Tag: group
-
Hertz Confirms Data Breach After Hackers Stole Customer PII
by
in SecurityNewsHertz confirms data breach linked to Cleo software flaw; Cl0p ransomware group leaked stolen data, exposing names, driver’s… First seen on hackread.com Jump to article: hackread.com/hertz-confirms-data-breach-hackers-stole-customer-pii/
-
CISOs rethink hiring to emphasize skills over degrees and experience
by
in SecurityNews‘Hire differently’: France and ISC2 are among the 37% of leaders and organizations who have put in the work to make skills-based hiring an effective strategy, not just an empty promise.To improve outcomes, France works with the HR team to review job descriptions for open positions and then crafts them based on the organization’s current…
-
UNC5174 Deploys SNOWLIGHT Malware in Linux and macOS Attacks
A threat group believed to have ties with China’s state-sponsored cyber operations, identified as UNC5174, has launched a stealthy and technically advanced cyber campaign aimed at Linux and macOS environments. According to new research published by Sysdig, the group is… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/unc5174-snowlight-malware-linux-macos/
-
APT29 Hackers Use GRAPELOADER in New Attack Against European Diplomats
by
in SecurityNewsCheck Point Research (CPR) has uncovered a new targeted phishing campaign employing GRAPELOADER, a sophisticated initial-stage downloader, launched by the notorious Russian-linked hacking group APT29, known alternatively as Midnight Blizzard or Cozy Bear. This campaign, identified since January 2025, primarily focuses on European governments and diplomatic entities. Campaign Overview APT29, recognized for its sophisticated cyber…
-
Hacktivist Group Becomes More Sophisticated, Targets Critical Infrastructure to Deploy Ransomware
by
in SecurityNewsA recent report by Cyble has shed light on the evolving tactics of hacktivist groups, moving beyond traditional cyber disruptions like DDoS attacks and website defacements to engage in more advanced critical infrastructure attacks and ransomware operations. Advanced Attack Strategies Hacktivism is transforming into a complex tool of hybrid warfare, with groups adopting tactics traditionally…
-
Chinese UNC5174 Group Expands Arsenal with New Open Source Tool and C2 Infrastructure
by
in SecurityNewsThe Sysdig Threat Research Team (TRT) has revealed a significant evolution in the offensive capabilities of the Chinese state-sponsored threat actor, UNC5174. In late January 2025, after a year of diminished activity, the group launched a new campaign that introduced an open-source tool called VShell, alongside a new command and control (C2) infrastructure. This shift…
-
Cyberangriff auf ein Gesundheitszentrum in Kanada
by
in SecurityNewsBrunswick Health Group First seen on cmbmed.com Jump to article: www.cmbmed.com/cybersecurity-incident/
-
The most dangerous time for enterprise security? One month after an acquisition
by
in SecurityNewsFear of upgrading or purchasing any new security tech. Managers are hesitant to invest because they don’t know what the new parent company will decide, and they don’t want to waste money.Talented security people leave, along with the best people in every business unit. They are worried about being laid off, so they take whatever…
-
The TraderTraitor Crypto Heist: Nation-State Tactics Meet Financial Cybercrime
by
in SecurityNewsThe cryptocurrency sector has always been a magnet for cybercriminals, but the TraderTraitor campaign marks a different kind of threat”, one backed by state-sponsored actors with long-term goals and surgical precision. Allegedly linked to North Korea’s Lazarus Group, this campaign wasn’t just about breaking into wallets. It was about exploiting trust, manipulating human behavior, and…
-
The Smishing Triad Surge: Text-Based Threats Are Getting Smarter, Not Simpler
by
in SecurityNewsWhat began as a trickle of spammy messages has evolved into a sophisticated and dangerous phishing campaign. The Smishing Triad, an active cybercriminal group, is behind a surge of SMS-based phishing attacks (smishing) targeting organizations across sectors”, from healthcare to logistics to finance. Their focus? Gaining access to internal portals and enterprise email accounts by…
-
New ResolverRAT malware targets healthcare and pharma orgs worldwide
by
in SecurityNews
Tags: authentication, control, data, encryption, group, healthcare, infrastructure, malware, monitoring, network, organized, rat, strategy, threat, toolPersistence and stealthy C2 communication: The new RAT employs multiple persistence strategies, including more than 20 obfuscated registry entries and files dropped in multiple folders on disk. The malware keeps a record of which persistence techniques were successful to use them as a fallback mechanism.Communication with the command-and-control (C2) server uses TLS encryption with a…
-
Here’s What Happened to Those SignalGate Messages
by
in SecurityNews
Tags: groupA lawsuit over the Trump administration’s infamous Houthi Signal group chat has revealed what steps departments took to preserve the messages”, and how little they actually saved. First seen on wired.com Jump to article: www.wired.com/story/heres-what-happened-to-those-signalgate-messages/
-
Chinese Hackers Deploy Stealthy Fileless VShell RAT
by
in SecurityNewsMalware Hides in Memory, Evades Detection by Endpoint Tools. A Chinese state-backed hacking group tracked as UNC5174 relaunched its operations after a year of silence with a campaign using a memory-only remote access Trojan that evades traditional detection mechanisms, according to new research from cybersecurity firm Sysdig. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-hackers-deploy-stealthy-fileless-vshell-rat-a-28012
-
Texas Pediatric Orthopedics Clinic Says Hack Affects 140,000
by
in SecurityNewsRansomware Gang Qilin Claims to Have 42GB of Practice’s Stolen Data. Ransomware group Qilin posted at least 42 gigabytes of data stolen from a Texas pediatric orthopedic practice for sale on its darkweb leak site in February. In recent days, Central Texas Pediatric Orthopedics began notifying more than 140,000 people that their data was compromised…
-
Midnight Blizzard deploys new GrapeLoader malware in embassy phishing
by
in SecurityNewsRussian state-sponsored espionage group Midnight Blizzard is behind a new spear-phishing campaign targeting diplomatic entities in Europe, including embassies. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/midnight-blizzard-deploys-new-grapeloader-malware-in-embassy-phishing/
-
Multiple payloads deployed by Pakistan-nexus threat group against India
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/multiple-payloads-deployed-by-pakistan-nexus-threat-group-against-india
-
Chinese espionage group leans on open-source tools to mask intrusions
by
in SecurityNewsSysdig researchers say UNC5174’s use of open-source tools like VShell and WebSockets has likely helped the group mask its presence in other campaigns. First seen on cyberscoop.com Jump to article: cyberscoop.com/chinese-espionage-group-unc5174-open-source-tools/
-
Kidney Dialysis Services Provider DaVita Hit by Ransomware
by
in SecurityNewsDaVita has not named the ransomware group behind the incident or share details on the attacker’s ransom demands. The post Kidney Dialysis Services Provider DaVita Hit by Ransomware appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/kidney-dialysis-services-provider-davita-hit-by-ransomware/
-
Cyberangriff kostet IKEA-Betreiber mehrere Millionen
by
in SecurityNewsDie Folgen des Ransomware-Angriffs auf den Franchise-Nehmer der IKEA-Filialen in Südosteuropa sind noch immer zu spüren.Ende des vergangenen Jahres meldete die Fourlis Group, dass die technischen Probleme der IKEA-Onlineshops auf ‘böswillige externe Handlungen” zurückzuführen seien. Aus der Mitteilung ging hervor, dass der Cyberangriff sich im November 2024 ereignete und die Geschäftstätigkeit in Griechenland, Zypern, Bulgarien…
-
Crypto Developers Targeted by Python Malware Disguised as Coding Challenges
by
in SecurityNewsThe North Korea-linked threat actor assessed to be behind the massive Bybit hack in February 2025 has been linked to a malicious campaign that targets developers to deliver new stealer malware under the guise of a coding assignment.The activity has been attributed by Palo Alto Networks Unit 42 to a hacking group it tracks as…
-
Top Four Considerations for Zero Trust in Critical Infrastructure
by
in SecurityNews
Tags: access, ai, attack, authentication, automation, best-practice, breach, business, cctv, ceo, cloud, communications, compliance, corporate, cyber, cybersecurity, data, defense, email, encryption, exploit, finance, group, hacker, healthcare, identity, infrastructure, iot, law, malicious, mfa, nis-2, privacy, regulation, risk, saas, service, software, strategy, threat, tool, vulnerability, zero-trustTop Four Considerations for Zero Trust in Critical Infrastructure madhav Tue, 04/15/2025 – 06:43 TL;DR Increased efficiency = increased risk. Critical infrastructure organizations are using nearly 100 SaaS apps on average and 60% of their most sensitive data is stored in the cloud. Threat actors aren’t naive to this, leading to a whopping 93% of…
-
Cybercriminal groups embrace corporate structures to scale, sustain operations
by
in SecurityNewsIn this Help Net Security interview, Sandy Kronenberg, CEO of Netarx, discusses how cybercriminal groups are adopting corporate structures and employee incentives to scale … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/15/sandy-kronenberg-netarx-cybercriminal-groups-corporate-structures/
-
BPFDoor Malware Uses Reverse Shell to Expand Control Over Compromised Networks
by
in SecurityNewsA new wave of cyber espionage attacks has brought BPFDoor malware into the spotlight as a stealthy and dangerous tool for compromising networks. According to security experts at Trend Micro, BPFDoor is a state-sponsored backdoor attributed to the advanced persistent threat (APT) group known as Earth Bluecrow (also referred to as Red Menshen). This malware…
-
New Windows updates fix Active Directory policy issues
by
in SecurityNewsMicrosoft has released emergency Windows updates to address a known issue affecting local audit logon policies in Active Directory Group Policy. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-new-emergency-windows-updates-fix-ad-policy-issues/
-
Chinese APT Group Targets Ivanti VPN Vulnerabilities to Breach Networks
by
in SecurityNews
Tags: apt, attack, breach, china, cyber, cybersecurity, data-breach, group, ivanti, network, threat, vpn, vulnerabilityIn a concerning report from cybersecurity firm TeamT5, it has been revealed that a Chinese Advanced Persistent Threat (APT) group leveraged critical vulnerabilities in Ivanti Connect Secure VPN appliances to launch a global cyberattack. The breach affected nearly 20 industries across 12 countries, leaving networks exposed and under persistent threat. Global Victimology The widespread attack…
-
New emergency Windows updates fix AD policy issues
by
in SecurityNewsMicrosoft has released emergency Windows updates to address a known issue affecting local audit logon policies in Active Directory Group Policy. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-new-emergency-windows-updates-fix-ad-policy-issues/
-
Slow Pisces Group Targets Developers Using Coding Challenges Laced with Python Malware
by
in SecurityNewsA North Korean state-sponsored threat group known as >>Slow Pisces
-
The Most Dangerous Hackers You’ve Never Heard Of
From crypto kingpins to sophisticated scammers, these are the lesser-known hacking groups that should be on your radar. First seen on wired.com Jump to article: www.wired.com/story/most-dangerous-hackers-youve-never-heard-of/
-
Brass Typhoon: The Chinese Hacking Group Lurking in the Shadows
Though less well-known than groups like Volt Typhoon and Salt Typhoon, Brass Typhoon, or APT 41, is an infamous, longtime espionage actor that foreshadowed recent telecom hacks. First seen on wired.com Jump to article: www.wired.com/story/brass-typhoon-china-cyberspies/