Ukraine's top cybersecurity agency says Russian hackers took a sudden interest in obtaining personal data and mounted successful attacks against more than one-third of the country's largest insurers. It predicts the stolen data may end up for sale on the dark web.
A newly uncovered hacking group with a string of cyberespionage successes is targeting Ukrainian and pro-Russian targets alike. Malwarebytes in a Wednesday dubs the threat actor "Red Stinger," saying the group is the same as the "Bad Magic" threat actor revealed by Kaspersky in March.
In the latest weekly update, ISMG editors discuss how the Feds have dismembered Russia's 'Snake' cyberespionage operation; the ongoing debate over privacy laws and regulations in the APAC region; and why more companies are banning the use of generative AI tool ChatGPT.
A possibly Russian state hacking group has been deploying a novel backdoor dubbed DownEx against international governmental targets located in Kazakhstan and Afghanistan, reports Bitdefender. At least one victim appears to be an embassy located in Kazakhstan.
A European Parliament committee investigating commercial spyware tools such as Pegasus recommended new regulatory safeguards but dropped a preliminary call for a moratorium. Members condemned "major violations of EU law in Poland and Hungary" for those governments' use of commercial spyware.
Federal officials say a global operation has disrupted Snake, the Russian government's "foremost cyberespionage tool," wielded by its Turla nation-state hacking group. The sophisticated malware has been tied to the theft of secret and classified information from numerous governments and businesses.
When Russia launched its all-out war against Ukraine in February 2022, many cybersecurity watchers feared ransomware groups would serve as a proxy force. But Moscow doesn't appear to have deputized cybercrime-driven crypto-locking malware brigades.
Ukrainian cyber defenders say they spotted a malicious script used to activate the delete option on a Windows file archiving utility likely planted by the Russian intelligence agency unit Sandworm. CERT-UA says attackers likely used a compromised VPN credential to gain access.
An international police operation last month seized Genesis, the largest market for stolen browse cookies, online fingerprints and other types of credentials used for account takeover. Cybersecurity expert John Fokker, whose team at Trellix assisted police, shares insights from the takedown.
Offense is what paces innovation in cybersecurity since threat actors constantly look for new ways to compromise systems, said AllegisCyber Capital's Bob Ackerman. Many offensive cyber capabilities developed by the national intelligence community make their way into the wild and become exploitable.
Iranian hackers are deploying an updated backdoor apparently targeting Israeli academic researchers with an interest in Iraq. A group's newly dubbed "Educated Manticore" is sending Iraq-themed bait to coax deployment of an implant known as PowerLess.
OT attacks have doubled. Mark Cristiano, global commercial director of cybersecurity services at Rockwell Automation, discusses how organizations can develop a strategic approach to OT security that aligns with their risk profile, cyber maturity and ability to absorb change.
A Chinese and a Hong Kong national are each under U.S. federal indictment for their roles in channeling cryptocurrency stolen by North Korean hackers into hard currency. Prosecutors also indicted a North Korean man for representing the sanctioned Korea Kwangson Banking Corp.
A North Korean backdoor targeting Linux desktop users shares infrastructure with the hacking group behind the 3CX software supply chain hack. Cybersecurity firm Eset analyzed the backdoor and connected it with a Pyongyang fake job recruiting campaign generally known as Operation Dream Job.
The North Korean software supply chain attack on a Chicago financial trading software developer infected additional victims besides 3CX, including organizations in the energy sector, says Symantec Threat Hunter Team. One organization is located in the United States, the other in Europe.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
