Security

Cybercriminal are exploiting employee desires for job satisfaction and orgnaizations’ promise of benefits with a flurry of phishing scams. Pay raises, promotions, holiday bonuses and other ‘life-impacting’ updates are attractive phishing lures, email security provider Cofense warned in a January 10 blog post. A typical approach is to embed links to commodity software used by

Fidelity National Financial (FNF) has revealed that around 1.3 million customers’ data may have been exposed during a ransomware attack it suffered in 2023. The firm, which provides title insurance services to the real estate and mortgage industries, notified the Securities and Exchange Commission (SEC) of the number of potentially impacted consumers in an updated

Read more about cyber-threats to the 2024 US elections: Under 4% of US states are fully prepared to detect and recover from election-targeted cybersecurity incidents, according to research by Arctic Wolf. The survey of state and local government leaders across the US found that 14.3% of states were ‘not at all prepared’ to deal with

A new decryptor key has been created for victims of the Babuk Tortilla ransomware variant, Cisco Talos has confirmed. These keys will be added to a generic Babuk decryptor previously created by Avast Threat Labs. This will enable users to download the single decryptor containing all currently known Babuk keys. Targeting Babuk Ransomware Variations Babuk

North Korean hackers stole at least $600m in cryptocurrency in 2023, around a third of the total value of such heists, according to blockchain intelligence firm TRM. Despite the eye-watering sum, this figure represents a 30% reduction on cryptocurrency stolen by Democratic People’s Republic of Korea (DPRK)-linked hackers compared to 2022, at $850m. The researchers

Cyber-attacks targeting Web3 cost organizations $1.84bn in 2023 across 751 incidents, according to Certik’s Hack3d: The Web3 Security Report 2023. The average cost per incident was $2.45m in 2023. However, there was a wide disparity between the losses suffered, with the 10 most costly attacks alone accounting for $1.11bn. The highest costs occurred in Q3,

The US Justice Department (DoJ) announced that 19 individuals involved in managing and using the late xDedic cybercrime marketplace have been charged with lengthy prison sentences. The list includes two xDedic administrators, Pavlo Kharmanskyi, a Ukrainian man who was arrested while trying to enter the US, and Alexandru Habasescu, of Moldovan nationality, who was arrested

In a landmark move, the US National Institute of Standards and Technology (NIST) has taken a new step in developing strategies to fight against cyber-threats that target AI-powered chatbots and self-driving cars. The Institute released a new paper on January 4, 2024, in which it established a standardized approach to characterizing and defending against cyber-attacks on

Security experts have begun the year in combative mood after a leading security vendor called on the US government to ban ransomware payments. Noted for its work in ransomware decryption, Emsisoft revealed new analysis this week claiming that 2207 US hospitals, schools and government entities were directly impacted by ransomware in 2023. It argued that

Russian intelligence hacked online surveillance cameras to spy on air defense activities and critical infrastructure in Kyiv ahead of recent missile strikes, the Security Service of Ukraine (SSU) has revealed. The Kremlin was able to remotely control two residential cameras, which it used to collect information to target critical infrastructure in Ukraine’s capital Kyiv. This

Court cases and tribunals in Australia have been impacted by a cybersecurity incident, with attackers potentially accessing recordings of hearings, according to the Court Services Victoria (CSV). The CSV revealed the incident in a statement on January 2, 2024. This public notice came some 12 days after the CSV was first alerted to the cyber

The German authorities have announced the takedown of a notorious dark web marketplace known for selling drugs, malware and other illegal items. The federal police service (BKA) and the Frankfurt prosecutor’s office for cybercrime (ZIT) announced the news on Wednesday, but revealed the coordinated action took place on December 16. The English-language Kingdom Market, which was

Security researchers have warned against the DarkGate threat actor, who has recently gained notoriety in the realm of remote access Trojans (RATs) and loaders.  Earlier today, Proofpoint confirmed it has been tracking a distinct operator of the DarkGate malware, temporarily named BattleRoyal, noting its use in at least 20 email campaigns from September to November

After a quieter month in October, ransomware groups seemed to return with a vengeance in November, with the highest number of listed victims ever recorded, according to Corvus Insurance. In a report published on December 18, 2023, Corvus Threat Intel observed 484 new ransomware victims posted to leak sites in November. This represents a 39.08%

The threat landscape has been bustling in the second half of 2023, according to cybersecurity provider ESET. In its Threat Report: H2 2023, the firm recorded many significant cybersecurity incidents between June and November 2023, a period dominated by AI-related malicious activity and the emergence of new Android spyware. According to the report, a new

Cybercriminals unleashed an average of 411,000 malicious files every day in 2023, representing a 3% increase from the previous year, according to Kaspersky. The firm’s Security Bulletin: Statistics of the Year Report, published on December 14, 2023, showed that particular types of threats also escalated. One example is the use of malicious desktop files (Microsoft

ESO Solutions, a data and software provider for emergency responders and healthcare entities, has commenced the notification process for 2.7 million individuals affected by a ransomware attack.  The breach, which unfolded on September 28, compelled ESO to shut down systems temporarily to curb the incident’s reach. Although the attackers accessed and encrypted internal systems, ESO said it

Security researchers have discovered a new series of “crypto drainer” malware attacks that have stolen $59m from victims so far after luring them to phishing pages via Google and X (formerly Twitter) ads. A crypto drainer is a type of malware that tricks the user into approving a transaction which then automatically drains their cryptocurrency

The UK’s secretary of state for justice has warned of a “clear and present danger” to British democracy from deepfakes ahead of the upcoming general election. Robert Buckland made the remarks on BBC Radio 4’s Today program yesterday, claiming the technology delivers a “liar’s dividend” in that, by undermining trust in the veracity of information,

UK telco EE has warned customers they could be deluged with millions of scam SMS messages on December 23 as fraudsters look to capitalize on last-minute Christmas shopping. The mobile operator claimed that the equivalent day last year saw it block three million text message scams (aka “smishing”), the highest daily number in 2022. This

Security vendor Ivanti has released an update to its Avalanche mobile device management (MDM) product which fixes 22 vulnerabilities, 13 of which are rated critical. Ivanti Avalanche is described by the vendor as an enterprise MDM solution capable of managing distributed deployments of more than 100,000 mobile devices – including anything from warehouse scanners to

The average direct cost of a serious cybersecurity incident increased by 11% year-on-year to reach $1.7m in 2023, according to consulting firm S-RM. The firm polled 600 C-suite and IT budget holders from US and UK organizations with revenues over $500m to produce its 2023 Cybersecurity Insights Report. The most common incident types were fraud,

Security researchers have claimed that a vulnerability described as the biggest and most critical ever discovered was far less dangerous than first believed. Log4Shell was a critical, CVSS 10.0-rated vulnerability in popular open source logging utility Log4j. It was thought to be relatively easy to exploit, enabled remote code execution, and was found in a

Legacy vulnerabilities and Remote Desktop Protocol (RDP) endpoints are being singled out by attackers, according to new data based on billions of recorded cyber-attacks in 2023. Honeypot sensors set up in the UK by insurer Coalition have recorded 5.8 billion attacks so far in 2023, which works out roughly to 17 million each day. Three-quarters

Tens of thousands of current and former employees of a leading US cybersecurity and nuclear research laboratory were impacted by a major data breach discovered in November, it has been revealed. The Idaho National Laboratory (INL) said in an updated notice published this week that it first became aware of the incident on November 20.

The UK government has proposed new rules designed to regulate the datacenter sector, in a bid to improve baseline cybersecurity and resilience. It’s seeking industry feedback on a new consultation document, Protecting and enhancing the security and resilience of UK data infrastructure, which will be open until February 22 2024. Under the current proposals, datacenter providers

Four US residents have been charged with a series of money laundering offenses connected to a major “pig butchering” fraud syndicate. Lu Zhang, 36, of Alhambra, California; Justin Walker, 31, of Cypress, California; Joseph Wong, 32, of Rosemead, California; and Hailong Zhu, 40, of Naperville, Illinois, are charged with conspiracy to commit money laundering, concealment

Threat actors are switching tactics to compromise their victims with ransomware, with more attacks now exploiting vulnerabilities rather than using phishing emails, according to Corvus Insurance. The insurer analyzed claims data from this year to better understand threat actor activity. It claimed that vulnerability exploitation rose as an initial access method from nearly 0% of ransomware

Microsoft ended the year with a relatively light patch-load, issuing updates for 34 vulnerabilities including one zero-day first reported back in August. CVE-2023-20588 is a “division-by-zero” vulnerability affecting specific AMD processors that can “potentially return speculative data resulting in loss of confidentiality.” Microsoft addressed the vulnerability in its Patch Tuesday update round, as the latest

Proofpoint has warned recruiters of a skilled threat actor targeting them with emails designed to deploy malware. TA4557 is a financially motivated threat actor known to distribute the More_Eggs backdoor, which is designed to establish persistence, profile the targeted machine and drop additional payloads. Throughout 2022 and most of 2023 the actor has been replying to