The US Department of Treasury's Office of Foreign Assets Control (OFAC) sanctioned two individuals and five entities associated with the Intellexa Alliance for their role in "developing, operating, and distributing" commercial spyware designed to target government officials, journalists, and policy experts in the country. "The proliferation of commercial spyware poses distinct and growing security risks to the United States and has been misused by foreign actors to enable human rights abuses an
All Articles (1926)
Sort by
The Stormous ransomware gang has taken credit for an attack on a major Belgian beer producer this week. The ransomware attack on Duvel Moortgat Brewery has affected operations for days. Can you believe it? Who wants to stop the flow of beer? Local news outlets and BleepingComputer reported on Wednesday that Duvel’s IT department detected the attack and shut down production lines. Spokesperson Ellen Aerts told reporters that they are “still working to find out exactly what happened. "We hav
A company contacted the incident response firm Sygnia to investigate suspect activity on its network. Sygnia rapidly concluded the company was experiencing a ransomware attack and was in imminent danger of having its entire environment encrypted. It recommended immediate and bold action to disconnect from the internet. This is one of the oldest defenses against hackers and disconnects from the internet. Just as in the previous century, a user would notice something unexpected downloading int
CISA Report JCSA-20240227-001
Note: This CISA advisory uses the MITRE ATT&CK® for Enterprise framework, version 14. See the MITRE ATT&CK Tactics and Techniques section for a table of the threat actors’ activity mapped to MITRE ATT&CK tactics and techniques. For assistance with mapping malicious cyber activity to the MITRE ATT&CK framework, see CISA and MITRE ATT&CK’s Best Practices for MITRE ATT&CK Mapping and CISA’s Decider Tool.
Overview - This advisory provides observed tactics, techniques,
A pigeon held for eight months on suspicion of spying for China has been released after Indian authorities determined it was no avian agent of espionage but a disoriented Taiwanese racing bird that had lost its way. Police found the pigeon near a port in Mumbai in May with two metal rings tied to its leg and what looked like Chinese writing on the underside of its wings. The alleged secret agent was held in custody for eight months, first by police and then by the city’s Bai Sakarbai Dinshaw Pe
As corporate directors and security teams scramble to ensure they meet the Securities and Exchange Commission's (SEC) new cybersecurity regulations, claims due to mishandling protected personally identifiable information (PII) could rival the cost of ransomware attacks, warns David Anderson, vice president of cyber liability at Woodruff Sawyer, a national insurance brokerage. While privacy claims take years to work through the legal process, "losses are generally just as catastrophic over three
With the automotive industry facing an unprecedented surge in loan fraud, dealerships are finding themselves at the front lines of a growing battle against sophisticated crime syndicates. In the early months of 2023, the creation of manufactured identities allowed fraudsters access to a staggering $1.8 billion in automotive loan credit, a significant leap from $869 million in the same timeframe in 2021. This escalation has not only highlighted the evolving threat landscape but has also prompte
The American Hospital Association is accusing the parent company of Change Healthcare, which for two weeks has dealt with a cybersecurity incident that has caused disruptions at pharmacies nationwide of failing to adequately address the issues healthcare providers face getting reimbursed for services as a result of the attack.
On 1 March, UnitedHealth Group, which owns Change Healthcare, rolled out a “Temporary Funding Assistance Program” for providers who rely on the company’s software to get r
Russia has been accused of attempting to inflame divisions in Germany by publishing an intercepted conversation in which Bundeswehr officials discuss the country’s support for Ukraine, particularly around the supply of Taurus cruise missiles.
The 38-minute conversation, which took place on 19 February 2024, was first published on social media platform Telegram by Margarita Simonyan, the editor-in-chief of RT and a sanctioned propagandist, who said the recording had been provided to her by “comra
The current administration ordered the Commerce Department to open an investigation into foreign-made software in cars, citing Chinese technology as a potential national security risk. A White House spokesman stated that Chinese efforts to dominate the global auto industry posed clear security risks to the US. “Connected vehicles from China could collect sensitive data about our citizens and our infrastructure and send this data back to the People’s Republic of China, and these vehicles could
Over the past several years, organizations have been engaged in expanding their multi-edge networking strategies to not only enable new work-from-anywhere (WFA) realities but also support workers as they become increasingly dependent on cloud applications and environments to do their jobs. However, as these networks grow to meet new business demands, the attack surface increases.[1]
The result is a growing gap between network functionality and security coverage that not only inherently exposes
When most people hear about cybersecurity hacks they envision frozen monitors, ransomware demands, and DDoS attacks that compromise connectivity for a few hours or even days. Some experts, though, are worried that with the arrival of widespread artificial intelligence in the hands of hackers, both lone wolves and nation-states, we may be entering the era of the "cyber-physical attack."
In fact, last month the FBI warned Congress that Chinese hackers have burrowed deep into the United States' cy
ChatGPT started throwing out “unexpected responses” on the evening of 20 February 2024 according to OpenAI’s status page. Users posted screenshots of their ChatGPT conversations full of wild, nonsensical answers from the AI chatbot. “We are investigating reports of unexpected responses from ChatGPT,” said OpenAI on its status page at 6:40 pm ET that Tuesday night. “We’re continuing to monitor the situation,” the company updated the page at 7:59 pm.[1]
OpenAI says the issue has been resolved a
SentinelLabs and ClearSky Cyber Security have been tracking a propaganda and disinformation campaign since late November 2023, highly likely orchestrated by Doppelgänger, a suspected Russia-aligned influence operation network known for its persistent and aggressive tactics. Initially focusing on disseminating anti-Ukraine content following the onset of the Russo-Ukrainian conflict, Doppelgänger has since broadened its scope, targeting audiences in the US, Israel, Germany, and France.
Analysts o
It is no longer theoretical; the world's major powers are working with large language models to enhance offensive cyber operations. Advanced persistent threats (APTs) aligned with China, Iran, North Korea, and Russia use large language models (LLMs) to enhance their operations. New blog posts from OpenAI and Microsoft reveal that five prominent threat actors have used OpenAI software for research, fraud, and other malicious purposes. After identifying them, OpenAI shuttered all their accounts
The infamous malware loader and initial access broker known as Bumblebee has resurfaced after a four-month absence as part of a new phishing campaign observed in February 2024. The enterprise security firm Proofpoint reported that the activity targets organizations in the US with voicemail-themed lures containing links to OneDrive URLs. "The URLs led to a Word file with names such as "ReleaseEvans#96.docm" (the digits before the file extension varied)," the company said in a recent report. "Th
Cyber-attacks cost the world economy a huge $8 trillion USD in 2023 and are expected to rise to an incredible $18 trillion by 2030. Technology has advanced so rapidly that most devices in a 2024 household are always online smart devices perpetually connected to the cloud. Beyond this, no workforce, industry, or government agency exists without a complex and interconnected web of users, systems, and online technologies. Is it any wonder that cyber-attacks are on the rise and have cost the worl
SentinelLabs recently posted a very interesting report on leaked information about a Chinese company, I-Soon.
Executive Summary / I-Soon (上海安洵), a company that contracts for many PRC agencies–including the Ministry of Public Security, Ministry of State Security, and People’s Liberation Army, was subject to a data leak over the weekend of 16 February. It is not known who pilfered the information nor their motives, but this leak provides a first-of-its-kind look at the internal operations of a st
Cyber threat actors operating with interests aligned to Belarus and Russia have been linked to a new cyber espionage campaign that likely exploited Cross-Site Scripting (XSS) vulnerabilities in Roundcube webmail servers to target over 80 organizations. According to investigators, these entities are primarily located in Georgia, Poland, and Ukraine and attributed the intrusion set to a threat actor known as Winter Vivern, also known as TA473 and UAC0114. The cybersecurity firm tracks the hacki
An international law enforcement operation has led to the seizure of multiple darknet domains operated by LockBit, one of the most prolific ransomware groups, marking the latest in a long list of digital takedowns. While the full extent of the effort, codenamed Operation Cronos, is presently unknown, visiting the group's ‘.onion’ website displays a seizure banner containing the message "The site is now under the control of law enforcement." Authorities from 11 countries, Australia, Canada, Finl
