The Cyber Express
US Charged North Korean Job Fraud Nexus Amassing Funds for Nuclear Program
The U.S. federal prosecutors on Thursday revealed charges against a North Korean job fraud nexus that ran its fraudulent scheme
CyberScoop
Arizona woman arrested and charged in North Korean IT worker scheme
Christina Chapman facilitated remote work and financial transfers for North Koreans tied to that nation’s weapons development programs, according to the U.S. government.
Bleeping Computer
Five charged for cyber schemes to benefit North Korea's weapons program
The U.S. Justice Department charged five individuals today, a U.S. Citizen woman, a Ukrainian man, and three foreign nationals, for their involvement in cyber schemes that generated revenue for North Korea's nuclear weapons program.
The Cyber Express
Gone in 12 Seconds: Siblings Siphon $25M from Ethereum Blockchain
Gone in 60 seconds is a thing of the past. With the world moving towards digital assets and cryptocurrency, “Gone
The Hacker News
North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign
Kimsuky hackers launch new social engineering attack using fake Facebook accounts. Learn how they target activists via Messenger and deliver malware.
The Cyber Express
Beyond Borders: CISA Addresses the Global Influence on US Election Cybersecurity
During a recent Senate committee hearing, Director of National Intelligence Avril Haines emphasized state hackers' continued prominence as a threat,
%20(2)%20(1).webp)
Cyber Security News
Authorities Seized Notorious Data Leak Site BreachForums
The notorious data leak site BreachForums has been taken over by the police. Cybercrime and data leaks are still being fought.
The Cyber Express
UK NCSC to Defend ‘High-Risk’ Political Candidates from Cyberattacks
In response to heightened cyber threats targeting political candidates, election officials and civil society groups, the National Cyber Security Centre
SecurityWeek
In First AI Dialogue, US Cites ‘Misuse’ of AI by China, Beijing Protests Washington’s Restrictions
US officials raised concerns on China’s “misuse of AI” while Beijing’s representatives rebuked the US over “restrictions and pressure” on AI.
The Record
US offers $5 million for info on North Korean IT workers involved in job fraud
According to the State Department, a U.S. national named Christina Chapman helped four people fraudulently obtain work as remote software and applications developers with companies in a range of sectors and industries, earning millions of dollars for the North Korean regime.
The Record
Congressional leaders concerned by NYPD's use of Chinese-made drones
The NYPD said it is trying to phase out the Chinese-made drones, but also defended their use, saying they are far more effective and affordable than any produced by American manufacturers.
The Record
FCC might require telecoms to report on securing internet's BGP technology
The BGP behaves like an internet traffic controller, routing data as efficiently as possible — but it can be "hijacked" for malicious purposes.
Security Affairs
FBI seized the notorious BreachForums hacking forum
An international law enforcement operation coordinated by the FBI led to the seizure of the notorious BreachForums hacking forum.
Security Affairs
A Tornado Cash developer has been sentenced to 64 months in prison
One of the developers of the Tornado Cash cryptocurrency mixer has been sentenced to 64 months in prison.........
Bleeping Computer
Brothers arrested for $25 million theft in Ethereum blockchain attack
The U.S. Department of Justice has indicted two brothers for allegedly manipulating the Ethereum blockchain and stealing $25 million worth of cryptocurrency within approximately 12 seconds in a "first-of-its-kind" scheme.
The Hacker News
FBI Seizes BreachForums Again, Urges Users to Report Criminal Activity
BreachForums, a notorious online bazaar for stolen data, has been seized by law enforcement agencies for the second time in a year.
Bleeping Computer
Windows Quick Assist abused in Black Basta ransomware attacks
Financially motivated cybercriminals abuse the Windows Quick Assist feature in social engineering attacks to deploy Black Basta ransomware payloads on victims' networks.
The Cyber Express
BREAKING: FBI Seizes BreachForums, Yet Again!
The notorious BreachForums seized for the second time in a year. The U.S. law enforcement today seized the clear web
Bleeping Computer
Protect against lateral movement attacks by securing credentials
Organizations need to detect and remove intruders quickly to prevent data loss and minimize the impact of lateral movement attacks. Learn more from Specops Software on blocking lateral movement in networks.
Bleeping Computer
Tornado Cash cryptomixer dev gets 64 months for laundering $2 billion
Alexey Pertsev, one of the main developers of the Tornado Cash cryptocurrency tumbler has been sentenced to 64 months in prison for his part in helping launder more than $2 billion worth of cryptocurrency.
Security Magazine
Malware was almost 50% of threat detections in Q1 2024
According to a cybersecurity and threat intelligence report, the U.S. was the 4th most targeted country in the world regarding phishing attacks.
The Cyber Express
Tornado Cash Co-Founder Gets Over 5 Years for Laundering $1.2Bn
A Dutch court ruling on Tuesday found one of the co-founders of the now-sanctioned Tornado Cash cryptocurrency mixer service guilty
The Hacker News
Ebury Botnet Malware Compromises 400,000 Linux Servers Over Past 14 Years
Ebury malware botnet has compromised an estimated 400,000 servers since 2009. Learn how to protect your systems from this advanced threat.
SecurityWeek
Senators Urge $32 Billion in Emergency Spending on AI After Finishing Yearlong Review
Senators are recommending that Congress spend at least $32 billion over the next three years to develop AI and place safeguards around it.
The Cyber Express
Microsoft Addresses Zero-Day Vulnerability Exploited by QakBot Malware
Microsoft patched a zero-day vulnerability exploited by attackers to distribute QakBot and other malware payloads on susceptible Windows systems. Identified
The Hacker News
Dutch Court Sentences Tornado Cash Co-Founder to 5 Years in Prison for Money Laundering
Alexey Pertsev, co-founder of Tornado Cash, sentenced to 5+ years in prison by Dutch court. The crypto mixer service was sanctioned by the U.S.
The Hacker News
Microsoft Patches 61 Flaws, Including Two Actively Exploited Zero-Days
Microsoft has patched 61 new security flaws, including two zero-days actively exploited in the wild.
CyberNews
North Korea launders $148 million of stolen crypto using Tornado Cash
A UN sanctions investigation says North Korea laundered $147.5 million of stolen crypto through the virtual mixer platform Tornado Cash in March.
The Record
Companies lacked proper review for links to Caribbean undersea cables, FCC says
Two telecommunications firms will pay separate $1 million fines to the Federal Communications Commission for adding connections to a Caribbean undersea cable network without getting the U.S. government’s approval.
The Record
Officials defend election security efforts as senators call on them to improve their game
“We've got to do a better job of making sure Americans of all political stripes understand what is very probably coming their way over the next less than six months,” Senate Intelligence Chair Mark Warner told leaders from ODNI, CISA and the FBI.
The Record
Law enforcement data stolen in Wichita ransomware attack
In a data breach notice about the incident, which is still affecting numerous city services, the municipality said hackers copied files from its network.
The Record
Cyber trust label could be in place by end of the year, White House says
The Biden administration hopes to have consumer devices that have been approved by a voluntary cybersecurity labeling program on store shelves soon.
The Record
New backdoors on a European government's network appear to be Russian
Researchers with cybersecurity company ESET have labeled two new pieces of suspected Russian malware as LunarWeb and LunarMail.
SC Magazine
BreachForums seized by FBI for 2nd time
The infamous data leak site’s domain and Telegram account were seized Wednesday morning.
The Record
Sonne Finance developers offer bounty to hacker behind $20 million crypto theft
Sonne Finance, which allows people to lend and borrow funds without the need for intermediaries, said it would commit to not pursuing the heist any further if the perpetrator accepted an undisclosed bounty and returned the stolen cryptocurrency.
The Record
EU failure to rein in spyware reflects lack of political will, parliamentarian says
“They know what they have to do,” said Sophie in’t Veld, who led the European Parliament investigation into spyware. “The problem is they don't want to do it.”
The Record
Feds seize BreachForums platform, Telegram page
On Wednesday morning, the BreachForums website was replaced by a takedown banner featuring the insignias of the FBI and Justice Department, as well as a slew of international agencies.
CyberSecurity Dive
Cyber insurance costs are stabilizing as global market grows
Increased capacity is helping to meet rising demand for cyber coverage and more insurers are using tools to assess potential risk, a report from S&P Global Ratings shows.
CyberSecurity Dive
How a CISA proposal could impact K-12 cyber incident reporting
Overall, the nonprofit K12 Security Information Exchange backed the requirement for schools, but it asked for clarification on how the sector should report cyber incidents students initiate.
.webp)
Cyber Security News
Royal Tiger Group With Spoofed Phone Numbers Stealing Credit Card Data: FCC
According to the FCC, the Royal Tiger Group and the people who work with it are a C-Communications Information Services Threat (C-CIST).
The Record
Is this Iowa congressman the next House Republican point man on cyber?
Rep. Zach Nunn arrived in Congress with arguably more cyber experience than any other new member in history. Can he fill the shoes of Rep. Mike Gallagher, the party's longtime House leader on cybersecurity issues?
The Record
Tornado Cash co-founder convicted of laundering $1.2 billion by Dutch court
Alexey Pertsev's case has been seen as a bellwether pitting financial privacy advocates who view blockchain anonymity as a fundamental right against law enforcement intent on tracking the source of funds.
SC Magazine
Royal Tiger robocall gang impersonated feds, banks, utilities, FCC says
The FCC has smacked the group with a first-of-its-kind threat classification for its persistent, fraudulent activity.
The Record
Civil society under increasing threats from ‘malicious’ state cyber actors, US
State-linked hackers from Russia, China, Iran and North Korea are setting their sights set their sights on NGOs, think tanks, human rights activists and journalists, the advisory warned.
The Record
FTC fires 'shot across the bow' at automakers over connected-car data privacy
In a blog post, the FTC gave special attention to the sale of geolocation data and what the agency called the “surreptitious disclosure of sensitive information" by automakers.
Bleeping Computer
FCC reveals Royal Tiger, its first tagged robocall threat actor
The Federal Communications Commission (FCC) has named its first officially designated robocall threat actor 'Royal Tiger,' a move aiming to help international partners and law enforcement more easily track individuals and entities behind repeat robocall campaigns.
Bleeping Computer
INC ransomware source code selling on hacking forums for $300,000
A cybercriminal using the name "salfetka" claims to be selling the source code of INC Ransom, a ransomware-as-a-service (RaaS) operation launched in August 2023.
SecurityWeek
China and US Envoys Will Hold First Top-Level Dialogue on Artificial Intelligence
Envoys from the United States and China will meet in Geneva for talks about artificial intelligence, including the risks of the fast-evolving technology.
The Hacker News
Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia
Black Basta ransomware-as-a-service (RaaS) operation has targeted over 500 private industry and critical infrastructure entities in North America, Eur
CyberSecurity Dive
Congress wants to question Microsoft exec over security defects
The committee wants to question Brad Smith, Microsoft’s president and vice chair, over the company’s security shortcomings and how it plans to strengthen security measures.
CyberSecurity Dive
Only one-third of firms deploy safeguards against generative AI threats, report finds
Generative AI gives attackers an edge over cyber defenders, according to a Splunk survey of security experts.
Cyber Security News
Boeing Confirms LockBit Hackers Demanded $200 Million Ransom After 2023 Data Breach
Aerospace giant Boeing has confirmed that the LockBit ransomware gang demanded a staggering $200 million extortion payment after breaching the company's network and stealing sensitive data in October 2023.
The Cyber Express
TCE Cyberwatch: Weekly Wrap on AI, Deepfakes, Cybersecurity Challenges Affecting Nations Worldwide
This week on TCE Cyberwatch we’re covering the different data breaches and vulnerabilities faced by different companies. Along with this,
Cyber Security News
Notorious Hacker IntelBroker Claims that Europol has Suffered a Data Breach
The European Union's law enforcement agency, Europol, has confirmed a security breach of its web portal but says no operational data was compromised.
The Record
FCC designates first robocall threat actor under new classification system
A robocall group labeled Royal Tiger is the first classified as a Consumer Communications Information Services Threat (C-CIST) by the FCC.
The Record
Southeast Asian scam syndicates stealing $64 billion annually, researchers find
In Cambodia, Laos and Myanmar, the groups are estimated to reap about $43.8 billion each year through scams — some 40 percent of the three nations’ combined formal GDP.
SC Magazine
Ascension ‘making progress’ to restore systems after ransomware attack
Black Basta, the gang reportedly responsible for the attack against the large health system, is described as prolific and sophisticated by federal agencies.
Krebs on Security
How Did Authorities Identify the Alleged Lockbit Boss?
Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit's leader "LockBitSupp" claims the feds named the wrong guy,…
Bleeping Computer
CISA: Black Basta ransomware breached over 500 orgs worldwide
CISA and the FBI said today that Black Basta ransomware affiliates breached over 500 organizations between April 2022 and May 2024.
Bleeping Computer
Europol confirms web portal breach, says no operational data stolen
Europol, the European Union's law enforcement agency, confirmed that its Europol Platform for Experts (EPE) portal was breached and is now investigating the incident after a threat actor claimed they stole For Official Use Only (FOUO) documents containing classified data.
The Cyber Express
The Top 10 Cybersecurity Unicorns in The World
The ever-evolving digital landscape presents a constant challenge for businesses and individuals alike: staying secure in the face of increasingly
The Cyber Express
State Actor Made Three Attempts to Breach B.C. Government Networks
A state or state-sponsored actor orchestrated the "sophisticated" cyberattacks against the British Columbia government networks, revealed the head of B.C.’s
Bleeping Computer
The Week in Ransomware - May 10th 2024 - Chipping away at LockBit
After many months of taunting law enforcement and offering a million-dollar reward to anyone who could reveal his identity, the FBI and NCA have done just that, revealing the name of LockBitSupp, the operator of the LockBit ransomware operation.
Bleeping Computer
Ascension redirects ambulances after suspected ransomware attack
Ascension, a major U.S. healthcare network, is diverting ambulances from several hospitals due to a suspected ransomware attack that has been causing clinical operation disruptions and system outages since Wednesday.
The Hacker News
North Korean Hackers Deploy New Golang Malware 'Durian' Against Crypto Firms
North Korean hackers have unleashed a new Golang malware called "Durian" in targeted attacks against South Korean crypto firms.
CyberSecurity Dive
White House wants to hold the software sector accountable for security
Federal officials are taking steps toward a long-stated goal of shifting the security burden from technology users to the companies that build it.
The Cyber Express
LockBitSupp Denies Identification of Group ‘Admin’, Opens Contest to Find Named Dmitry Yuryevich
In an unexpected turn of events, LockBitSupp, the administrator of the notorious LockBit ransomware group, responded publicly to the Federal
CyberSecurity Dive
Officials see a real change in Microsoft’s security plans: financial accountability
CISA Director Jen Easterly pointed to Microsoft’s decision to link security to executive compensation as a meaningful signal of its priorities.
.png)
Cyber Security News
Accenture Wins $789 Million Contract to Support Global U.S. Navy Maritime Forces
AFS, a subsidiary of global professional services company Accenture, has been awarded a $789 million contract to bolster the cybersecurity.
The Record
After Ascension ransomware attack, feds issue alert on Black Basta group
The FBI, CISA and Department of Health and Human Services (HHS) alerted healthcare organizations to the group's activities. A separate report said Black Basta was behind the attack on Ascension healthcare system.
The Record
As EU referendum looms, Moldova finds itself in Russian digital army’s crosshairs
The Kremlin’s "hybrid war" on Moldova — featuring disinformation, cyberattacks and influence operations — aims to manipulate three consequential votes in Moldova this year and next.
The Record
As White House preps new cyber rules for healthcare, Neuberger says backlash is unwarranted
The current cybersecurity situation in the healthcare industry is at least a decade in the making, White House official Anne Neuberger said at the RSA Conference.
The Record
Okta’s security chief on the company’s own cyberattack and how the ‘battleground’ has shifted
Okta Chief Security Officer David Bradbury discusses lessons from the incident, how nation-state threats are evolving, and how AI is already influencing identity-based attacks.
Bleeping Computer
Poland says Russian military hackers target its govt networks
Poland says a state-backed threat group linked to Russia's military intelligence service (GRU) has been targeting Polish government institutions throughout the week.
Bleeping Computer
Citrix warns admins to manually mitigate PuTTY SSH client bug
Citrix notified customers this week to manually mitigate a PuTTY SSH client vulnerability that could allow attackers to steal a XenCenter admin's private SSH key.
SecurityWeek
Accenture Lands $789 Million Contract to Bolster U.S. Navy Cybersecurity
Accenture Federal Services has been awarded a $789 million contract by the U.S. Navy to enhance cybersecurity across maritime forces globally.
Cyber Security News
CISA Announced Vulnrichment : Project to Enrich CVE Records
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has announced a new initiative called "Vulnrichment" aimed at enriching Common Vulnerabilities and Exposures (CVE) records with additional metadata to help organizations better prioritize vulnerability remediation efforts.
The Cyber Express
Boeing Confirms $200M Cyber Extortion Attempt of LockBit
Boeing confirmed that the LockBit ransomware gang attack in October 2023, which impacted certain parts and distribution operations of the
SecurityWeek
BetterHelp Customers Begin Receiving Refund Notices From $7.8M Data Privacy Settlement, FTC Says
BetterHelp customers have started receiving refund notices from a $7.8 million data privacy settlement, the FTC says.
The Cyber Express
Ascension Healthcare Hit by Cyberattack: Patients Wait Hours, Chaos Ensues
Ascension, one of the largest nonprofit healthcare systems in the United States, is facing disruptions in clinical operations due to
%20(1).webp)
Cyber Security News
Brandywine Realty Trust Ransomware Attack: Services Disrupted
Brandywine Realty Trust, a significant U.S. real estate investment trust, has confirmed a disruption to its operations due to a ransomware attack.
.webp)
Cyber Security News
FBI Warns of Phishing Attack Targeting Retail Corporate Offices
The FBI has issued a warning about a sophisticated phishing and smishing campaign orchestrated by a cybercriminal group known as STORM-0539,.
The Record
In interview, LockBItSupp says authorities outed the wrong guy
LockBitSupp, head of the LockBit cybercrime operation, tells the Click Here podcast team that he is not Russian national Dmitry Khoroshev, as claimed by the U.S., U.K. and Australia.
The Record
Cyberthreat landscape permanently altered by Chinese operations, US officials say
The wide-ranging hacking campaign by the state-backed group Volt Typhoon is seen as a prelude of what's to come.
Bleeping Computer
Zscaler takes "test environment" offline after rumors of a breach
Zscaler says that they discovered an exposed "test environment" that was taken offline for analysis after rumors circulated that a threat actor was selling access to the company's systems.
Bleeping Computer
Zscaler says it was not hacked after rumors circulate online
Zscaler says that today's rumors it was breached are false after a threat actor claimed to be selling access to one of the "largest cyber security companies."
Bleeping Computer
Ascension healthcare takes systems offline after cyberattack
Ascension, one of the largest private healthcare systems in the United States, has taken some of its systems offline to investigate what it describes as a "cyber security event."
Security Affairs
LockBit gang claimed responsibility for the attack on City of Wichita
The LockBit ransomware group has added the City of Wichita to its Tor leak site and threatened to publish stolen data.
The Cyber Express
MedStar Health Reports Data Breach Impacting 183,000 Patients
MedStar Health, a prominent non-profit healthcare provider disclosed a data breach that impacts more than 183,000 patients from its hundreds
CyberSecurity Dive
The US really wants to improve critical infrastructure cyber resilience
A report from the Office of the National Cyber Director highlights persistent threats targeting healthcare and water, echoing warnings from cyber officials earlier this year.
Cyber Security News
University System of Georgia Says 800,000 Students Impacted in MOVEit Hack
The University System of Georgia (USG) announced that the confidential information of approximately 800,000 students, faculty, and staff was exposed in the recent MOVEit data breach.
.webp)
Cyber Security News
City of Wichita Ransomware Attack: Services Impacted
The city of Wichita's Ransomware attack has impacted several city services, causing inconvenience to the residents and raising concerns.
The Cyber Express
Data Breach Victim Initiates Class Action Lawsuit Against J.P. Morgan for Security Lapses
A class action lawsuit has been filed against J.P. Morgan Chase & Co., alleging that the financial giant failed to
.png)
Cyber Security News
DocGo Confirms Cyber Attack: Hackers Steal Patients Data
DocGo Inc., a prominent healthcare and ambulance transportation service provider, has confirmed a cybersecurity incident.
The Cyber Express
Brandywine Realty Trust Confirms Data Breach After Ransomware Attack
Brandywine Realty Trust issued a recent filing to the US Securities And Exchange Commission (SEC), where it confirmed that an
Cyber Security News
Microsoft Unveils Air-Gapped GPT-4 for U.S. Intelligence Agencies
Microsoft has announced deploying an air-gapped GPT-4 artificial intelligence model tailored specifically for the U.S. intelligence community.
Security Magazine
Data breaches increased throughout 2023
Companies experience a rise in data breaches.
The Record
Any number given of Volt Typhoon victims ‘likely an underestimate,’ CISA says
The campaign by Chinese hackers to target U.S. critical infrastructure is intended to “cause disruption and sow societal panic,” a senior cybersecurity official said Tuesday.
The Record
Former NSA head Paul Nakasone to helm national security institute at Vanderbilt
The former U.S. Cyber Command and National Security Agency chief will be the founding director of a national security-focused hub at the Nashville-based campus.
SC Magazine
RSAC 2024: CISA, DHS grapple with cyber risks in the age of AI
AI and “secure by design” will be crucial to defend against ransomware, CI attacks and AI threats in the coming years.
Loading more articles....