Top

Category: Cyber-crime


Cyber-crime, Malware

INC Ransom claims responsibility for attack on NHS Scotland

March 28, 2024

Via: The Register

NHS Scotland says it managed to contain a ransomware group’s malware to a regional branch, preventing the spread of infection across the entire institution. The INC Ransom group this week claimed responsibility for the assault on ‘NHS Scotland’, saying it […]


Cyber warfare, Cyber-crime

US charges Chinese nationals with cyber-spying on pretty much everyone for Beijing

March 25, 2024

Via: The Register

The United States on Monday accused seven Chinese men of breaking into computer networks, email accounts, and cloud storage belonging to numerous critical infrastructure organizations, companies, and individuals, including US businesses, politicians, and their political parties. According to American prosecutors, […]


Cyber-crime, Malware, Threats & Malware, Vulnerabilities

Threat actors actively exploit JetBrains TeamCity flaws to deliver malware

March 20, 2024

Via: Security Affairs

Trend Micro researchers are exploiting the recently disclosed vulnerabilities CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score 7.3) security flaws in JetBrains TeamCity to deploy multiple malware families and gain administrative control over impacted systems. In early March, Rapid7 researchers […]


Cyber-crime, Malware

Earth Krahang APT breached tens of government organizations worldwide

March 19, 2024

Via: Security Affairs

Trend Micro researchers uncovered a sophisticated campaign conducted by a threat actor tracked as Earth Krahang while investigating the activity of China-linked APT Earth Lusca. The campaign seems active since at least early 2022 and focuses primarily on government organizations. […]


Cyber-crime, Data loss, Malware, Threats & Malware

Nissan Oceania data breach impacted roughly 100,000 people

March 14, 2024

Via: Security Affairs

Nissan Oceania, the regional division of the multinational carmaker, announced in December 2023 that it had suffered a cyber attack and launched an investigation into the incident. Nissan immediately notified the Australian Cyber Security Centre and the New Zealand National […]


Cyber-crime, Malware

Ande Loader Malware Targets Manufacturing Sector in North America

March 14, 2024

Via: The Hacker News

The threat actor known as Blind Eagle has been observed using a loader malware called Ande Loader to deliver remote access trojans (RATs) like Remcos RAT and NjRAT. The attacks, which take the form of phishing emails, targeted Spanish-speaking users […]


Cyber warfare, Cyber-crime

Russia-aligned hackers take down French state services in massive DDoS attack

March 12, 2024

Via: CSO Online

Anonymous Sudan, a Russian-speaking hacktivist group, has claimed the severe distributed denial of service (DDoS) attacks that disrupted several French government services on Monday. In a statement issued on Monday, Prime Minister Gabriel Attal’s office confirmed that a series of […]


Cyber-crime, Data loss, Malware, Threats & Malware

LockBit 3.0’s Bungled Comeback Highlights the Undying Risk of Torrent-Based (P2P) Data Leakage

March 6, 2024

Via: Security Affairs

While embattled ransomware gang LockBit 3.0 fights for its survival following Operation Cronos, a coordinated takedown of the syndicate’s web infrastructure by global authorities, the availability of victim data leaked by the gang persists via peer-to-peer (P2P) torrent networks. The […]


Cyber warfare, Cyber-crime

Ukraine’s GUR hacked the Russian Ministry of Defense

March 5, 2024

Via: Security Affairs

The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense announced it had breached the Russian Ministry of Defense servers as part of a special operation, and exfiltrated confidential documents. Stolen documents include: confidential documents, including orders and reports circulated […]


Cyber-crime, Identity theft

Threat actors hacked Taiwan-based Chunghwa Telecom

March 4, 2024

Via: Security Affairs

Chunghwa Telecom Company, Ltd. (literally Chinese Telecom Company) is the largest integrated telecom service provider in Taiwan, and the incumbent local exchange carrier of PSTN, Mobile, and broadband services in the country. Threat actors stole sensitive information from the company, […]


Cyber warfare, Cyber-crime

Uncle Sam tells nosy nations to keep their hands off Americans’ personal data

February 28, 2024

Via: The Register

US President Joe Biden is expected to sign an executive order today that aims to prevent the sale or transfer of Americans’ sensitive personal information and government-related data to adversarial countries including China and Russia. In addition to the executive […]


Cyber-crime, Malware

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

February 28, 2024

Via: Security Affairs

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber operations […]


Cyber-crime, Malware

Post-LockBit, How Will the Ransomware Ecosystem Evolve?

February 23, 2024

Via: DataBreach Today

Expect attackers to continue refining their tactics for maximizing profits via a grab bag of the same strategies, including forcibly encrypting systems and charging for a decryptor, stealing data and threatening to dump it, creating scary public personae, or a […]


Cyber warfare, Cyber-crime

Biden asks Coast Guard to create an infosec port in a stormy sea of cyber threats

February 21, 2024

Via: The Register

President Biden has empowered the US Coast Guard (USCG) to get a tighter grip on cybersecurity at American ports – including authorizing yet another incident reporting rule. The White House on Wednesday announced Biden’s intention to sign an executive order […]


Cyber-crime, Malware

U.S., U.K. Authorities Take Down Notorious LockBit Ransomware Operation

February 20, 2024

Via: SecureWorld

In a massive coordinated effort, law enforcement agencies from the United States and United Kingdom have dismantled the infrastructure of the notorious LockBit ransomware gang. LockBit has been linked to more than $100 million in ransom payments from victims across […]


Cyber-crime, Malware

Anatsa Android banking Trojan expands to Slovakia, Slovenia, and Czechia

February 19, 2024

Via: Security Affairs

In November 2023, researchers from ThreatFabric observed a resurgence of the Anatsa banking Trojan, aka TeaBot and Toddler. Between November and February, the experts observed five distinct waves of attacks, each focusing on different regions. The malware previously focused its […]


Cyber-crime, Malware

Miscreants turn to ad tech to measure malware metrics

February 15, 2024

Via: The Register

Cyber baddies have turned to ad networks to measure malware deployment and to avoid detection, according to HP Wolf Security. The security group’s Q4 2024 Threat Insights Report finds criminals have adopted ad tech tools to make their social engineering […]


Cyber-crime, Malware

Bumblebee malware wakes from hibernation, forgets what year it is, attacks with macros

February 14, 2024

Via: The Register

The Bumblebee malware loader seemingly vanished from the internet last October, but it’s back and – oddly – relying on a vintage vector to try and gain access. First spotted in 2022 by researchers at Proofpoint – who identified it […]


Cyber-crime, Malware

Crooks hook hundreds of exec accounts after phishing in Azure C-suite pond

February 13, 2024

Via: The Register

The number of senior business executives stymied by an ongoing phishing campaign continues to rise with cybercriminals registering hundreds of cloud account takeovers (ATOs) since spinning it up in November. Researchers from Proofpoint listed many C-suite roles as prime targets […]


Cyber-crime, Identity theft

Meta says risk of account theft after phone number recycling isn’t its problem to solve

February 13, 2024

Via: The Register

Meta has acknowledged that phone number reuse that allows takeovers of its accounts “is a concern,” but the ad biz insists the issue doesn’t qualify for its bug bounty program and is a matter for telecom companies to sort out. […]