Top

Tag: Cybersecurity


Hacker, Threats & Malware

LockBit Bounces Back Shortly After Takedown and Police Trolling

February 28, 2024

Via: SecureWorld

In a coordinated international law enforcement operation on February 19, the notorious LockBit ransomware gang had its Dark Web infrastructure seized by authorities. LockBit is accused of extorting hundreds of companies and organizations globally by encrypting their data and demanding […]


Network security, Security

NIST updates Cybersecurity Framework after a decade of lessons

February 27, 2024

Via: The Register

After ten years operating under the original model, and two years working to revise it, the National Institute of Standards and Technology (NIST) has released version 2.0 of its Cybersecurity Framework (CSF). Unlike the original, which was designed with critical […]


Cloud security, Security

Russia-linked APT29 switched to targeting cloud services

February 27, 2024

Via: Security Affairs

A joint advisory issued by cybersecurity agencies of Five Eyes (US, UK, Australia, Canada and New Zealand) warns that Russia-linked APT29 threat actors (aka SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes) have switched to targeting cloud […]


Editorial

Tackling Healthcare Cyber Threats in 2024

February 27, 2024

Via: Mary Gamet

Healthcare cybersecurity is a significant concern for organizations in the industry due to regulations like HIPAA, HITECH Act, and PHI. In 2022, Check Point Research counted 1463 cyberattacks on a weekly average. That is a 74% increase from 2021. US […]


Data loss, Threats & Malware

Wyze admits 13,000 users could have viewed strangers’ camera feeds

February 20, 2024

Via: The Register

Smart home security camera slinger Wyze is telling customers that a cybersecurity “incident” allowed thousands of users to see other people’s camera feeds. Thanks to a helpful Reg reader who sent a customer email over to us, we know that […]


Application security, Security

OpenAI, Microsoft Disrupt Nation-State Actors’ Malicious Use of AI

February 20, 2024

Via: SecureWorld

OpenAI and Microsoft recently collaborated to identify and disrupt several nation-state actors who were attempting to use AI services for malicious cyber activities. According to Microsoft, the disrupted threat actors were affiliated with China, Iran, North Korea, and Russia. Their […]


Cyber-crime, Malware

U.S., U.K. Authorities Take Down Notorious LockBit Ransomware Operation

February 20, 2024

Via: SecureWorld

In a massive coordinated effort, law enforcement agencies from the United States and United Kingdom have dismantled the infrastructure of the notorious LockBit ransomware gang. LockBit has been linked to more than $100 million in ransom payments from victims across […]


Threats & Malware, Vulnerabilities

Zoom stomps critical privilege escalation bug plus 6 other flaws

February 15, 2024

Via: The Register

Video conferencing giant Zoom today opened up about a fresh batch of security vulnerabilities affecting its products, including a critical privilege escalation flaw. Tracked as CVE-2024-24691 with a CVSS score of 9.6, Zoom says the vulnerability may enable privilege escalation […]


Cyber-crime, Malware

Bumblebee malware wakes from hibernation, forgets what year it is, attacks with macros

February 14, 2024

Via: The Register

The Bumblebee malware loader seemingly vanished from the internet last October, but it’s back and – oddly – relying on a vintage vector to try and gain access. First spotted in 2022 by researchers at Proofpoint – who identified it […]


Threats & Malware, Virus & Malware

China’s Volt Typhoon spies broke into emergency network of ‘large’ US city

February 14, 2024

Via: The Register

The Chinese government’s Volt Typhoon spy team has apparently already compromised a large US city’s emergency services network and has been spotted snooping around America’s telecommunications’ providers as well. According to a report on Tuesday by industrial cybersecurity biz Dragos, […]


Threats & Malware, Virus & Malware

Prudential Financial finds cybercrims lurking inside its IT systems

February 14, 2024

Via: The Register

Prudential Financial, the second largest life insurance company in the US and eight largest worldwide, is dealing with a digital break-in that exposed some internal company and customer records to a criminal group. The Fortune Global 500 and Fortune 500 […]


Network security, Security

OpenAI shuts down China, Russia, Iran, N Korea accounts caught doing naughty things

February 14, 2024

Via: The Register

OpenAI has shut down five accounts it asserts were used by government agents to generate phishing emails and malicious software scripts as well as research ways to evade malware detection. Specifically, China, Iran, Russia, and North Korea were apparently “querying […]


Cyber-crime, Malware

Crooks hook hundreds of exec accounts after phishing in Azure C-suite pond

February 13, 2024

Via: The Register

The number of senior business executives stymied by an ongoing phishing campaign continues to rise with cybercriminals registering hundreds of cloud account takeovers (ATOs) since spinning it up in November. Researchers from Proofpoint listed many C-suite roles as prime targets […]


Data loss, Network security, Threats & Malware

Jet engine dealer to major airlines discloses ‘unauthorized activity’

February 12, 2024

Via: The Register

Willis Lease Finance Corporation has admitted to US regulators that it fell prey to a “cybersecurity incident” after data purportedly stolen from the biz was posted to the Black Basta ransomware group’s leak blog. The form 8-K filed with the […]


Data loss, Threats & Malware

Europe’s largest caravan club admits wide array of personal data potentially accessed

February 12, 2024

Via: The Register

The Caravan and Motorhome Club (CAMC) and the experts it drafted to help clean up the mess caused by a January cyberattack still can’t figure out whether members’ data was stolen. According to an update shared with members late last […]


Data loss, Threats & Malware

Mon Dieu! Nearly half the French population have data nabbed in massive breach

February 12, 2024

Via: The Register

Nearly half the citizens of France have had their data exposed in a massive security breach at two third-party healthcare payment servicers, the French data privacy watchdog disclosed last week. Payments outfits Viamedis and Almerys both experienced breaches of their […]


Threats & Malware, Vulnerabilities

Fortinet’s week to forget: Critical vulns, disclosure screw-ups, and that toothbrush DDoS attack claim

February 9, 2024

Via: The Register

We’ve had to write the word “Fortinet” so often lately that we’re considering making a macro just to make our lives a little easier after what the company’s reps will surely agree has been a week sent from hell. It […]


Threats & Malware, Vulnerabilities

Raspberry Robin devs are buying exploits for faster attacks

February 8, 2024

Via: The Register

Researchers suspect the criminals behind the Raspberry Robin malware are now buying exploits for speedier cyberattacks. An exploit developer is thought by infosec pros to be either on the Raspberry Robin payroll or a close contact that sells them to […]


Threats & Malware, Virus & Malware

Cybercrime duo accused of picking $2.5M from Apple’s orchard

February 8, 2024

Via: The Register

A cybersecurity researcher and his pal are facing charges in California after they allegedly defrauded an unnamed company, almost certainly Apple, out of $2.5 million. Noah Roskin-Frazee and Keith Latteri are alleged to have gained access to Apple’s systems via […]


Threats & Malware, Virus & Malware

Fake LastPass lookalike made it into Apple App Store

February 8, 2024

Via: The Register

LastPass says a rogue application impersonating its popular password manager made it past Apple’s gatekeepers and was listed in the iOS App Store for unsuspecting folks to download and install. The software maker went public about the fake mobile app […]