Researchers have discovered a new malware variant likely used in an attack this January against an energy company in western Ukraine that left 600 households without heat amid freezing temperatures. The tool, called FrostyGoop, is one of only a few malware strains ever discovered in the wild that can interact directly with industrial control systems and have a physical effect on the hardware used by targeted enterprises, according to researchers at industrial cybersecurity firm Dragos, which di
All Articles (2070)
Sort by
Researchers are saying that electric vehicles (EVs) are at risk of cyber-attacks while connected to fast-charging systems, the quickest and most common way to charge the vehicles, according to research from a team of engineers at Southwest Research Institute (SwRI). “As the grid evolves to take on more EVs, we need to defend our critical grid infrastructure against cyber-attacks while also securing payments to charge EVs,” said the assistant director of SwRI’s High Reliability Systems Departmen
Sentinel Labs blog has provided the following stories: * Interpol-Led Operation Cracks Down on West African Cybercrime Syndicates - Operation Jackal III was a month-long law enforcement effort that involved 21 countries. This week, Interpol reported some 300 arrests, the identification of over 400 suspects, 720 blocked bank accounts, and the seizure of $3 million in illicit funds, all to dismantle multiple criminal networks globally. Among the affected crime syndicates, Black Axe has been a
In a show of international cooperation, intelligence and cybersecurity agencies from eight countries have jointly accused China of orchestrating a series of cyberattacks on government networks. The United States, United Kingdom, Canada, Australia, New Zealand, Germany, Japan, and South Korea have pointed the finger at APT40, a hacking group believed to be sponsored by China's Ministry of State Security.
See: https://redskyalliance.org/transportation/anchor-panda-and-periscope-threat-actors-tar
In today's digital age, ransomware has emerged as a formidable threat to businesses of all sizes. This malicious attack can paralyze operations, damage reputations, and inflict severe financial losses. Mid-market organizations are particularly vulnerable, with over half (57%) admitting they don't regularly review and replace legacy systems, and a similar number (57%) failing to patch their systems regularly.
This creates an expanded attack surface for cybercriminals to exploit them. The conse
Just this past week, a good friend of mine came back from a 2-week vacation in Scotland. He and his wife had a great time walking an old ancient trail along many lakes and mountains. He stayed at various BnB’s and hotels. One thing that bothered my friend is that almost all places of business in Scotland, including the airport in Glasgow, demanded payment with a credit card – another words, e-commerce transitions only. My friend took over 1,000 in British Pounds (cash) to pay for whatever he
Online identities continue to be at risk of vulnerabilities, a colossal password compilation named "RockYou2024" has emerged, containing nearly 10 billion unique passwords. This unprecedented leak has put the cybersecurity community and beyond on high alert as if it was not already there, highlighting the ongoing need for improved digital security practices.
The name "RockYou2024" pays homage to the infamous RockYou data breach of 2009, which exposed 32 million passwords due to insecure storage
The HardBit ransomware first appeared in October 2022, with a 2.0 version coming shortly thereafter in November of 2022. As one expects of a ransomware attack, HardBit targets organizations and demands cryptocurrency payments in exchange for decrypting data.
Earlier variants of HardBit aren’t noted as being especially unique, though one standout attribute of HardBit is that the operators have enhanced their extortion tactics by demanding to know about the victim’s potential cyber insurance co
The recent U.S. Supreme Court decision in Loper Bright Enterprises v. Raimondo questions the topic of cybersecurity regulation. The Court's decision effectively overturned the Chevron Doctrine, a longstanding principle that gave deference to federal agencies' interpretations of ambiguous laws. Cybersecurity leaders are now scrambling to understand the implications for regulating the threat landscape already a moving target. Business leaders have questioned the validity of unelected bureaucrats
The Justice Department announced on 09 July 2024, the seizure of two domain names and the search of 968 social media accounts used by Russian actors to create an AI-enhanced social media bot farm that spread disinformation in the United States and abroad. The social media bot farm used elements of AI to create fictitious social media profiles often purporting to belong to individuals in the United States which the operators then used to promote messages in support of Russian government objective
Executive Summary from Fortinet - Not long ago, the operational technology (OT) networks used in environments such as factories and critical infrastructure were air-gapped, meaning they were not connected to the internet. But today, the once-siloed worlds of OT and information technology (IT) are seeing greater interconnectivity due to digital transformation and support for scarce or remote workers. This connectivity can enhance production via data sharing and new cloud-based tools that allow
Global cyber insurance premiums are declining despite an increase in ransomware attacks, according to a recent report by insurance broker Howden www.howdengroup.com. This trend reflects improved business security practices, evolving insurance industry dynamics, and changing attitudes toward cyber risk management.
The Howden report indicates that the cyber insurance market experienced double-digit price reductions in 2023/24, starkly contrasting the skyrocketing premiums seen in 2021 and 2022 d
A Microsoft outage starting during the evening of 18 July which crippled airlines, financial services, health-care and many energy companies across the world, resulting for many in a "blue screen of death" on their work computers. In response, Microsoft on Saturday released a recovery tool to help repair Windows machines affected by the bug, a day after CrowdStrike provided instructions for how to fix a crashed PC.
CrowdStrike, a cybersecurity firm whose software protects small businesses and l
Behind a massive IT failure that grounded flights, upended markets and disrupted corporations around the world is one cybersecurity company: CrowdStrike Holdings Inc. Known as a dominant supplier of software that protects businesses from ransomware attacks, CrowdStrike was thrust into the spotlight on 19 July as it struggled to fix a faulty patch that led to cascading, system-wide failures, paralyzing the operations of clients ranging from banks to global retail giants to health-care systems.
W
Recorded Future’s Insikt Group identified a suspected cyber-espionage campaign by TAG-100, targeting global government and private sector organizations. TAG-100 exploited internet-facing devices and used open-source tools like the Go backdoor Pantegana. The campaign compromised two Asia-Pacific intergovernmental organizations and targeted multiple diplomatic and trade entities.
- TAG-100 Uses Open-Source Tools in Suspected Global Espionage Campaign, Compromising Two Asia-Pacific Intergovernmenta
At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven’t set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn’t yet been registered, merely by supplying an email address tied to an existing domain. Until this past weekend, Squarespace’s website had an option to l
Between April and June 2024, the NullBulge group emerged, targeting users in AI-centric applications and gaming communities. The NullBulge persona has showcased creative methods of distributing malware targeting said tools and platforms. Though the group projects an image of activism claiming to be “protecting artists around the world” and claims to be motivated by a pro-art, anti-AI cause rather than profit, other activities tied to this threat actor may indicate otherwise.
NullBulge’s servic
Cyber threat researchers recently uncovered a Chinese cyber espionage campaign targeting a newly discovered command injection vulnerability in Cisco’s Cisco NX-OS software. They found the vulnerability and its exploitation as part of an ongoing forensic investigation of a Velvet Ant threat group. The vulnerability tracked as CVE-2024-20399 concerns a case of command injection that allows an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system
The sophisticated malware known as ViperSoftX has been observed being distributed as eBooks over torrents. BitTorrent, also referred to as simply torrent, is a communication protocol for peer-to-peer file sharing (P2P), which enables users to distribute data and electronic files over the Internet in a decentralized manner. The protocol is developed and maintained by Rainberry, Inc., and was first released in 2001.
A notable aspect of the current variant of ViperSoftX is that it uses the Common
Destructive cyber-attacks such as ransomware and wiper attacks are forcing a culture change within organizations as teams need to come together to build resilience. In many organizations, the CIO and CISO and their teams pursue their own, sometimes conflicting, goals and maintain their own cultures and methods. But to build resilience to attacks, security and IT operations must work much better together.
Historically CISOs primarily had to deal with incidents of data theft, or more accurately
