@infosec.bsky.social
July 27, 2023 at 7:23 PM
Microsoft reveals a new Russian threat actor, Cadet Blizzard, linked to GRU, with a lower success rate but high destructive activity. https://thehackernews.com/2023/06/microsoft-warns-of-new-russian-state.html
June 15, 2023 at 10:29 AM
Microsoft reveals a new Russian threat actor, Cadet Blizzard, linked to GRU, with a lower success rate but high destructive activity. https://thehackernews.com/2023/06/microsoft-warns-of-new-russian-state.html
The threat actors behind the LockBit ransomware-as-a-service (RaaS) scheme have extorted $91 million following hundreds of attacks against numerous U.S. organizations since 2020. https://thehackernews.com/2023/06/lockbit-ransomware-extorts-91-million.html
June 15, 2023 at 8:22 AM
The threat actors behind the LockBit ransomware-as-a-service (RaaS) scheme have extorted $91 million following hundreds of attacks against numerous U.S. organizations since 2020. https://thehackernews.com/2023/06/lockbit-ransomware-extorts-91-million.html
A new phishing technique called "file archiver in the browser" can be leveraged to "emulate" a file archiver software in a web browser when a victim visits a .ZIP domain.
https://thehackernews.com/2023/05/dont-click-that-zip-file-phishers.html
https://thehackernews.com/2023/05/dont-click-that-zip-file-phishers.html
May 29, 2023 at 7:28 AM
A new phishing technique called "file archiver in the browser" can be leveraged to "emulate" a file archiver software in a web browser when a victim visits a .ZIP domain.
https://thehackernews.com/2023/05/dont-click-that-zip-file-phishers.html
https://thehackernews.com/2023/05/dont-click-that-zip-file-phishers.html
A new stealthy information stealer malware called Bandit Stealer has caught the attention of cybersecurity researchers for its ability to target numerous web browsers and cryptocurrency wallets. https://thehackernews.com/2023/05/new-stealthy-bandit-stealer-targeting.html
May 27, 2023 at 8:48 AM
A new stealthy information stealer malware called Bandit Stealer has caught the attention of cybersecurity researchers for its ability to target numerous web browsers and cryptocurrency wallets. https://thehackernews.com/2023/05/new-stealthy-bandit-stealer-targeting.html
It’s been a big month for US data privacy. Indiana, Iowa, and Tennessee all passed state privacy laws, bringing the total number of states with a privacy law up to eight. https://www.schneier.com/blog/archives/2023/05/indiana-iowa-and-tennessee-pass-comprehensive-privacy-laws.html
May 24, 2023 at 2:02 PM
It’s been a big month for US data privacy. Indiana, Iowa, and Tennessee all passed state privacy laws, bringing the total number of states with a privacy law up to eight. https://www.schneier.com/blog/archives/2023/05/indiana-iowa-and-tennessee-pass-comprehensive-privacy-laws.html
The Indian manufacturing plant responsible for manufacturing Suzuki motorcycles has been forced to shut down following a cyber attack, with the loss of an estimated 20,000 vehicles. https://www.bitdefender.com/blog/hotforsecurity/suzuki-motorcycle-plant-shut-down-by-cyber-attack/
May 23, 2023 at 10:01 AM
The Indian manufacturing plant responsible for manufacturing Suzuki motorcycles has been forced to shut down following a cyber attack, with the loss of an estimated 20,000 vehicles. https://www.bitdefender.com/blog/hotforsecurity/suzuki-motorcycle-plant-shut-down-by-cyber-attack/
A U.K. national, responsible for his role as the administrator of the now-defunct iSpoof online phone number spoofing service has been sentenced to 13 years and 4 months in prison. https://thehackernews.com/2023/05/uk-fraudster-behind-ispoof-scam.html
May 22, 2023 at 8:18 AM
A U.K. national, responsible for his role as the administrator of the now-defunct iSpoof online phone number spoofing service has been sentenced to 13 years and 4 months in prison. https://thehackernews.com/2023/05/uk-fraudster-behind-ispoof-scam.html
Researchers are worried about Google’s .zip and .mov domains, because they are confusing. Mistaking a URL for a filename could be a security vulnerability. https://www.bleepingcomputer.com/news/security/new-zip-domains-spark-debate-among-cybersecurity-experts/
May 19, 2023 at 11:27 AM
Researchers are worried about Google’s .zip and .mov domains, because they are confusing. Mistaking a URL for a filename could be a security vulnerability. https://www.bleepingcomputer.com/news/security/new-zip-domains-spark-debate-among-cybersecurity-experts/
A Russian man identified by KrebsOnSecurity in January 2022 as a prolific and vocal member of several top ransomware groups was the subject of two indictments unsealed by the Justice Department.
https://krebsonsecurity.com/2023/05/russian-hacker-wazawaka-indicted-for-ransomware/
https://krebsonsecurity.com/2023/05/russian-hacker-wazawaka-indicted-for-ransomware/
May 17, 2023 at 5:25 AM
A Russian man identified by KrebsOnSecurity in January 2022 as a prolific and vocal member of several top ransomware groups was the subject of two indictments unsealed by the Justice Department.
https://krebsonsecurity.com/2023/05/russian-hacker-wazawaka-indicted-for-ransomware/
https://krebsonsecurity.com/2023/05/russian-hacker-wazawaka-indicted-for-ransomware/
A former employee of Ubiquiti has been sentenced to six years in jail after he pleaded guilty to posing as an anonymous hacker and a whistleblower in an attempt to extort almost $2 million worth of cryptocurrency. https://thehackernews.com/2023/05/former-ubiquiti-employee-gets-6-years.html
May 15, 2023 at 9:06 AM
A former employee of Ubiquiti has been sentenced to six years in jail after he pleaded guilty to posing as an anonymous hacker and a whistleblower in an attempt to extort almost $2 million worth of cryptocurrency. https://thehackernews.com/2023/05/former-ubiquiti-employee-gets-6-years.html
U.S. cybersecurity and intelligence agencies have warned of attacks carried out by a threat actor known as the Bl00dy Ransomware Gang that attempt to exploit vulnerable PaperCut servers against the education facilities sector. https://thehackernews.com/2023/05/bl00dy-ransomware-gang-strikes.html
May 12, 2023 at 9:01 AM
U.S. cybersecurity and intelligence agencies have warned of attacks carried out by a threat actor known as the Bl00dy Ransomware Gang that attempt to exploit vulnerable PaperCut servers against the education facilities sector. https://thehackernews.com/2023/05/bl00dy-ransomware-gang-strikes.html
U.S. authorities have announced the seizure of 13 internet domains that offered DDoS-for-hire services to other criminal actors.The takedown is part of an ongoing international initiative dubbed Operation PowerOFF. https://thehackernews.com/2023/05/us-authorities-seize-13-domains.html
May 9, 2023 at 5:50 PM
U.S. authorities have announced the seizure of 13 internet domains that offered DDoS-for-hire services to other criminal actors.The takedown is part of an ongoing international initiative dubbed Operation PowerOFF. https://thehackernews.com/2023/05/us-authorities-seize-13-domains.html
What can you do if someone steals your keys but you can’t change the lock? Naked Security explains the dilemma in plain English. https://nakedsecurity.sophos.com/2023/05/09/low-level-motherboard-security-keys-leaked-in-msi-breach-claim-researchers/
May 9, 2023 at 5:23 PM
What can you do if someone steals your keys but you can’t change the lock? Naked Security explains the dilemma in plain English. https://nakedsecurity.sophos.com/2023/05/09/low-level-motherboard-security-keys-leaked-in-msi-breach-claim-researchers/
Digital storage giant Western Digital confirms the theft of personal information of its online store customers. https://thehackernews.com/2023/05/western-digital-confirms-customer-data.html
May 8, 2023 at 2:48 PM
Digital storage giant Western Digital confirms the theft of personal information of its online store customers. https://thehackernews.com/2023/05/western-digital-confirms-customer-data.html
PHP software package repository Packagist revealed that an "attacker" gained access to four inactive accounts on the platform to hijack over a dozen packages with over 500 million installs to date. https://thehackernews.com/2023/05/packagist-repository-hacked-over-dozen.html
May 5, 2023 at 10:18 AM
PHP software package repository Packagist revealed that an "attacker" gained access to four inactive accounts on the platform to hijack over a dozen packages with over 500 million installs to date. https://thehackernews.com/2023/05/packagist-repository-hacked-over-dozen.html
Apple delivers first-ever Rapid Security Response “cyberattack” patch – leaves some users confused https://nakedsecurity.sophos.com/2023/05/01/apple-delivers-first-ever-rapid-security-response-cyberattack-patch-leaves-some-users-confused/
May 2, 2023 at 10:31 AM
Apple delivers first-ever Rapid Security Response “cyberattack” patch – leaves some users confused https://nakedsecurity.sophos.com/2023/05/01/apple-delivers-first-ever-rapid-security-response-cyberattack-patch-leaves-some-users-confused/
A Vietnamese threat actor has been attributed as behind a "malverposting" campaign on social media platforms to infect over 500,000 devices worldwide over the past three months to deliver variants of information stealers. https://thehackernews.com/2023/05/vietnamese-threat-actor-infects-500000.html
May 1, 2023 at 10:18 AM
A Vietnamese threat actor has been attributed as behind a "malverposting" campaign on social media platforms to infect over 500,000 devices worldwide over the past three months to deliver variants of information stealers. https://thehackernews.com/2023/05/vietnamese-threat-actor-infects-500000.html
Google disclosed that its improved security features and app review processes helped it block 1.43 million bad apps from being published to the Play Store in 2022. https://thehackernews.com/2023/05/google-blocks-143-million-malicious.html
May 1, 2023 at 9:20 AM
Google disclosed that its improved security features and app review processes helped it block 1.43 million bad apps from being published to the Play Store in 2022. https://thehackernews.com/2023/05/google-blocks-143-million-malicious.html
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks perpetrated by Russian nation-state hackers targeting various government bodies in the country. https://thehackernews.com/2023/05/apt28-targets-ukrainian-government.html
May 1, 2023 at 9:19 AM
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks perpetrated by Russian nation-state hackers targeting various government bodies in the country. https://thehackernews.com/2023/05/apt28-targets-ukrainian-government.html