CSO
US AI experts targeted in cyberespionage campaign using SugarGh0st RAT
Threat actors use phishing techniques to obtain non-public information about generative artificial intelligence.
CSO
Threat actors use phishing techniques to obtain non-public information about generative artificial intelligence.
The Cyber Express
The U.S. federal prosecutors on Thursday revealed charges against a North Korean job fraud nexus that ran its fraudulent scheme
DarkReading
Researchers believe the attacker is likely China-affiliated, since a previous version of the malware was used by a China nation-state attack group.
CyberScoop
Christina Chapman facilitated remote work and financial transfers for North Koreans tied to that nation’s weapons development programs, according to the U.S. government.
Bleeping Computer
The U.S. Justice Department charged five individuals today, a U.S. Citizen woman, a Ukrainian man, and three foreign nationals, for their involvement in cyber schemes that generated revenue for North Korea's nuclear weapons program.
Bleeping Computer
Electronic prescription provider MediSecure in Australia has shut down its website and phone lines following a ransomware attack believed to originate from a third-party vendor.
Security Magazine
59% of organizations experienced a software supply chain attack, with 54% of these respondents having experienced one in the past year.
Bleeping Computer
Security researchers discovered two previously unseen backdoors dubbed LunarWeb and LunarMail that were used to compromise a European government's diplomatic institutions abroad.
DarkReading
In a first-ever move, the commission's enforcement bureau has high hopes that official classification will allow law enforcement partners to better combat these kinds of threats.
Bleeping Computer
Growth in AI use is widespread, evolving, and showing no signs of slowing, and with it comes risks ranging from competitive and legal concerns to a slew of security implications. Here's how Nudge Security can help you discover and manage AI security risks.
Bleeping Computer
The North Korean hacker group Kimsuki has been using trojanized software packages to deliver a new Linux malware called Gomir in cyberespionage campaigns against targets in South Korea.
Bleeping Computer
The North Korean hacker group Kimsuki has been using a new Linux malware called Gomir that is a version of the GoBear backdoor delivered via trojanized software installers.
The Cyber Express
During a recent Senate committee hearing, Director of National Intelligence Avril Haines emphasized state hackers' continued prominence as a threat,
The Cyber Express
Researchers recently uncovered two new backdoors implanted within the infrastructure of a European Ministry of Foreign Affairs (MFA) and its
SecurityWeek
The City of Wichita says files containing personal information were exfiltrated in a recent ransomware attack.
The Cyber Express
A ransomware attack has compromised MediSecure, a leading Australian script provider facilitating electronic prescribing and dispensing of prescriptions. The MediSecure
The Cyber Express
In response to heightened cyber threats targeting political candidates, election officials and civil society groups, the National Cyber Security Centre
The Record
According to the State Department, a U.S. national named Christina Chapman helped four people fraudulently obtain work as remote software and applications developers with companies in a range of sectors and industries, earning millions of dollars for the North Korean regime.
The Record
Kia, General Motors, Subaru and Mitsubishi received “civil investigative demand” letters from the Office of the Texas Attorney General's consumer protection division in late April.
SC Magazine
GenAI, API and identity risks are key concerns, as well as conflicts between DevOps and SecOps.
The Record
The BGP behaves like an internet traffic controller, routing data as efficiently as possible — but it can be "hijacked" for malicious purposes.
Trend Micro
This report describes how Waterbear and Deuterbear — two of the tools in Earth Hundun's arsenal — operate, based on a campaign from 2024.
The Cyber Express
The ever-evolving landscape of cybersecurity is shaped by a dedicated group of individuals. These pioneers, through their research, entrepreneurship, and
Infosecurity News
The National Cyber Security Centre launches an opt-in Personal Internet Protection service to safeguard individuals from cyber threats during the upcoming election
Bleeping Computer
Organizations need to detect and remove intruders quickly to prevent data loss and minimize the impact of lateral movement attacks. Learn more from Specops Software on blocking lateral movement in networks.
Cyber Security News
The well-known advanced persistent threat (APT) group Turla, which is based in Russia, is said to be going after the European Ministry.
CSO
The health care provider has dramatically increased its estimate of the number of patients affected by the August 2023 attack.
SecurityWeek
The Ebury Linux botnet has ensnared over 400,000 Linux systems in 15 years, with roughly 100,000 still infected.
SecurityWeek
Senators are recommending that Congress spend at least $32 billion over the next three years to develop AI and place safeguards around it.
The Cyber Express
CISA, in collaboration with DHS, FBI, and international cybersecurity entities, has revealed a comprehensive guide aimed at bolstering cybersecurity for
Security Affairs
The Singing River Health System revealed that the ransomware attack that hit the organization in August 2023 impacted 895,204 people.
The Cyber Express
A dark web actor named DuckyMummy claimed responsibility for an alleged data breach at Frotcom International, a prominent player in
SecurityWeek
Vermont passed a bill that prohibits the sale of data, such as social security and drivers’ license numbers, financial or health information.
DarkReading
The nation amends its Cybersecurity Act, giving its primary cybersecurity agency more power to regulate critical infrastructure and third parties, and requiring cyber incidents be reported.
CSO
CISA advisory includes indicators of compromise and TTPs that can be used for threat hunting.
The Record
“We've got to do a better job of making sure Americans of all political stripes understand what is very probably coming their way over the next less than six months,” Senate Intelligence Chair Mark Warner told leaders from ODNI, CISA and the FBI.
The Record
Researchers with cybersecurity company ESET have labeled two new pieces of suspected Russian malware as LunarWeb and LunarMail.
The Record
In a data breach notice about the incident, which is still affecting numerous city services, the municipality said hackers copied files from its network.
Infosecurity News
Comparitech said 2023 was a record year for breaches with 954 reported, up from 139 in 2022 and 783 in 2021
DarkReading
Exploit code is circulating for CVE-2024-4761, disclosed less than a week after a similar security vulnerability was disclosed as being used in the wild.
Infosecurity News
The guide is designed to provide high-risk communities with actionable steps to bolster their cybersecurity defenses
Security Magazine
A global consumer research study reveals consumer attitudes about generative AI, showing that many are concerned about being fooled by deepfakes.
HACKRead
The Israel-Hamas conflict has fueled a wave of hacktivism activity, with groups like SiegedSec launching attacks and leaking sensitive information.
Infosecurity News
UK insurers and the National Cybersecurity Centre release new guidance to discourage ransomware payments by businesses
The Cyber Express
Hackers exploited an unpatched remote access server vulnerability in the Helsinki education division data breach to scour through records of
SecurityWeek
The FCC has issued a public notice on robocall scammer group ‘Royal Tiger’, the first designated threat actor.
Infosecurity News
In a first, the FCC has designated “Royal Tiger” as a malicious robocall threat group
CyberSecurity Dive
Overall, the nonprofit K12 Security Information Exchange backed the requirement for schools, but it asked for clarification on how the sector should report cyber incidents students initiate.
Cyber Security News
According to the FCC, the Royal Tiger Group and the people who work with it are a C-Communications Information Services Threat (C-CIST).
The Record
State-linked hackers from Russia, China, Iran and North Korea are setting their sights set their sights on NGOs, think tanks, human rights activists and journalists, the advisory warned.
SC Magazine
Security pros say the industry can expect to see this bug exploited soon, so patch, monitor and conduct other measures, like browser isolation and sandboxing.
The Record
GCHQ Director Anne Keast-Butler warned at the CyberUK conference that the Kremlin’s partnership with criminal groups was contributing to cyberattacks as well as other operations.
The Record
Rep. Zach Nunn arrived in Congress with arguably more cyber experience than any other new member in history. Can he fill the shoes of Rep. Mike Gallagher, the party's longtime House leader on cybersecurity issues?
Bleeping Computer
A new package mimicked the popular 'requests' library on the Python Package Index (PyPI) to target macOS devices with the Sliver C2 adversary framework, used for gaining initial access to corporate networks.
Bleeping Computer
Apple has backported security patches released in March to older iPhones and iPads, fixing an iOS zero-day tagged as exploited in attacks.
Bleeping Computer
Apple has backported security patches released in March to older iPhones and iPads, fixing an iOS Kernel zero-day tagged as exploited in attacks.
Ars Technica
Anonymous chatbot that mystified and frustrated experts was OpenAI's latest model.
DarkReading
Ransomware groups have always created problems for their victims that only they could solve. Black Basta is taking that core idea in a creative, new direction.
Bleeping Computer
The Federal Communications Commission (FCC) has named its first officially designated robocall threat actor 'Royal Tiger,' a move aiming to help international partners and law enforcement more easily track individuals and entities behind repeat robocall campaigns.
SecurityWeek
Envoys from the United States and China will meet in Geneva for talks about artificial intelligence, including the risks of the fast-evolving technology.
Bleeping Computer
The City of Helsinki is investigating a data breach in its education division, which it discovered in late April 2024, impacting tens of thousands of students, guardians, and personnel.
SecurityWeek
Weakening liberal democracies and weakening the NATO alliance are conjoined in the hybrid war that Russia is conducting against Ukraine.
Bleeping Computer
The Criminal IP Threat Intelligence (CTI) search engine to integrate with Quad9's threat-blocking service. Learn more from Criminal IP about how this integration can help you.
CyberNews
A Russia-linked group is automating fake news fabrication and publishing with AI.
SecurityWeek
The US government warns of Black Basta ransomware attacks targeting critical infrastructure organizations.
Infosecurity News
Affiliates of prolific Black Basta ransomware group have breached over 500 global organizations
The Hacker News
Black Basta ransomware-as-a-service (RaaS) operation has targeted over 500 private industry and critical infrastructure entities in North America, Eur
SecurityWeek
Chinese hacking contest Matrix Cup is offering rewards for exploits targeting OS, smartphones, enterprise software, and security products.
Cyber Security News
Black Basta ransomware is used by threat actors because of its powerful abilities and inconspicuous moves.
CyberSecurity Dive
The committee wants to question Brad Smith, Microsoft’s president and vice chair, over the company’s security shortcomings and how it plans to strengthen security measures.
CSO
The agency said core operations remain unaffected even as IntelBroker claimed to possess classified, law enforcement data.
The Cyber Express
This week on TCE Cyberwatch we’re covering the different data breaches and vulnerabilities faced by different companies. Along with this,
The Record
Foreign hackers made three attempts to compromise government systems in British Columbia, officials said.
The Record
The law includes data minimization requirements, which significantly constrain what personal data companies can gather and use and bans companies from selling consumers’ sensitive data, allowing individuals to sue if they believe businesses have done so.
The Record
A robocall group labeled Royal Tiger is the first classified as a Consumer Communications Information Services Threat (C-CIST) by the FCC.
The Record
In Cambodia, Laos and Myanmar, the groups are estimated to reap about $43.8 billion each year through scams — some 40 percent of the three nations’ combined formal GDP.
SC Magazine
Black Basta, the gang reportedly responsible for the attack against the large health system, is described as prolific and sophisticated by federal agencies.
Security Affairs
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Cyber Security News
Staying informed is the key in this dynamic battle of cybersecurity, and due to this, the weekly news recap provides you with the newest trends, weaknesses, infringements found, and some possible defense mechanisms.
Security Affairs
The cyber attack on the Ohio Lottery on Christmas Eve exposed the personal data of over 538,000 individuals.
Bleeping Computer
CISA and the FBI said today that Black Basta ransomware affiliates breached over 500 organizations between April 2022 and May 2024.
The Cyber Express
Treacle, a cybersecurity startup founded in 2021 by Subhasis Mukhopadhyay, Subhajit Manna, and Partha Das, has raised about 40 million
The Cyber Express
A state or state-sponsored actor orchestrated the "sophisticated" cyberattacks against the British Columbia government networks, revealed the head of B.C.’s
The Hacker News
North Korean hackers have unleashed a new Golang malware called "Durian" in targeted attacks against South Korean crypto firms.
Infosecurity News
Well-funded cybercriminals are adopting more sophisticated techniques, creating a need for defenders to stay informed about the evolving threat landscape
The Cyber Express
British Columbia in Canada has faced multiple "sophisticated cybersecurity incidents" on government networks, province premier said this week. Premier David
Security Affairs
CERT Polska warns of a large-scale malware campaign against Polish government institutions conducted by Russia-linked APT28.
Cyber Security News
Hackers take advantage of sponsored Google Ads as they provide an excellent chance to quickly reach a large audience.
SecurityWeek
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
CyberSecurity Dive
CISA Director Jen Easterly pointed to Microsoft’s decision to link security to executive compensation as a meaningful signal of its priorities.
CyberNews
Seven members of a gas pump skimming device organization have been charged with racketeer-influenced and corrupt organizations (RICO) conspiracy and money laundering.
CyberNews
The Ohio Lottery has suffered another cybersecurity incident, revealing the sensitive information of over 500,000 people.
The Cyber Express
Lenovo takes a bold step towards fortifying cybersecurity by joining the Secure by Design pledge, initiated by the US Cybersecurity
Security Affairs
Citrix urges customers to manually address a PuTTY SSH client flaw that could allow attackers to steal a XenCenter admin's private SSH key.
DarkReading
New regulations require companies to turn over incident data to CISA within 3 days or face enforcement. Here's how the agency spins this as a good thing.
The Record
Okta Chief Security Officer David Bradbury discusses lessons from the incident, how nation-state threats are evolving, and how AI is already influencing identity-based attacks.
The Record
The Kremlin’s "hybrid war" on Moldova — featuring disinformation, cyberattacks and influence operations — aims to manipulate three consequential votes in Moldova this year and next.
The Record
Kosovo Foreign Minister Donika Gervalla-Schwarz said that Russia is targeting the country after it agreed to provide military equipment to Ukraine “in its justified defense against Russian genocidal aggression.”
Bleeping Computer
Poland says a state-backed threat group linked to Russia's military intelligence service (GRU) has been targeting Polish government institutions throughout the week.
Ars Technica
Anti-AI users who change or delete answers in protest are being punished.
Loading more articles....