Browsing tag
Microsoft on Friday revealed that the Kremlin-backed threat actor known as Midnight Blizzard (aka APT29 or Cozy Bear) managed to gain access to some of its source code repositories and internal systems following a hack that came to light in January 2024. “In recent weeks, we have seen evidence that Midnight Blizzard is using information […]
The U.S. Department of Justice (DoJ) announced the indictment of a 38-year-old Chinese national and a California resident for allegedly stealing proprietary information from Google while covertly working for two China-based tech companies. Linwei Ding (aka Leon Ding), a former Google engineer who was arrested on March 6, 2024, “transferred sensitive Google trade secrets and […]
A new DNS threat actor dubbed Savvy Seahorse is leveraging sophisticated techniques to entice targets into fake investment platforms and steal funds. “Savvy Seahorse is a DNS threat actor who convinces victims to create accounts on fake investment platforms, make deposits to a personal account, and then transfers those deposits to a bank in Russia,” […]
A U.S. judge has ordered NSO Group to hand over its source code for Pegasus and other remote access trojans to Meta as part of the social media giant’s ongoing litigation against the Israeli spyware vendor. The decision marks a major legal victory for Meta, which filed the lawsuit in October 2019 for using its […]
As an IT leader, staying on top of the latest cybersecurity developments is essential to keeping your organization safe. But with threats coming from all around — and hackers dreaming up new exploits every day — how do you create proactive, agile cybersecurity strategies? And what cybersecurity approach gives you the most bang for your […]
The threat actors behind the LockBit ransomware operation have resurfaced on the dark web using new infrastructure, days after an international law enforcement exercise seized control of its servers. To that end, the notorious group has moved its data leak portal to a new .onion address on the TOR network, listing 12 new victims as […]
On Thanksgiving Day 2023, while many Americans were celebrating, hospitals across the U.S. were doing quite the opposite. Systems were failing. Ambulances were diverted. Care was impaired. Hospitals in three states were hit by a ransomware attack, and in that moment, the real-world repercussions came to light—it wasn’t just computer networks that were brought to […]
The U.K. National Crime Agency (NCA) on Tuesday confirmed that it obtained LockBit’s source code as well as a wealth of intelligence pertaining to its activities and their affiliates as part of a dedicated task force called Operation Cronos. “Some of the data on LockBit’s systems belonged to victims who had paid a ransom to […]
Efficient communication is a cornerstone of business success. Internally, making sure your team communicates seamlessly helps you avoid friction losses, misunderstandings, delays, and overlaps. Externally, frustration-free customer communication is directly correlated to a positive customer experience and higher satisfaction. However, business communication channels are also a major target for cybercriminals. In recent years, especially since […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization’s network environment was compromised via an administrator account belonging to a former employee. “This allowed the threat actor to successfully authenticate to an internal virtual private network (VPN) access point,” the agency said in a joint advisory published Thursday […]
The landscape of cybersecurity in financial services is undergoing a rapid transformation. Cybercriminals are exploiting advanced technologies and methodologies, making traditional security measures obsolete. The challenges are compounded for community banks that must safeguard sensitive financial data against the same level of sophisticated threats as larger institutions, but often with more limited resources. The FinServ […]
Employment agencies and retail companies chiefly located in the Asia-Pacific (APAC) region have been targeted by a previously undocumented threat actor known as ResumeLooters since early 2023 with the goal of stealing sensitive data. Singapore-headquartered Group-IB said the hacking crew’s activities are geared towards job search platforms and the theft of resumes, with as many […]
A former software engineer with the U.S. Central Intelligence Agency (CIA) has been sentenced to 40 years in prison by the Southern District of New York (SDNY) for transmitting classified documents to WikiLeaks and for possessing child pornographic material. Joshua Adam Schulte, 35, was originally charged in June 2018. He was found guilty in July […]
The SEC isn’t giving SaaS a free pass. Applicable public companies, known as “registrants,” are now subject to cyber incident disclosure and cybersecurity readiness requirements for data stored in SaaS systems, along with the 3rd and 4th party apps connected to them. The new cybersecurity mandates make no distinction between data exposed in a breach […]
Each New Year introduces a new set of challenges and opportunities for strengthening our cybersecurity posture. It’s the nature of the field – the speed at which malicious actors carry out advanced persistent threats brings a constant, evolving battle for cyber resilience. The excitement in cybersecurity lies in this continuous adaptation and learning, always staying […]
Hackers with links to the Kremlin are suspected to have infiltrated information technology company Hewlett Packard Enterprise’s (HPE) cloud email environment to exfiltrate mailbox data. “The threat actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions,” […]
Governments from Australia, the U.K., and the U.S. have imposed financial sanctions on a Russian national for his alleged role in the 2022 ransomware attack against health insurance provider Medibank. Alexander Ermakov (aka blade_runner, GistaveDore, GustaveDore, or JimJones), 33, has been tied to the breach of the Medibank network as well as the theft and […]
Generative AI will enable anyone to launch sophisticated phishing attacks that only Next-generation MFA devices can stop The least surprising headline from 2023 is that ransomware again set new records for a number of incidents and the damage inflicted. We saw new headlines every week, which included a who’s-who of big-name organizations. If MGM, Johnson […]
Cybersecurity is an infinite journey in a digital landscape that never ceases to change. According to Ponemon Institute1, “only 59% of organizations say their cybersecurity strategy has changed over the past two years.” This stagnation in strategy adaptation can be traced back to several key issues. Talent Retention Challenges: The cybersecurity field is rapidly advancing, […]
Ukrainian cybersecurity authorities have disclosed that the Russian state-sponsored threat actor known as Sandworm was inside telecom operator Kyivstar’s systems at least since May 2023. The development was first reported by Reuters. The incident, described as a “powerful hacker attack,” first came to light last month, knocking out access to mobile and internet services for […]
Google Cloud has addressed a medium-severity security flaw in its platform that could be abused by an attacker who already has access to a Kubernetes cluster to escalate their privileges. “An attacker who has compromised the Fluent Bit logging container could combine that access with high privileges required by Anthos Service Mesh (on clusters that […]