Tag: group
-
UAT-5647 Unleashes RomCom Malware in Attacks on Ukraine and Poland
In a sophisticated and persistent cyber campaign, the UAT-5647 threat actor group, known for its ties to Russian-speaking adversaries, has launched a series of targeted attacks against Ukrainian government and... First seen on securityonline.info Jump to article: securityonline.info/uat-5647-unleashes-romcom-malware-in-attacks-on-ukraine-and-poland/
-
From Windows to Linux to ESXi: The Cicada3301 Ransomware Hits Them All
A sophisticated ransomware group, Cicada3301, has rapidly risen to prominence in the cybercrime landscape, targeting critical infrastructure sectors across the globe. First identified in June 2024, the Cicada3301 ransomware-as-a-service (RaaS)... First seen on securityonline.info Jump to article: securityonline.info/from-windows-to-linux-to-esxi-the-cicada3301-ransomware-hits-them-all/
-
Two Sudanese nationals indicted for operating the Anonymous Sudan group
The DoJ charged Anonymous Sudan members and disrupted their DDoS infrastructure, halting its cyber operations. The US Justice Department charged two Sudanese brothers (Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27) with operating and controlling the cybercrime collective Anonymous Sudan that launched tens of thousands of Distributed Denial of Service (DDoS) attacks…
-
DOJ charges alleged Anonymous Sudan ringleaders
Two Sudanese brothers are accused of leading the cybercriminal group that caused significant damage to healthcare organizations as well as other high-profile victims. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366613922/DOJ-charges-alleged-Anonymous-Sudan-ringleaders
-
Russia-linked RomCom group targeted Ukrainian government agencies since late 2023
Russia-linked threat actor RomCom targeted Ukrainian government agencies and Polish entities in cyber attacks since late 2023. Cisco Talos researchers observed Russia-linked threat actor RomCom (aka UAT-5647, Storm-0978, Tropical Scorpius, UAC-0180, UNC2596) targeting Ukrainian government agencies and Polish entities in a new wave of attacks since at least late 2023. In the recent attacks, RomCom…
-
3 Longtime Health Centers Report Hacks Affecting 740,000
Data Thefts, Leaks Follow Continuing Trend in Healthcare: Expert. A network of family health centers, a public medical center and a plastic surgery practice with nearly 180 years of combined service are among the latest healthcare groups reporting major data theft incidents to regulators. The three hacks affected nearly 740,000 patients and employees. First seen…
-
Number of Active Ransomware Groups Highest on Record, Cyberint’s Report Finds
This indicates that the most prominent ransomware groups are succumbing to law enforcement takedowns, according to researchers from Cyberint. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/record-number-active-ransomware-groups/
-
The role of compromised cyber-physical devices in modern cyberattacks
Cyber-physical devices are increasingly getting compromised and leveraged by criminal groups and state-sponsored threat actors. Fyodor Yarochkin, Senior Threat Solution … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/17/fyodor-yarochkin-trend-micro-compromised-cyber-physical-devices/
-
Authorities Indicted Two Anonymous Sudan Hackers Over Cyberattacks
Tags: attack, cyber, cyberattack, cybercrime, government, group, hacker, infrastructure, network, serviceA federal grand jury has indicted two Sudanese nationals, Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27. The pair are accused of operating Anonymous Sudan, a notorious cybercriminal group responsible for tens of thousands of Distributed Denial of Service (DDoS) attacks targeting critical infrastructure and government agencies globally. Unveiling the Cybercriminal Network…
-
Critical Veeam Vulnerability CVE-2024-40711 Exploited by Ransomware Groups
Veeam has addressed a severe vulnerability in its widely utilized Backup & Replication tool, CVE-2024-40711. This critical flaw has a staggering Common Vulnerability Scoring System (CVSS) score of 9.8. Ransomware gangs have already begun exploiting this Veeam vulnerability, particularly deploying Akira and Fog ransomware in targeted attacks. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/critical-veeam-vulnerability-2/
-
Change Healthcare Attack Cost Estimate Reaches Nearly $2.9B
Most IT Restored, But UHG Is Still Catching Up and Aiming to Win Back Clients. UnitedHealth Group has raised its estimates to nearly $2.9 billion for the total costs this fiscal year of the cyberattack on its Change Healthcare IT services unit. UHG said it is also working to catch up with claims processing and…
-
SideWinder APT: A Decade of Evolution and Global Expansion
The SideWinder Advanced Persistent Threat (APT) group, also known as T-APT-04 or RattleSnake, has been a relentless actor in the global cyber espionage landscape since its emergence in 2012. Though... First seen on securityonline.info Jump to article: securityonline.info/sidewinder-apt-a-decade-of-evolution-and-global-expansion/
-
Sri Lankan Police Arrest Over 200 Chinese Scammers
Chinese Cybercrime Groups Ran Operations in Rented Hotels and Guest Houses. Sri Lankan authorities have arrested more than 200 Chinese nationals who they say overstayed their visitor visas and engaged in large-scale financial scam operations targeting victims across Asia. The Chinese Embassy in Colombo says it supports the law enforcement crackdown. First seen on govinfosecurity.com…
-
Lawmakers seek insight into China-linked attacks on telecom networks
Members of congress want to know when and how AT&T, Lumen and Verizon learned of the intrusions and what data the threat group accessed. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/lawmakers-china-linked-attacks-telecom-networks/729865/
-
Volkswagen Says IT Infrastructure Not Affected After Ransomware Gang Claims Data Theft
Volkswagen has issued a statement after the 8Base ransomware group claimed to have stolen valuable data from the company’s systems. The post Volkswagen Says IT Infrastructure Not Affected After Ransomware Gang Claims Data Theft appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/volkswagen-says-it-infrastructure-not-affected-after-ransomware-gang-claims-data-theft/
-
Conscia extends UK&I reach with PlanNet21 Group buy
Tags: groupThe trend of northern European channel players swooping for talent to widen their geographical operations continues First seen on computerweekly.com Jump to article: www.computerweekly.com/microscope/news/366613539/Conscia-extends-UKI-reach-with-planNet21-Group-buy
-
Hackers Allegedly Selling Data Stolen from Cisco
A group of hackers reportedly sells sensitive data stolen from Cisco Systems, Inc. The breach, allegedly carried out by a collective known as IntelBroker in collaboration with EnergyWeaponUser and zjj, has raised significant concerns across the tech industry. Details of the Breach According to a post on social media platform X by user H4ckManac, the…
-
Earth Simnavaz Exploits Windows Kernel Flaw CVE-2024-30088 in Attacks on Critical Infrastructure
Trend Micro researchers have uncovered a series of advanced cyberattacks carried out by the threat group Earth Simnavaz, also known as APT34 or OilRig. This Iranian-linked cyber espionage group has... First seen on securityonline.info Jump to article: securityonline.info/earth-simnavaz-exploits-windows-kernel-flaw-cve-2024-30088-in-attacks-on-critical-infrastructure/
-
U.S. Lawmakers, White House Move to Stem China Cyberthreat
Two U.S. House committees want more information about the hack by China threat group Salt Typhoon into the networks of ATT, Verizon, and Lumen while the White House reportedly is creating an emergency group to respond to expanding cyberattacks by the country. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/u-s-lawmakers-agencies-move-to-stem-china-cyberthreat/
-
Zero-day Flaws Exposed EV Chargers to Shutdowns and Data Theft
NCC Group experts share details of how they exploited critical zero-day vulnerabilities in Phoenix Contact EV chargers (electric… First seen on hackread.com Jump to article: hackread.com/zero-day-flaws-ev-chargers-to-shutdowns-data-theft/
-
Researchers Win $70K for Reporting Zero-Day Flaws in EV Chargers
NCC Group experts share details of how they exploited critical zero-day vulnerabilities in Phoenix Contact EV chargers (electric… First seen on hackread.com Jump to article: hackread.com/researchers-win-reporting-ev-chargers-zero-day-flaws/
-
Casio Confirms Data Breach as Ransomware Group Leaks Files
Casio has shared more information on the recent cyberattack, for which a ransomware group has now taken credit. The post Casio Confirms Data Breach as Ransomware Group Leaks Files appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/casio-confirms-data-breach-as-ransomware-group-leaks-files/
-
America First Policy Institute, a Group Advising Trump, Says Its Systems Were Breached
A group helping to lay the groundwork for a future Donald Trump administration said its computer systems were breached. The post America First Policy Institute, a Group Advising Trump, Says Its Systems Were Breached appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/america-first-policy-institute-a-group-advising-trump-says-its-systems-were-breached/
-
Happy United States of America Indigenous Peoples’ Day
A Proclamation on Indigenous Peoples’ Day, 2021 Since time immemorial, American Indians, Alaska Natives, and Native Hawaiians have built vibrant and diverse cultures, safeguarding land, language, spirit, knowledge, and tradition across the generations. On Indigenous Peoples’ Day, our Nation celebrates the invaluable contributions and resilience of Indigenous peoples, recognizes their inherent sovereignty, and commits to…
-
Iranian hackers now exploit Windows flaw to elevate privileges
The Iranian state-sponsored hacking group APT34, aka OilRig, has recently escalated its activities with new campaigns targeting government and critical infrastructure entities in the United Arab Emirates and the Gulf region. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oilrig-hackers-now-exploit-windows-flaw-to-elevate-privileges/
-
OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf
The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region.”The group utilizes sophisticated tactics that include deploying a backdoor that leverages Microsoft Exchange servers for credentials theft, and exploiting vulnerabilities…
-
Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale
U.S. and U.K. cyber agencies warn that Russia-linked group APT29 is targeting vulnerable Zimbra and JetBrains TeamCity servers on a large scale. Russia-linked cyber espionage group APT29 (aka SVR group, BlueBravo, Cozy Bear, Nobelium, Midnight Blizzard, and The Dukes) target vulnerable Zimbra and JetBrains TeamCity servers as part of a mass scale campaign, U.S. and U.K. cyber agencies warned. The Federal Bureau…
-
A Mysterious Hacking Group Has 2 New Tools to Steal Data From Air-Gapped Machines
It’s hard enough creating one air-gap-jumping tool. Researchers say the group GoldenJackal did it twice in five years. First seen on wired.com Jump to article: www.wired.com/story/goldenjackal-hacking-group-new-tools-air-gapped-machines/
-
Rhysida Leaks Nursing Home Data, Demands $1.5M From Axis
Ransomware Gang Could Have Axis Health’s Mental Health, Drug Abuse Records. Ransomware gang Rhysida is threatening to dump data on the dark web that belongs to a Colorado provider of mental health, substance abuse and other healthcare services unless it pays nearly $1.5 million. The group is leaking records it claims to have stolen from…