Researchers at Trustwave Holdings Inc.’s SpiderLabs detailed a new campaign that leverages Facebook infrastructure for phishing attacks and the theft of personally identifiable information. Users are advised to be extra careful when receiving false violation notifications and not to be fooled by the apparent legitimacy of the initial links.
Navigation system monitors have seen a recent uptick in interruptions since Ukraine began launching long-range drone attacks. EVERY DAY, BILLIONS of people use the GPS satellite system to find their way around the world—but GPS signals are vulnerable. Jamming and spoofing attacks can cripple GPS connections entirely or make
"Uber has suffered a new data breach after a threat actor leaked employee email addresses, corporate reports, and IT asset information stolen from a third-party vendor in a cybersecurity incident. Early Saturday morning, a threat actor named 'UberLeaks' began leaking data they claimed was stolen from Uber
Pro-Ukraine hacker group, Team OneFist reported on strategic cyber strike on construction site of a hydroelectric plant, Zagorskaya GAES-2 in Operation Gradient.
The US Department of Health and Human Services (HHS) is warning healthcare organizations of the threat posed by ongoing Royal ransomware attacks. Initially spotted in September 2022, the ransomware family is employed by a financially-motivated threat actor that also uses known tools for persistence, credential exfiltration, and lateral movement. “Royal
Microsoft and cybersecurity firm Volexity have traced a new version of AppleJeus malware to the hackers behind the Ronin exploit and numerous other online heists. Microsoft reports that a threat actor has been identified targeting cryptocurrency investment startups. A party Microsoft has dubbed DEV-0139 posed as a cryptocurrency investment company
The Russia-linked cyberespionage group known as Callisto (aka AG-53, COLDRIVER, SEABORGIUM) has been observed targeting multiple entities that provide war support for Ukraine, including private companies in the US and Europe. Active since at least 2017, the advanced persistent threat (APT) actor is also tracked as Blue Callisto, Coldriver, Seaborgium,
Hackers backed by the Iranian government have targeted two Human Rights Watch staff members and at least 18 other high-profile activists, journalists, researchers, academics, diplomats, and politicians working on Middle East issues in an ongoing social engineering and credential phishing campaign, Human Rights Watch said today. An investigation by Human
Microsoft has warned in its report to Russia boost cyberattack on Ukraine and its allies throughout the winter. In recent months, cyberthreat actors affiliated with Russian military intelligence have launched destructive wiper attacks against energy, water and other critical infrastructure organizations’ networks in Ukraine as missile strikes knocked out power
A previously undocumented data wiper named CryWiper is masquerading as ransomware, but in reality, destroys data beyond recovery in attacks against Russian mayor's offices and courts. CryWiper was first discovered by Kaspersky this fall, where they say the malware was used in an attack against a Russian organization.
Pro-Russian hacker group KillNet has launched DDoS attack today against several Latvian websites, among them primarily the website of the Latvian Ministry of Foreign Affairs. The website of Latvian Ministry of Foreign Affairs (mfa.gov.lv) is currently unavailable. Trigger of DDoS attacks was statement of Latvian Foreign Minister, Edgar
Ukraine has come under a fresh onslaught of ransomware attacks that mirror previous intrusions attributed to the Russia-based Sandworm nation-state group. Slovak cybersecurity company ESET, which dubbed the new ransomware strain RansomBoggs, said the attacks against several Ukrainian entities were first detected on November 21, 2022. "While the malware
Over 1,600 publicly available Docker Hub images hide malicious behavior, including cryptocurrency miners, embedded secrets that can be used as backdoors, DNS hijackers, and website redirectors. Docker Hub is a cloud-based container library allowing people to freely search and download Docker images or upload their creations to the public
Flaws from a web server discontinued since 2005 have been used to attack organizations from the energy sector. State-backed Chinese hacking groups have used the Boa web server to target several Indian electrical grid operators (for example Tata Power Company Limited, India), compromising an Indian national emergency response system and
Paolo Passeri, cybersecurity expert has been collecting the incidents due to cloud misconfigurations and leading to the exposure of data since 2020. The statistics of this collection related to year of 2022 were published on his website, Hackmageddon. Unfortunately despite increasing risks and awareness the number of incidents this year
The European Parliament website was hit by a cyberattack shortly after lawmakers approved a resolution calling Moscow a "state sponsor of terrorism". DDoS attacks are part of the announced campaign on October 2 by Anonymous Russia (the hacker group operating under the management of KillNet). “KILLNET officially recognises
