Top

Category: Cyber-crime


Cyber-crime, Malware

Confused by the SEC’s IT security breach reporting rules? Read this

May 22, 2024

Via: The Register

The US Securities and Exchange Commission (SEC) wants to clarify guidelines for public companies regarding the disclosure of ransomware and other cybersecurity incidents. According to the breach reporting rules the federal agency adopted in July, public companies must disclose material […]


Cyber-crime, Malware

City of Wichita disclosed a data breach after the recent ransomware attack

May 17, 2024

Via: Security Affairs

On May 5th, 2024, the City of Wichita, Kansas, was the victim of a ransomware attack and shut down its network to contain the threat. The city immediately started its incident response procedure to prevent the threat from spreading and […]


Cyber-crime, Malware

Europol confirms incident following alleged auction of staff data

May 13, 2024

Via: The Register

Europol is investigating a cybercriminal’s claims that they stole confidential data from a number of the agency’s sources. Among the sources referenced by the cybercriminal, the Europol Platform for Experts (EPE) is confirmed to be the main subject of the […]


Cyber warfare, Cyber-crime

Russia-linked APT28 targets government Polish institutions

May 10, 2024

Via: Security Affairs

CERT Polska and CSIRT MON teams issued a warning about a large-scale malware campaign targeting Polish government institutions, allegedly orchestrated by the Russia-linked APT28 group. The attribution of the attacks to the Russian APT is based on similarities with TTPs […]


Cyber-crime, Malware

City of Wichita hit by a ransomware attack

May 6, 2024

Via: Security Affairs

The City of Wichita, Kansas, was the victim of a ransomware attack and shut down its network to contain the threat. The security breach took place on May 5th, 2024, and immediately started its incident response procedure to prevent the […]


Cyber warfare, Cyber-crime

Russian hackers target EU countries using a simple Microsoft Outlook security flaw

May 6, 2024

Via: TechRadar

We now know how APT28, a known Russian state-sponsored threat actor, managed to compromise multiple email accounts belonging to the Executive Committee of the German Social Democratic Party back in 2022 – it was via a security flaw in Microsoft […]


Cyber-crime, Malware, Mobile, Mobile security

Finland authorities warn of Android malware campaign targeting bank users

May 6, 2024

Via: Security Affairs

Traficom, Finland’s Transport and Communications Agency, issued a warning regarding a current Android malware campaign aimed at bank accounts. Traficom reported that clients of multiple banks received text messages in the Finnish language that instruct recipients to call a service […]


Cyber warfare, Cyber-crime

Indonesia sneakily buys spyware, claims Amnesty International

May 3, 2024

Via: The Register

Indonesia has acquired spyware and surveillance technologies through a “murky network” that extends into Israel, Greece, Singapore and Malaysia for equipment sourcing, according to Amnesty International. The human rights org alleged its investigation showcased “the continued failure of multiple countries […]


Cyber warfare, Cyber-crime

US water facility OT infrastructure is under attack again

May 2, 2024

Via: TechRadar

Hostile nations seem to be dead-set on damaging critical US infrastructure, as Russia has joined the fray with the likes of Iran and China in launching cyber attacks against water facilities. Vulnerable operational technology (OT) used in US water and […]


Cyber-crime, Malware

Sweden’s liquor supply severely impacted by ransomware attack on logistics company

April 26, 2024

Via: Security Affairs

Skanlog, a critical distributor for Systembolaget, the Swedish government-owned retail chain suffered a ransomware attack. Systembolaget has a monopoly on the sale of alcoholic beverages containing more than 3.5% alcohol by volume. It operates stores across Sweden and is responsible […]


Phishing

Autodesk Drive Abused in Phishing Attacks 

April 26, 2024

Via: Security Week

As part of the observed incidents, the attackers use compromised email accounts to send phishing emails to existing contacts, and even use the senders’ signature footers, so that their messages appear legitimate. In the message body, the attackers have included […]


Cyber-crime, Malware

North Korean Hackers Hijack Antivirus Updates for Malware Delivery

April 25, 2024

Via: Security Week

As part of the malware operation, referred to as GuptiMiner, the threat actor exploited a vulnerability in the eScan antivirus update mechanism and performed a man-in-the-middle (MitM) attack to replace the legitimate update package with a malicious one. eScan is […]


Cyber-crime, Phishing

AI set to play key role in future phishing attacks

April 24, 2024

Via: Help Net Security

A staggering increase in QR code phishing (quishing) attacks during 2023 saw them skyrocket up the list of concerns for cyber teams globally, according to Egress. Attacks were both prolific and highly successful, demonstrating how cybercriminals effectively combine available technology […]


Cyber warfare, Cyber-crime

Report: Russian Hackers Targeting Ukrainian Soldiers on Apps

April 22, 2024

Via: DataBreach Today

Russian hackers are increasingly targeting messenger apps popular among Ukrainian warfighters with malware as part of an effort “to identify priority targets” for physical attacks, according to Kyiv’s primary cyber incident response team. Ukraine’s Computer Emergency Response Team said messenger […]


Cyber-crime, Phishing

FIN7 targeted a large U.S. carmaker with phishing attacks

April 18, 2024

Via: Security Affairs

In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. FIN7 targeted employees who worked in the company’s IT department and had higher levels of administrative rights. The attackers employed […]


Cyber warfare, Cyber-crime

Dangerous ICS Malware Targets Orgs in Russia and Ukraine

April 17, 2024

Via: Dark Reading

Two dangerous malware tools targeted at industrial control systems (ICS) and operating technology (OT) environments in Europe are the latest manifestations of the cyber fallout from the war in Ukraine. One of the tools, dubbed “Kapeka,” appears linked to Sandworm, […]


Cyber-crime, Identity theft

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia 

April 16, 2024

Via: Security Affairs

The Dark Angels (Dunghill) ransomware group claims responsibility for hacking chipmaker Nexperia and stealing 1 TB of the company’s data. Nexperia is a semiconductor manufacturer headquartered in Nijmegen, the Netherlands. It is a subsidiary of the partially state-owned Chinese company […]


Cyber warfare, Cyber-crime

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

April 15, 2024

Via: Security Affairs

Industrial and enterprise IoT cybersecurity firm Claroty reported that the Ukrainian Blackjack hacking group claims to have damaged emergency detection and response capabilities in Moscow and beyond the Russian capital using a destructive ICS malware dubbed Fuxnet. The Blackjack group […]


Cyber-crime, Hacker, Malware, Threats & Malware

TA547 targets German organizations with Rhadamanthys malware

April 12, 2024

Via: Security Affairs

Proofpoint researchers observed a threat actor, tracked as TA547, targeting German organizations with an email campaign delivering the Rhadamanthys malware. TA547 is a financially motivated threat actor that has been active since at least November 2017, it was observed conducting […]


Cyber-crime, Malware

Solar Spider Spins Up New Malware to Entrap Saudi Arabian Financial Firms

April 8, 2024

Via: Dark Reading

The sophisticated threat group behind a complex JavaScript remote access Trojan (RAT) known as JSOutProx has released a new version of the malware to target organizations in the Middle East. Cybersecurity services firm Resecurity analyzed technical details of multiple incidents […]