The U.S. Federal Bureau of Investigation (FBI) has sought assistance from the public in connection with an investigation involving the breach of edge devices and computer networks belonging to companies and government entities. "An Advanced Persistent Threat group allegedly created and deployed malware (CVE-2020-12271) as part of a widespread series of indiscriminate computer … [Read more...] about FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions
Cyber
North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack
Oct 30, 2024Ravie LakshmananRansomware / Threat Intelligence Threat actors in North Korea have been implicated in a recent incident that deployed a known ransomware family called Play, underscoring their financial motivations. The activity, observed between May and September 2024, has been attributed to a threat actor tracked as Jumpy Pisces, which is also known as Andariel, … [Read more...] about North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack
U.S. and Microsoft Seize 107 Russian Domains in Major Cyber Fraud Crackdown
Oct 04, 2024Ravie LakshmananPhishing Attack / Cybercrime Microsoft and the U.S. Department of Justice (DoJ) on Thursday announced the seizure of 107 internet domains used by state-sponsored threat actors with ties to Russia to facilitate computer fraud and abuse in the country. "The Russian government ran this scheme to steal Americans' sensitive information, using seemingly … [Read more...] about U.S. and Microsoft Seize 107 Russian Domains in Major Cyber Fraud Crackdown
Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks
A hacktivist group known as Twelve has been observed using an arsenal of publicly available tools to conduct destructive cyber attacks against Russian targets. "Rather than demand a ransom for decrypting data, Twelve prefers to encrypt victims' data and then destroy their infrastructure with a wiper to prevent recovery," Kaspersky said in a Friday analysis. "The approach is … [Read more...] about Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks
17-Year-Old Arrested in Connection with Cyber Attack Affecting Transport for London
Sep 13, 2024Ravie LakshmananCyber Attack / Crime British authorities on Thursday announced the arrest of a 17-year-old male in connection with a cyber attack affecting Transport for London (TfL). "The 17-year-old male was detained on suspicion of Computer Misuse Act offenses in relation to the attack, which was launched on TfL on 1 September," the U.K. National Crime Agency … [Read more...] about 17-Year-Old Arrested in Connection with Cyber Attack Affecting Transport for London
University Professors Targeted by North Korean Cyber Espionage Group
Aug 08, 2024Ravie LakshmananCyber Attack / Cyber Espionage The North Korea-linked threat actor known as Kimsuky has been linked to a new set of attacks targeting university staff, researchers, and professors for intelligence gathering purposes. Cybersecurity firm Resilience said it identified the activity in late July 2024 after it observed an operation security (OPSEC) error … [Read more...] about University Professors Targeted by North Korean Cyber Espionage Group
APT41 Hackers Use ShadowPad, Cobalt Strike in Taiwanese Institute Cyber Attack
Aug 02, 2024Ravie LakshmananCyber Espionage / Malware A Taiwanese government-affiliated research institute that specializes in computing and associated technologies was breached by nation-state threat actors with ties to China, according to new findings from Cisco Talos. The unnamed organization was targeted as early as mid-July 2023 to deliver a variety of backdoors and … [Read more...] about APT41 Hackers Use ShadowPad, Cobalt Strike in Taiwanese Institute Cyber Attack
Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild
Jul 29, 2024Ravie LakshmananEnterprise Security / Data Protection Cybersecurity company Acronis is warning that a now-patched critical security flaw impacting its Cyber Infrastructure (ACI) product has been exploited in the wild. The vulnerability, tracked as CVE-2023-45249 (CVSS score: 9.8), concerns a case of remote code execution that stems from the use of default … [Read more...] about Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild
North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks
Jul 25, 2024NewsroomMalware / Cyber Espionage A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country. Google-owned Mandiant is tracking the activity cluster under a new moniker … [Read more...] about North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks
ExCobalt Cyber Gang Targets Russian Sectors with New GoRed Backdoor
Jun 22, 2024NewsroomCyber Espionage / Threat Intelligence Russian organizations have been targeted by a cybercrime gang called ExCobalt using a previously unknown Golang-based backdoor known as GoRed. "ExCobalt focuses on cyber espionage and includes several members active since at least 2016 and presumably once part of the notorious Cobalt Gang," Positive Technologies … [Read more...] about ExCobalt Cyber Gang Targets Russian Sectors with New GoRed Backdoor