temporary unavailability of the official websites of the President's
The Hacker News
Vietnamese Cybercriminals Targeting Facebook Business Accounts with Malvertising
Cybercriminals are exploiting social media ads on Meta-owned Facebook for malware distribution. With fraudulent ads, they're targeting businesses and
Infosecurity News
Facebook Accounts Targeted by Vietnamese Threat Groups
These groups often sell ads to other cybercriminals, either for a fee or a share of the operations
The Hacker News
Iranian Company Cloudzy Accused of Aiding Cybercriminals and Nation-State Hackers
Obscure Iranian company Cloudzy is being used by cybercrime groups and nation-state crews as a command-and-control provider.
SecurityWeek
Iran-Run ISP 'Cloudzy' Caught Supporting Nation-State APTs, Cybercrime Hacking Groups
Researchers unmask an Iranian-run company providing command-and-control services to hacking groups, including state-sponsored APT actors.
Latest Hacking News
Cisco Disclosed Vulnerabilities In SPA500 Series IP Phones – Won’t Fix
Heads up, Cisco users! Cisco recently disclosed numerous vulnerabilities in SPA500 series IP phones, confirming that no workarounds exist for the flaws. Also, the firm has no plans to address the issues as these devices
Computerworld
Senate hearings see a clear and present danger from AI — and opportunities
Two Senate committees met separately Tuesday with industry experts, including OpenAI CEO Sam Altman, on how to control artificial intelligence as it barrels down the development highway, threatening privacy and rights as it goes.
DarkReading
'BellaCiao' Showcases How Iran's Threat Groups Are Modernizing Their Malware
The dropper is being used in a Charming Kitten APT campaign that has hit organizations in multiple countries.
The Hacker News
Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware
Microsoft has confirmed that hackers linked to Cl0p and LockBit ransomware families are actively exploiting PaperCut servers.
Infosecurity News
Chinese SilkLoader Malware Sold to Russian Cyber-Criminals
Cobalt Strike beacon loader migrates across criminal ecosystems
Infosecurity News
President Biden Signs Quantum Cybersecurity Preparedness Act into Law
The law sets out requirements for federal agencies to migrate to quantum-secure cryptography
The Hacker News
Ducktail Malware Operation Evolves with New Malicious Capabilities
Vietnam-based cybercrime operation DUCKTAIL has returned with new capabilities to run fraudulent ads via compromised business accounts.
DarkReading
Ducktail Cyberattackers Add WhatsApp to Facebook Business Attack Chain
The Vietnam-based financial cybercrime operation's primary goal is to push out fraudulent ads via compromised business accounts.
Ars Technica
Half of computer repairs result in snooping of sensitive data, study finds
Not surprisingly, female customers bear the brunt of the privacy violations.
Infosecurity News
Ducktail Hacker Group Evolves, Targets Facebook Business Accounts
Activity observed since early September featured new avenues to spear-phish targets
Bleeping Computer
FBI warns of Vice Society ransomware attacks on school districts
FBI, CISA, and MS-ISAC warned today of U.S. school districts being increasingly targeted by the Vice Society ransomware group, with more attacks expected after the new school year start.
Bleeping Computer
Second largest U.S. school district LAUSD hit by ransomware
Los Angeles Unified (LAUSD), the second largest school district in the U.S., disclosed that a ransomware attack hit its Information Technology (IT) systems over the weekend.
SecurityWeek
HUMAN Security and PerimeterX Merge on Mission to Combat Bots
Bot and fraud protection firms HUMAN Security (formerly White Ops) and PerimeterX, will merge under the HUMAN company name.
Cyber Security News
New Malware Targeting HR Professionals Through LinkedIn Campaigns
The cybersecurity firm, WithSecure has recently discovered an active operation, called DUCKTAIL. The goal of this campaign is to take over the Facebook business accounts that are responsible for advertising for a company. While accomplishing this goal, the operators behind this campaign primarily targeted professionals on LinkedIn.
Infosecurity News
Senators Introduce Quantum Encryption Preparedness Law
Lawmakers introduced the bill because they’re worried about the potential for quantum computers to easily crack current cryptographic algorithms
DarkReading
Ducktail Spear-Phishing Campaign Uses LinkedIn to Hijack Facebook Business Accounts
Ducktail targets marketing and HR professionals through LinkedIn to hijack Facebook accounts and run malvertising schemes.
SecurityWeek
New Ducktail Infostealer Targets Facebook Business Accounts via LinkedIn
Marketing and HR professionals have been targeted with Ducktail malware through LinkedIn spear phishing campaigns to hijack Facebook business accounts.
SecurityWeek
Senators Introduce Bipartisan Quantum Computing Cybersecurity Bill
US Senators Rob Portman (R-OH) and Maggie Hassan (D-NH) have introduced a bipartisan bill to strengthen defenses against quantum-computing-enabled data breaches.
Bleeping Computer
Crypto thief threatened to cut man's fingers 'one by one,' stole £34K
Online crypto scams and ponzi schemes leveraging social media platforms are hardly anything new. But, this gruesome case of a London-based crypto robber transcends the virtual realm and tells a shocking tale of real-life victims from whom the perpetrator successfully stole £34,000.
Bleeping Computer
Crypto robber who lured victims via Snapchat and stole £34,000 jailed
Online crypto scams and ponzi schemes leveraging social media platforms are hardly anything new. But, this gruesome case of a London-based crypto robber transcends the virtual realm and tells a shocking tale of real-life victims from whom the perpetrator successfully stole £34,000.
CSO
Spyware was used against Catalan targets and UK prime minister and Foreign Office
Researchers at the Citizen Lab says dozens of officials' phones were compromised by spyware sold by NSO Group or Candiru.