Security

0 Comments
Security professionals are overwhelmingly positive about GenAI’s impact on cybersecurity, despite the technology making cyber-attacks more dangerous. This is according to Ivanti’s Generative AI and Cybersecurity: Risk and Reward report, published on December 3. The report found that security professionals are eight-times more likely to say gen AI is a net positive versus a net
0 Comments
Russia has arrested a notorious ransomware operator in the exclave of Kaliningrad, according to Russian media. Russian state news agency RIA Novosti reported on November 29 a court document had been filed in Kaliningrad relating to a man detained and charged with creating malware. While the document does not mention the identity of the man,
0 Comments
Romania’s national security council has warned that cyber-attacks are being used to influence the fairness of the country’s live presidential election. The Supreme Council of National Defense revealed it was presented with assessments on the actions of state and non-state cyber actors targeting election infrastructure and processes in a meeting on Thursday, November 28. While
0 Comments
An infamous ransomware group has claimed to have compromised sensitive data from a children’s hospital in Liverpool, UK. On November 28, INC Ransom posted on its data leak site that it has obtained large-scale data patient records, donor reports and procurement data for 2018-2024 from Alder Hey Children’s NHS Foundation Trust. The Trust quickly acknowledged
0 Comments
Public-facing instances of ProjectSend, an open-source file-sharing web application, have been exploited by attackers, according to vulnerability intelligence provider VulnCheck. ProjectSend was created by software developer Ignacio Nelson and is maintained by a group of over 50 people. It has received support from 1500 people on GitHub. The web application has been affected by an
0 Comments
A pro-Russian hacktivist group has launched its own ransomware-as-a-service (RaaS) operations to advance its causes. Researchers from SentinelLabs has observed the CyberVolk hacktivist collective advertise its branded ransomware since June, 2024, and has claimed responsibility for multiple ransomware attacks between June and October. The hacktivist group, which originated in India, has also promoted and shared
0 Comments
Software vendor Blue Yonder, which supplies supply chain management tools to major retailers worldwide, has been hit by a ransomware attack which has affected Starbucks and some UK supermarkets. Blue Yonder confirmed on November 21 that it was experiencing disruptions to its managed services-hosted environment due to the attack. Those disruption have extended to some
0 Comments
A network of four public relations (PR) firms has been operating pro-China influence operations online since at least 2022, according to Google. In a report published on November 22, Google’s Threat Intelligence Group revealed it has removed hundreds of domains from its search and news indexes. These domains were part of a complex ecosystem of
0 Comments
A Russian-aligned hacking group is conducting a cyber espionage campaign across Europe and Asia, according to Recorded Future. Insikt Group, Recorded Future’s threat intelligence team, has shared in a November 21 report that a group it tracks as TAG-110 has been using custom malware to compromise government entities, human rights groups and educational institutions. The
0 Comments
Microsoft has seized 240 fraudulent websites associated with “do-it-yourself” phishing kits used by cybercriminals globally to break into customer accounts. The action was enabled by a civil court order in the Eastern District of Virginia which allowed the malicious technical infrastructure to be directed to Microsoft. This permanently stops the use of these domains in
0 Comments
Read more about Lumma Stealer: Instant messaging app Telegram is gaining traction as a malware-spreading platform, according to cybersecurity firm McAfee. Two McAfee researchers analyzed in a November 20 blog post how Lumma Stealer, one of the most used infostealers, is being distributed on Telegram. The researchers believe that threat actors have identified the messaging
0 Comments
Apple has urged customers to apply emergency security updates, which fixes two actively exploited vulnerabilities on its devices. The fixes are included in the iOS 18.1.1 and iPadOS 18.1.1, Safari 18.1.1, visionOS 2.1.1 and macOS Sequoia 15.1.1 updates, available across a range of Apple devices, including iPhones, iPads, macOS and Apple Vision Pro. These address
0 Comments
A 42-year-old Russian national has appeared in court in the US on suspicion of administering the sale, distribution and operation of Phobos ransomware, according to the Justice Department (DoJ). Evgenii Ptitsyn was in the US District Court for the District of Maryland on November 4 after being extradited from South Korea, according to documents unsealed
0 Comments
An unauthenticated remote command execution (RCE) vulnerability against Palo Alto Networks’ internet-exposed firewall management interfaces is actively being exploited, according to the cybersecurity provider. On November 8, Palo Alto published a security advisory to warn of a zero-day vulnerability affecting some of its PAN-OS firewall management interfaces. The flaw is an unauthenticated RCE vulnerability affecting
0 Comments
Cloud ransomware attacks have become a common approach from malicious actors to compromise the IT systems of their targets, according to SentinelOne. Attackers are increasingly leverage cloud providers’ services to directly compromise their victims or exfiltrate data, according to a new report by SentinelLabs. On the one hand, they target cloud-based storage services to compromise
0 Comments
Energy services supplier Halliburton has revealed that an August ransomware breach cost the firm $35m, highlighting the major financial impact of cyber-threats. The Dubai-headquartered multinational, which is one of the largest providers of products and services to the energy industry – especially the US fracking sector – made the disclosure in its Q3 financials. “We
0 Comments
Scammers have hijacked another popular news story to increase the effectiveness of a phishing campaign – in this case, one related to the government’s recently announced cut to winter fuel payments for pensioners. UK policing group the Regional Organised Crime Unit (ROCU) Network urged the elderly to be on the lookout for texts claiming to
0 Comments
A ransomware attack has significantly disrupted the operations of a key supplier to the US oil industry. In a regulatory filing sent to the US Securities and Exchange Commission (SEC) on November 7, Texan company Newpark Resources said an unauthorized third party gained access to some of its internal information systems on October 29, an
0 Comments
Russian-associated cyber-attacks on South Korea have ramped up following the deployment of North Korean troops in Ukraine, South Korea’s President’s Office has warned. The activity by pro-Kremlin groups has primarily been distributed denial-of-service (DDoS) attacks against government websites and private companies, which the Seoul government is actively responding to. The President’s Office said that access
0 Comments
A notorious North Korean affiliated threat actor is targeting crypto firms using multi-stage malware and a novel persistence mechanism, SentinelLabs has reported. The campaign, dubbed ‘Hidden Risk’, is assessed with high confidence to be perpetrated by the BlueNoroff advanced persistent threat (APT) group, known for financially-motivated attacks. It is designed to target macOS devices. The
0 Comments
All of the UK local authorities targeted by Russian hacktivists last week appear to have restored online services. A group known as “NoName057(16)” took to X (formerly Twitter) last Monday to publish details of a DDoS campaign which it claimed was retribution for British military support for Ukraine. “The Russian embassy in the UK has