March 11, 2024
Via: SecureWorldIn a sobering update released March 8th, Microsoft has revealed that the Russian state-sponsored hacking group Midnight Blizzard, also tracked as Nobelium, has gained unauthorized access to some of the company’s source code repositories and internal systems. This follows an […]
March 7, 2024
Via: Panda SecurityWhatsApp scams and text scams can deceive users into giving away personal information and trick them into paying money for fake services or products. According to Robokiller, there were 19.2 billion spam texts sent in January 2024 alone. This equates […]
Cyber-crime, Data loss, Malware, Threats & Malware
March 6, 2024
Via: Security AffairsWhile embattled ransomware gang LockBit 3.0 fights for its survival following Operation Cronos, a coordinated takedown of the syndicate’s web infrastructure by global authorities, the availability of victim data leaked by the gang persists via peer-to-peer (P2P) torrent networks. The […]
March 5, 2024
Via: Security AffairsThe Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense announced it had breached the Russian Ministry of Defense servers as part of a special operation, and exfiltrated confidential documents. Stolen documents include: confidential documents, including orders and reports circulated […]
Threats & Malware, Virus & Malware
March 4, 2024
Via: Security AffairsPalo Alto Networks Unit 42 researchers discovered a new Linux variant of Bifrost (aka Bifrose) RAT that uses a deceptive domain (download.vmfare[.]com) that mimics the legitimate VMware domain. The Bifrost RAT has been active since 2004, it allows its operators […]
March 4, 2024
Via: Security AffairsChunghwa Telecom Company, Ltd. (literally Chinese Telecom Company) is the largest integrated telecom service provider in Taiwan, and the incumbent local exchange carrier of PSTN, Mobile, and broadband services in the country. Threat actors stole sensitive information from the company, […]
February 28, 2024
Via: The RegisterUS President Joe Biden is expected to sign an executive order today that aims to prevent the sale or transfer of Americans’ sensitive personal information and government-related data to adversarial countries including China and Russia. In addition to the executive […]
February 28, 2024
Via: SecureWorldIn a coordinated international law enforcement operation on February 19, the notorious LockBit ransomware gang had its Dark Web infrastructure seized by authorities. LockBit is accused of extorting hundreds of companies and organizations globally by encrypting their data and demanding […]
Threats & Malware, Virus & Malware
February 27, 2024
Via: The RegisterChina’s Ministry of Industry and Information Technology has warned local netizens that fake wallet apps for the nation’s central bank digital currency (CBDC) are already circulating and being abused by scammers. The digital renminbi – aka the e-Yuan or e-CNY […]
February 27, 2024
Via: The RegisterAfter ten years operating under the original model, and two years working to revise it, the National Institute of Standards and Technology (NIST) has released version 2.0 of its Cybersecurity Framework (CSF). Unlike the original, which was designed with critical […]
February 27, 2024
Via: The RegisterBroadcom has delivered on its 2023 teaser of integration between VMware’s SD-WAN and Symantec’s Security Service Edge, by today debuting the “VMware VeloCloud SASE, Secured by Symantec” at Mobile World Congress in Barcelona. The Symantec Security Service Edge is already […]
February 20, 2024
Via: The RegisterSmart home security camera slinger Wyze is telling customers that a cybersecurity “incident” allowed thousands of users to see other people’s camera feeds. Thanks to a helpful Reg reader who sent a customer email over to us, we know that […]
Application security, Security
February 20, 2024
Via: SecureWorldOpenAI and Microsoft recently collaborated to identify and disrupt several nation-state actors who were attempting to use AI services for malicious cyber activities. According to Microsoft, the disrupted threat actors were affiliated with China, Iran, North Korea, and Russia. Their […]
February 19, 2024
Via: TechRadarGoogle Chrome is getting an upgrade that will help safeguard devices connected to a private or home network. Google outlined its plans in a post on its Chrome Platform Status page, explaining that the new feature will behave as a […]
February 19, 2024
Via: Security AffairsIn November 2023, researchers from ThreatFabric observed a resurgence of the Anatsa banking Trojan, aka TeaBot and Toddler. Between November and February, the experts observed five distinct waves of attacks, each focusing on different regions. The malware previously focused its […]
February 19, 2024
Via: Security AffairsA joint law enforcement action, code-named Operation Cronos, conducted by law enforcement agencies from 11 countries has disrupted the LockBit ransomware operation. Below is the image of the Tor leak site of the Lockbit ransomware gang that was seized by […]
Threats & Malware, Virus & Malware
February 13, 2024
Via: The RegisterSome smart folks have found a way to automatically unscramble documents encrypted by the Rhysida ransomware, and used that know-how to produce and release a handy recovery tool for victims. Rhysida is a newish ransomware gang that has been around […]
February 13, 2024
Via: The RegisterMeta has acknowledged that phone number reuse that allows takeovers of its accounts “is a concern,” but the ad biz insists the issue doesn’t qualify for its bug bounty program and is a matter for telecom companies to sort out. […]
Threats & Malware, Virus & Malware
February 12, 2024
Via: The RegisterMore than 70,000 presumably legit websites have been hijacked and drafted into a network that crooks use to distribute malware, serve phishing pages, and share other dodgy stuff, according to researchers. This mesh of compromised sites is known as VexTrio, […]
Data loss, Network security, Threats & Malware
February 12, 2024
Via: The RegisterWillis Lease Finance Corporation has admitted to US regulators that it fell prey to a “cybersecurity incident” after data purportedly stolen from the biz was posted to the Black Basta ransomware group’s leak blog. The form 8-K filed with the […]