Ukraine traced a cyberattack that delayed a press briefing by the nation's information protection agency Tuesday to Russian Sandworm hackers. The group accused of using wiper malware to disrupt the Ukrainian national Media Center has close ties with the Russian GRU, investigators say.
A pro-Kremlin hacking group with a history of launching distributed denial-of-service attacks took its annoyance tactics to Germany following Berlin's announcement that it will ship Leopard 2 battle tanks to Ukraine's front lines. A German government spokesperson said the attacks had minimal effect.
A North Korean hacking group tracked by cybersecurity firm Proofpoint as TA444 in December unleashed a torrent of spam in a bid to harvest credentials - evidence of a hacking group that mirrors "startup culture in its devotion to the dollar and to the grind."
Android malware highlighted by Dutch cybersecurity firm ThreatFabric shows the line between a banking Trojan and advanced spyware. The Trojan, dubbed Hook, can take a screenshot, simulate clicks and input swipe gesture commands. It can also take control of WhatsApp.
Australia started operating an international ransomware task force to facilitate information sharing and best practices worldwide. “Recent cyber incidents in Australia and around the globe are a stark reminder of the insidious nature of ransomware," said Minister for Home Affairs Clare O'Neil.
Security appliances are targets for sophisticated threat actors who take advantage of devices' limited configuration and logging features, as well as their incompatibility with endpoint detection and response. Suspected Chinese hackers took advantage of a Fortinet zero-day to implant a backdoor.
Ukraine's top information protection agency says Russian cyberattacks are focusing on destruction of critical information infrastructure, spying and disinformation. Although efforts are underway, it will require $1.79 billion to completely restore the telecommunication sector, it says.
A high-severity vulnerability patched by Google Chrome a few months ago allowed hackers to steal sensitive files such as crypto wallets. Hackers increasingly are targeting individuals and organizations that hold cryptocurrencies, writes Imperva security researcher Ron Masas, who discovered the flaw.
Senior U.S. and Japanese officials pledged deepened cooperation in cyberspace while signaling readiness to rebuff China through deployment of an upgraded Marine Corps unit to Okinawa. U.S. President Joe Biden is set to meet Friday with Japanese Prime Minister Fumio Kishida at the White House.
The Vice Society ransomware group today claimed responsibility for a December 2022 attack on an Australian state fire department that led to a widespread IT outage. Fire Rescue Victoria warned current and former employees and job applicants of data leak.
The Hive ransomware-as-a-service group claimed responsibility for a data breach involving patients of a U.S. nursing home chain with a checkered past. The chain, Consulate Health Care, posted a notice saying the leak originated at an unnamed vendor.
A financially motivated threat actor called Blind Eagle returned from its hiatus and is conducting an ongoing campaign directed at Spanish-speaking targets in the banking industry in Colombia and Ecuador. The hacking group appears to have updated its tools and infection chain.
A class action lawsuit against LastPass alleges that a data breach in August resulted in the theft of $53,000 in bitcoin. An unnamed plaintiff alleges that negligence in the password management company's data security practices led to the Thanksgiving weekend theft.
Hundreds of U.S. counties continue to work with pen and paper after a cyberattack on their digital records management vendor last week disrupted methods to view, add and edit government records. The attack slowed the processing of birth certificates, marriage licenses and real estate transactions.
The BlackCat ransomware-as-a-service group created a spoofed website closely mimicking the website of a victim in order to spread stolen data online. The victim is a small U.S. accounting firm whose stolen files apparently include tax returns and passport scans.