A new espionage campaign has allowed an unidentified threat actor to access data, including communications and services, on thousands of devices belonging to South Koreans, reports Aazim Yaswant, an Android malware analyst at mobile security company Zimperium.
The U.S. Department of the Treasury has blacklisted cryptocurrency exchange Chatex, along with a network of entities the department says support it, for allegedly facilitating ransomware-related financial transactions. This action effectively bars Americans from doing business with the company.
Threat actors have breached critical systems internationally by exploiting a recently patched vulnerability in Zoho’s ManageEngine product ADSelfService Plus, with a suspected Chinese threat group leveraging leased infrastructure to scan hundreds of vulnerable organizations.
Following the arrest of suspected Clop ransomware operation members in Ukraine, Red Notices issued by Interpol seek the arrest of six more members of the Russian-speaking crime group, as part of what law enforcement agencies have dubbed Operation Cyclone.
The U.S. deputy attorney general said this week that the nation is ramping up efforts to cripple ransomware operations and other cybercrime through arrests and seizures of ransom payments. The Biden administration has called ransomware a threat to national security and an economic threat.
ISMG editors discuss: U.S. Sen. Angus King on the need for the federal government to form a clear, declarative cyber deterrence strategy, how CISA is ramping up efforts to support critical infrastructure defenses and the potential implications of the U.S. blacklisting of Israeli spyware firms.
The latest edition of the ISMG Security Report features insight from U.S. Sen. Angus King on why the federal government needs to declare a clear response to cybercriminals in order to deter them. Also featured: Ransomware affiliates gain power and promoting diversity of thought in cybersecurity.
CISA Director Jen Easterly and congressional leader John Katko, R-N.Y., agree that officials must take precautionary steps to identify "systemically important critical infrastructure" to reduce risks of pervasive supply chain cyberattacks.
India is in the last stage of rolling out a national cybersecurity strategy that aims to address challenges and appoint an apex body to regulate various government agencies, including CERT-In, the Cyber Crime Coordination Center and the National Critical Information Infrastructure Protection Center.
How is the ransomware ecosystem set to evolve? Since some operations overreached - notably with DarkSide's hit on Colonial Pipeline - "what we're seeing … is that there is going to be a power balance shift," says McAfee's John Fokker, with more affiliates, not gang leaders, calling the shots.
The National Rifle Association has reportedly fallen victim to a ransomware attack at the hands of a Russian cybercriminal gang known as Grief. The group has reportedly posted 13 files to its website after claiming to have hacked the gun rights advocacy group.
North Korean advanced persistent threat group Lazarus - aka Hidden Cobra - is developing supply chain attack capabilities using its multiplatform malware framework, MATA, for cyberespionage goals, according to researchers from Kaspersky.
CISA announced that Washington Secretary of State Kim Wyman will be the agency's senior election security lead. She will become a top security official within the Biden administration, inheriting a role that has garnered public attention following interference in 2016 and fraud claims in 2020.
The U.S. Department of State will create a Bureau of Cyberspace and Digital Policy, led by a Senate-confirmed ambassador-at-large, to advance its cybersecurity diplomacy efforts, according to Secretary of State Antony Blinken. The move is a response to a challenging global threat landscape.
Will the notorious ransomware operation known as REvil, aka Sodinokibi, reboot yet again after someone apparently messed with its infrastructure? Experts suggest that the operation's brand is burned, and administrators will launch a new group. Many affiliates, meanwhile, already work with multiple groups.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.