admin

The LockBit ransomware group could be making a comeback after months of struggling to maintain its criminal activity following its takedown in February 2024. On December 19, LockBitSupp, the persona allegedly run by the ransom-as-s-service (RaaS) group admins, announced on its website the group would launch a new version of its ransomware, LockBit 4.0. In

Ukraine’s state registers, operated by the Ministry of Justice, have suffered their largest cyber-attack, with the Security Service of Ukraine (SSU) opening a criminal investigation into the incident, which it has attributed to Russia. The SSU has established that a hacker group affiliated with the main intelligence directorate of the general staff of the Russian

The Italian Data Protection Authority (Garante per la protezione dei dati personali) has taken sanctions against OpenAI over data protection failures related to the ChatGPT chatbot. OpenAI must pay a €15m ($15.6m) fine and carry out a six-month public awareness campaign across Italian media. This campaign is aimed to educate the public on how ChatGPT

Despite the ban on Kaspersky products in the US they continue to be actively used by US organizations, including by 19 US government entities. A Bitsight analysis found that 40% of US organizations observed to be using Kaspersky products before the prohibition came into effect on September 29, 2024, still appear to be using the

US federal agencies and departments have been mandated to implement new cybersecurity practices for cloud services. The Cybersecurity and Infrastructure Security Agency (CISA) published Binding Operational Directive 25-01: Implementing Secure Practices for Cloud Services on December 17, which sets out actions federal agencies must take to identify and secure all production or operational cloud tenants

A sophisticated phishing attack targeting a Turkish defense sector organization was recently uncovered by security researchers, shedding light on the evolving tactics of threat actor TA397, also known as “Bitter.”  This campaign, observed by Proofpoint, deployed spear phishing emails containing RAR archives to deliver malware through advanced mechanisms involving NTFS Alternate Data Streams (ADS) and

Internet-exposed Human Machine Interfaces (HMIs) pose significant risks to the Water and Wastewater Systems (WWS) sector, according to a new fact sheet jointly released by the US Cybersecurity and Infrastructure Security Agency (CISA) and the Environmental Protection Agency (EPA). Titled Internet-Exposed HMIs Pose Cybersecurity Risks to Water and Wastewater Systems and published last week, the

Ransomware claims reached an all-time high in November 2024, with Corvus Insurance reporting 632 victims claimed on ransomware groups’ data leak sites (DLS). More than double the monthly average of 307 victims, the November count exceeds the previous peak of 527 victims recorded in May 2024. According to a December 11 report by Corvus, these

Threat actors’ abuse of legitimate Microsoft tools rose by 51% in the first half of 2024 compared to 2023, according to Sophos’ latest Active Adversary Report. The researchers observed 187 unique Microsoft Living Off the Land Binaries (LOLbins) used by threat actors in 190 cyber incidents analyzed in H1 2024. Over a third of them

The US Government has offered a $5m reward for information that leads to the disruption of financial mechanisms of persons engaged in a fake IT worker scheme targeting US firms that support the Democratic People’s Republic of Korea (DPRK).  The conspirators, some of whom were ordered by their superiors to earn at least $10,000 per

Two significant security vulnerabilities in the popular Woffice WordPress theme that could allow attackers to gain unauthorized control or access have been patched. The Woffice theme, a premium product developed by Xtendify with over 15,000 sales, provides team and project management functionality for WordPress.  According to a report by Patchstack, the first vulnerability is a privilege

Russian state threat actor Secret Blizzard has leveraged resources and tools used by other cyber groups to support the Kremlin’s military efforts in Ukraine, according to Microsoft. These campaigns have consistently led to the download of Secret Blizzard’s custom malware on devices associated with the Ukrainian military. The analysis is the second part of research

A significant cyber operation exploiting vulnerabilities in improperly configured public websites has been linked to the Nemesis and ShinyHunters hacking groups, exposing sensitive data, including customer information, infrastructure credentials and proprietary source code. According to independent cybersecurity researchers Noam Rotem and Ran Locar, the attackers orchestrated a large-scale internet scan targeting vulnerable endpoints within Amazon Web Services

A federal appeals court has upheld a law that could see TikTok banned across the US unless its Chinese parent company, ByteDance, divests its ownership. The decision was issued by a three-judge panel from the US Court of Appeals for the District of Columbia Circuit on Friday, marking a significant setback for the video-sharing platform

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish the data it had stolen earlier this week. However, despite the claims, a Deloitte spokesperson told Infosecurity that its investigation indicates that the allegations relate to a single client’s system which sits outside of the Deloitte network. “No Deloitte systems have