LockBitSupp, the individual(s) behind the persona representing the LockBit ransomware service on cybercrime forums such as Exploit and XSS, “has engaged with law enforcement,” authorities said. The development comes following the takedown of the prolific ransomware-as-a-service (RaaS) operation as part of a coordinated international operation codenamed Cronos. Over 14,000 rogue accounts on third-party services like
Serco Leisure has been ordered to stop using facial recognition technology (FRT) and fingerprint scanning to monitor employee attendance by the UK’s data protection enforcement authority. The Information Commissioner’s Office (ICO) said the company unlawfully processed biometric data of more than 2000 employees across 38 sporting and leisure facilities under UK data protection law. Serco
Video Coming in two waves, the campaign sought to demoralize Ukrainians and Ukrainian speakers abroad with disinformation messages about war-related subjects 23 Feb 2024 This week, ESET researchers revealed their findings about Operation Texonto, a disinformation/psychological (PSYOP) campaign where Russia-aligned threat actors sought to demoralize Ukrainians and Ukrainian speakers abroad with disinformation messages about war-related
Feb 24, 2024NewsroomActive Directory / Data Protection Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light. “Microsoft will automatically enable the logs in customer accounts and increase
Read more about LockBit Ransomware: LockBit Takedown: What You Need to Know about Operation Cronos LockBit Infrastructure Disrupted by Global Law Enforcers LockBit and Royal Mail Ransomware Negotiation Leaked LockBit Remains Top Global Ransomware Threat “We know who he is. We know where he lives. We know how much he is worth. LockbitSupp has engaged
Digital Security You would never give your personal ID to random strangers, right? So why provide the ID of your computer? Unsuspecting users beware, IP grabbers do not ask for your permission. Márk Szabó 22 Feb 2024 • , 6 min. read A common message that any user of a social platform like Discord might
Feb 23, 2024NewsroomRed Teaming / Artificial Intelligence Microsoft has released an open access automation framework called PyRIT (short for Python Risk Identification Tool) to proactively identify risks in generative artificial intelligence (AI) systems. The red teaming tool is designed to “enable every organization across the globe to innovate responsibly with the latest artificial intelligence advances,”
Cybersecurity experts at Kaspersky have uncovered a new phishing campaign that specifically targets small and medium-sized businesses (SMBs). The attack method involves exploiting the email service provider (ESP) SendGrid to gain access to client mailing lists, subsequently utilizing stolen credentials to send out convincing phishing emails. These emails are crafted to appear authentic, posing a
ESET products and research have been protecting Ukrainian IT infrastructure for years. Since the start of the war in February 2022, we have prevented and investigated a significant number of attacks launched by Russia-aligned groups. We have also published some of the most interesting findings on WeLiveSecurity: Even though our main focus remains on analyzing
Feb 22, 2024NewsroomQuantum Computing / Encryption Apple has announced a new post-quantum cryptographic protocol called PQ3 that it said will be integrated into iMessage to secure the messaging platform against future attacks arising from the threat of a practical quantum computer. “With compromise-resilient encryption and extensive defenses against even highly sophisticated quantum attacks, PQ3 is
Over 40% of companies globally are struggling to fill critical cybersecurity roles, particularly in information security research and malware analysis, as highlighted by a recent report from Kaspersky. This shortage is particularly acute in Europe, Russia and Latin America. Additionally, security operations center (SOC) and security assessment and network security roles are understaffed, with figures
Feb 21, 2024NewsroomMalware / Cyber Espionage The China-linked threat actor known as Mustang Panda has targeted various Asian countries using a variant of the PlugX (aka Korplug) backdoor dubbed DOPLUGS. “The piece of customized PlugX malware is dissimilar to the general type of the PlugX malware that contains a completed backdoor command module, and that
Operation Cronos, the global law enforcement operation that took down LockBit, one of the world’s most harmful ransomware groups, is a major breakthrough in the fight against cybercrime. The operation, announced on February 20, was led by the UK’s National Crime Agency (NCA) and the FBI. Key Takeaways from the Biggest Ransomware Takedown The results
Feb 20, 2024NewsroomServer Security / Cryptojacking A novel malware campaign has been observed targeting Redis servers for initial access with the ultimate goal of mining cryptocurrency on compromised Linux hosts. “This particular campaign involves the use of a number of novel system weakening techniques against the data store itself,” Cado security researcher Matt Muir said
A rising trend in cryptocurrency counterfeiting has been identified by security researchers, particularly targeting Fortune 100 companies. According to a report published by Resecurity researchers today, these efforts involve the creation of tokens that impersonate major brands, government bodies and even national fiat currencies. In decentralized finance (DeFi) and crypto, where rapid growth is prevalent,
Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the surveillance-for-hire industry. The findings are part of its Adversarial Threat Report for the fourth quarter of 2023. The spyware targeted iOS, Android, and Windows devices.
PDF threats are on the rise with cybercriminals spreading malware, including WikiLoader, Ursnif and DarkGate, through PDFs, a new report by HP Wolf Security has found. The company’s analysis saw a 7% rise in PDF threats in Q4 2023, compared to Q1 of the same year. It noted that previously PDF lures have been used
Video Artificial intelligence is on everybody’s lips these days, but there are also many misconceptions about what AI actually is and isn’t. We unpack the basics and examine AI’s broader implications. Alžbeta Kovaľová 15 Feb 2024 Artificial intelligence (AI) is clearly the topic du jour as technologies that fall under the umbrella term of AI
Feb 18, 2024NewsroomMalware / Cybercrime A Ukrainian national has pleaded guilty in the U.S. to his role in two different malware schemes, Zeus and IcedID, between May 2009 and February 2021. Vyacheslav Igorevich Penchukov (aka Vyacheslav Igoravich Andreev, father, and tank), 37, was arrested by Swiss authorities in October 2022 and extradited to the U.S.
Organizations based in the EU are being targeted by spear phishing campaigns leveraging EU political and diplomatic events, according to the bloc’s Computer Emergency Response Team (CERT-EU). In its Threat Landscape Report 2023, published on February 15, 2024, CERT-EU found that lures exploiting the EU agenda have been rife in 2023. “In recent years, 2023
Video Here’s how the results of vulnerability scans factor into decisions on cyber-insurance and how human intelligence comes into play in the assessment of such digital signals 16 Feb 2024 Cyber-insurance has been an increasingly hot topic lately, with the cyber-insurance industry growing of 62 percent last year, which largely appears to be attributable to
Efficient communication is a cornerstone of business success. Internally, making sure your team communicates seamlessly helps you avoid friction losses, misunderstandings, delays, and overlaps. Externally, frustration-free customer communication is directly correlated to a positive customer experience and higher satisfaction. However, business communication channels are also a major target for cybercriminals. In recent years, especially since
Read more on Ivanti vulnerabilities: Bad news continues to pile up for Utah-based IT software provider Ivanti as a new vulnerability has been discovered in its products. On February 8, Ivanti disclosed a new authentication bypass vulnerability impacting its Connect Secure, Policy Secure, and ZTA gateways. This new vulnerability, identified as CVE-2024-22024, is the latest
Feb 16, 2024NewsroomEndpoint Security / Cryptocurrency Multiple companies operating in the cryptocurrency sector are the target of an ongoing malware campaign that involves a newly discovered Apple macOS backdoor codenamed RustDoor. RustDoor was first documented by Bitdefender last week, describing it as a Rust-based malware capable of harvesting and uploading files, as well as gathering
Prudential Financial has disclosed a cybersecurity breach. Detected on February 5 2024, the breach involved unauthorized access to certain company systems. In a filing with the US Securities and Exchange Commission (SEC) on February 12 2024, Prudential said it immediately activated its cybersecurity incident response protocol and is working with external experts to investigate and mitigate the
Feb 15, 2024NewsroomMalware / Cyber Espionage The Russia-linked threat actor known as Turla has been observed using a new backdoor called TinyTurla-NG as part of a three-month-long campaign targeting Polish non-governmental organizations in December 2023. “TinyTurla-NG, just like TinyTurla, is a small ‘last chance’ backdoor that is left behind to be used when all other
A substantial 55% of recent Data Loss Prevention (DLP) events have involved attempts to input personally identifiable information (PII), while 40% included confidential documents. The figures come from Menlo Security’s report The Continued Impact of Generative AI on Security Posture, published earlier today. According to the new data, from July to December 2023, the landscape
Digital Security As fabricated images, videos and audio clips of real people go mainstream, the prospect of a firehose of AI-powered disinformation is a cause for mounting concern Phil Muncaster 13 Feb 2024 • , 5 min. read Fake news has dominated election headlines ever since it became a big story during the race for
Feb 14, 2024NewsroomArtificial Intelligence / Cyber Attack Nation-state actors associated with Russia, North Korea, Iran, and China are experimenting with artificial intelligence (AI) and large language models (LLMs) to complement their ongoing cyber attack operations. The findings come from a report published by Microsoft in collaboration with OpenAI, both of which said they disrupted efforts
Read more about cyber-threats to 2024 elections: Upcoming US, UK, and South Korea elections are the most likely to face cyber interference, according to a new report published by threat-informed defense solution provider Tidal Cyber. These three countries face adversaries from all four ‘priority’ adversary countries – namely China, Iran, Russia and North Korea. Other
- « Previous Page
- 1
- …
- 21
- 22
- 23
- 24
- 25
- …
- 116
- Next Page »