Tag: group
-
Russia’s Secret Blizzard APT targets Ukraine with Kazuar backdoor
Russia-linked APT group Secret Blizzard is using Amadey Malware-as-a-Service to infect systems in Ukraine with the Kazuar backdoor. The Russia-linked APT group Secret Blizzard (aka Turla, Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON) was spotted using the Amadey malware to deploy the KazuarV2 backdoor on devices in Ukraine. The experts observed threat actors using the Amadey bot malware between March and April 2024. Microsoft highlights…
-
Operation Digital Eye: Chinese APT Exploits Visual Studio Code Tunnels in High-Stakes Espionage Campaign
by
in SecurityNewsIn a sophisticated cyberespionage campaign dubbed Operation Digital Eye, SentinelOne and Tinexta Cyber uncovered activities linked to a Chinese Advanced Persistent Threat (APT) group targeting large business-to-business IT service providers... First seen on securityonline.info Jump to article: securityonline.info/operation-digital-eye-chinese-apt-exploits-visual-studio-code-tunnels-in-high-stakes-espionage-campaign/
-
Russia takes unusual route to hack Starlink-connected devices in Ukraine
by
in SecurityNewsSecret Blizzard has used the resources of at least 6 other groups in the past 7 years. First seen on arstechnica.com Jump to article: arstechnica.com/security/2024/12/russia-takes-unusual-route-to-hack-starlink-connected-devices-in-ukraine/
-
North Korean hackers behind $50 million crypto heist of Radiant Capital
by
in SecurityNewsResearchers attributed the attack on the cryptocurrency platform to a group housed within North Korea’s Reconnaissance General Bureau (RGB).]]> First seen on therecord.media Jump to article: therecord.media/radiant-capital-heist-north-korea
-
Clearinghouse Pays $250K Settlement in Web Exposure Breach
by
in SecurityNewsInmediata Health Group Has Paid $2.7M in Fines, Civil Claims for 2019 HIPAA Breach. A breach that exposed the personal information of nearly 1.6 million patients of a Puerto Rico-based clearinghouse has led to a $250,000 financial settlement with federal regulations for multiple HIPAA violations. The 2019 leak has cost Inmediata Health $2.7 million in…
-
Chinese APT Groups Targets European IT Companies
by
in SecurityNewsEvidence Mounts for Chinese Hacking ‘Quartermaster’. A probable Chinese nation-state threat actor compromised Visual Studio Code and Microsoft Azure cloud infrastructure to target Western technology firms for espionage, security firms Tinexta Cyber and SentinelLabs said. The companies call the campaign Operation Digital Eye. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-apt-groups-targets-european-companies-a-27030
-
Russian cyber spies hide behind other hackers to target Ukraine
by
in SecurityNewsRussian cyber-espionage group Turla, aka “Secret Blizzard,” is utilizing other threat actors’ infrastructure to target Ukrainian military devices connected via Starlink. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/russian-cyber-spies-hide-behind-other-hackers-to-target-ukraine/
-
Cardiac surgery device manufacturer falls prey to ransomware
by
in SecurityNews
Tags: attack, breach, business, cyber, cyberattack, cybercrime, data, group, hacker, healthcare, ransom, ransomware, service, supply-chainThe healthcare industry has been increasingly in the crosshairs of cyberattackers this year, with ransomware near the top of the sector’s biggest cyber threats. Hackers are attacking IT systems and personal data, among other things, with the aim of manipulation or theft. But it’s not just hospitals that are affected by cyberattacks; their suppliers are under attack as well.…
-
Electrica Group impacted by ongoing ransomware attack
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/electrica-group-impacted-by-ongoing-ransomware-attack
-
US sanctions Chinese cybersecurity firm over global malware campaign
by
in SecurityNews
Tags: attack, breach, china, computer, control, corporate, credentials, cve, cyber, cyberattack, cybersecurity, email, encryption, exploit, finance, firewall, fraud, government, group, healthcare, identity, infection, infrastructure, intelligence, international, malicious, malware, monitoring, network, office, password, ransomware, risk, service, software, sophos, technology, terrorism, threat, tool, vulnerability, zero-dayThe US government has imposed sanctions on Chinese cybersecurity firm Sichuan Silence Information Technology and one of its employees, Guan Tianfeng, for their alleged involvement in a 2020 global cyberattack that exploited zero day vulnerabilities in firewalls.The actions were announced by the US Department of the Treasury and the Department of Justice (DOJ), which also…
-
Patchwork APT Targets Chinese Scientific Research in Renewed Campaign
by
in SecurityNewsA new wave of cyberattacks targeting Chinese scientific organizations has been identified by cybersecurity researchers at Hunting Shadow Lab. The campaign, attributed to the Patchwork APT group (also known as... First seen on securityonline.info Jump to article: securityonline.info/patchwork-apt-targets-chinese-scientific-research-in-renewed-campaign/
-
Attackers exploit zero-day RCE flaw in Cleo managed file transfer
by
in SecurityNews
Tags: advisory, attack, cve, edr, exploit, firewall, flaw, group, Internet, malicious, mitigation, moveIT, powershell, ransomware, rce, remote-code-execution, software, tool, update, vulnerability, vulnerability-management, windows, zero-daySecurity researchers have warned about in-the-wild attacks that exploit a remote code execution vulnerability in managed file transfer (MFT) solutions developed by enterprise software vendor Cleo Communications.The impacted products include the latest versions of Cleo LexiCom, Cleo VLTrader and Cleo Harmony, with experts advising to temporarily disconnect these systems from the internet until a patch…
-
‘Termite’ Ransomware Likely Behind Cleo Zero-Day Attacks
by
in SecurityNewsThe threat actor group recently took credit for a similar attack on Blue Yonder that affected multiple organizations, including Starbucks. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/termite-ransomware-behind-cleo-zero-day-attacks
-
Hospital Notifies 316,000 of Breach in Christmas 2023 Hack
by
in SecurityNewsCybercriminal Gang Money Message Claims Credit, Publishes Stolen Records. A Massachusetts hospital is notifying 316,000 people that their information was compromised in a cyberattack discovered nearly a year ago on Christmas 2023. Cybercriminal group Money Message had claimed that it stole 600 gigabytes data, posting patient and employee records on the dark web. First seen…
-
Scam Kit Maker Rebuilding Business After Telegram Channel Shut Down
by
in SecurityNewsSpartanWarrioz, whose prolific phishing kit business took a hit when the group’s Telegram channel was shut down in November, is rebounding quickly, creating a new channel and courting former subscribers as it rebuilds its operations, Forta researchers say. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/scam-kit-maker-rebuilding-business-after-telegram-channel-shut-down/
-
Romanian energy supplier Electrica hit by ransomware
by
in SecurityNews
Tags: attack, ceo, cyberattack, cybersecurity, election, group, hacker, identity, infrastructure, ransomware, russiaFirst, the Romanian presidential election was annulled after being targeted with cyberattacks from foreign state-sponsored actors and a suspected Russian-controlled massive TikTok influence campaign. Now the Electrica Group, a major electricity provider with 3.8 million customers in Romania, has fallen victim to a ransomware attack.The company told investors on Dec. 9 that it is working with national cybersecurity authorities…
-
Black Hat: Latest news and insights
by
in SecurityNewsThe infosecurity world decamps to London this week, with research on vulnerabilities in AI systems at the fore of the latest edition of Black Hat Europe.The four-day program runs from Dec. 9-12, with two-and four-day options of hands-on trainings, but the main event at ExCeL London occurs on Dec. 11 and 12 featuring the latest research, developments,…
-
Utility Companies Face 42% Surge in Ransomware Attacks
by
in SecurityNewsThe utilities sector saw a 42% surge in ransomware incidents over the past year, with groups like Play focusing on targets with IT and OT systems First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/utility-companies-42-surge/
-
Hackers Weaponize Visual Studio Code Remote Tunnels for Cyber Espionage
by
in SecurityNewsA suspected China-nexus cyber espionage group has been attributed to an attacks targeting large business-to-business IT service providers in Southern Europe as part of a campaign codenamed Operation Digital Eye.The intrusions took place from late June to mid-July 2024, cybersecurity companies SentinelOne SentinelLabs and Tinexta Cyber said in a joint report shared with The Hacker…
-
Hackers Target Android Users via WhatsApp to Steal Sensitive Data
Researchers analyzed a malicious Android sample created using Spynote RAT, targeting high-value assets in Southern Asia, which, likely deployed by an unknown threat actor, aims to compromise sensitive information. Although the target’s precise location and nature have not been disclosed, its high-value nature suggests that advanced persistent threat (APT) groups may be interested in it. …
-
Top tips for CISOs running red teams
by
in SecurityNewsRed team is the de facto standard in offensive security testing when you want to know how all security investments, from technological controls to user training to response procedures, work together when subjected to a targeted attack. Unlike penetration testing, which aims to comprehensively assess a system, or purple team, which assesses detection and response…
-
Authorities Dismantled Hackers Who Stolen Millions Using AirBnB
by
in SecurityNews
Tags: breach, cyber, cybercrime, exploit, finance, fraud, group, hacker, international, network, phishing, vulnerabilityAn international cybercrime network responsible for stealing millions of euros across at least ten European countries has been dismantled in a joint operation by the Rotterdam Police Cybercrime Team and the Belgian police. The sophisticated criminal group employed phishing schemes and bank helpdesk fraud to exploit vulnerable victims, with call centers set up in luxury…
-
Romanian energy supplier Electrica Group is facing a ransomware attack
by
in SecurityNewsRomanian energy supplier Electrica Group is investigating an ongoing ransomware attack impacting its operations. Romanian energy supplier Electrica Group suffered a cyber attack that is impacting its operations. The company assured investors that the attack hadn’t affected its critical systems, but temporary disruptions in customer services might occur due to enhanced security protocols. These measures…
-
Deloitte denied its systems were hacked by Brain Cipher ransomware group
by
in SecurityNewsDeloitte has responded to claims by the Brain Cipher ransomware group, which alleges the theft of over 1 terabyte of the company’s data. Recently, the ransomware group Brain Cipher added Deloitte UK to its Tor leak site. The gang claimed to have stolen one terabyte of compressed data from the company. A Deloitte spokesperson addressed…
-
New ‘Termite’ ransomware group claims responsibility for Blue Yonder cyberattack
by
in SecurityNewsThe ransomware looks to be a re-worked variant of Babuk. First seen on cyberscoop.com Jump to article: cyberscoop.com/termite-ransomware-blue-yonder-disruption/
-
Ukraine says Russian hackers are targeting country’s defense contractors
by
in SecurityNewsUkraine’s Computer Emergency Response Team (CERT-UA) said in a report published over the weekend that a hacking group has been targeting the country’s defense and military companies with phishing attacks. The CERT identified the hacking group as UAC-0185, also known as UNC4221, without saying who was behind the group. Earlier this year, however, […] First…
-
Romanian energy supplier Electrica hit by ransomware attack
by
in SecurityNewsElectrica Group, a key player in the Romanian electricity distribution and supply market, is investigating a ransomware attack that was still “in progress” earlier today. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/romanian-energy-supplier-electrica-hit-by-ransomware-attack/
-
Suspected Russian hackers target Ukrainian defense enterprises in new espionage campaign
by
in SecurityNewsUkraine’s military computer emergency response team said the group sent phishing emails disguised as invitations to a legitimate defense conference that took place in Kyiv last week.]]> First seen on therecord.media Jump to article: therecord.media/suspected-russian-hackers-target-ukrainian-enterprises-espionage