The U.S. Department of Justice today announced the arrest of Ukrainian man accused of deploying ransomware on behalf of the REvil ransomware gang, a Russian-speaking cybercriminal collective that has extorted hundreds of millions from victim organizations. The DOJ also said it had seized $6.1 million in cryptocurrency show more ...
Microsoft Corp. today released updates to quash at least 55 security bugs in its Windows operating systems and other software. Two of the patches address vulnerabilities that are already being used in active attacks online, and four of the flaws were disclosed publicly before today — potentially giving show more ...
Discover how cybercriminals find their targets on the dark web: For the average internet user, the dark web is something you only hear about in news broadcasts talking about the latest cyberattacks. But while you won’t find yourself in the dark web by accident, it’s important to know what it is and how you can show more ...
Someone recently hacked and attempted to extort Robinhood, the popular investment and trading platform, gaining access to millions of customers’ email addresses and full names in the process.
The two individuals arrested by Romanian authorities are allegedly responsible for 5,000 REvil infections, which in total pocketed half a million euros in ransom payments.
These November updates are often the last ones installed before going into the holiday shopping season when many companies lock down their systems to prevent disruptive changes.
The funding round was led by ICONIQ Growth with additional investments from Alkeon Capital and Salesforce Ventures. Existing investors GGV Capital, Cowboy Ventures, and Leaders Fund also participated.
In the Biden administration’s latest crackdown, the Justice Department also announced that it had seized $6.1 million in ransom paid to a Russian national who deployed REvil against Texan entities.
These companies, whose technology and software often underpin all the crucial operations of industrial businesses, design and are responsible for much of the digital landscapes that hackers target.
Officials at the United States Immigration and Customs Enforcement’s (ICE) Homeland Security Investigations (HSI) department in Texas have issued a warning about a new phone scam.
The former leader of U.S. Cyber Command and the National Security Agency shared his vision of a collaborative network of companies sharing cyber threat information in near-real-time.
The US Treasury Department announced today sanctions against the Chatex cryptocurrency exchange for helping ransomware gangs evade sanctions and facilitating ransom transactions.
MediaMarkt has suffered a Hive ransomware attack with an initial ransom demand of $240 million, causing IT systems to shut down and store operations to be disrupted in Netherlands and Germany.
The Spanish police have arrested 45 people who are believed to be members of an online fraud group that operated twenty websites to defraud at least 200 people of 1,500,000 Euros ($1.73 million).
Cybercriminals are investing in Google Ads to target victims with bogus wallets that steal credentials and deplete balances. So far, it appears that the fraudsters have stolen more than $500,000.
According to a new report, between July and October this year, Lyceum was spotted in attacks against ISPs and telecoms organizations across Israel, Morocco, Tunisia, and Saudi Arabia.
The healthcare industry might be known for the work it does to treat patients. With copious amounts of data collected by healthcare facilities, cybercriminals often target such entities.
The UK's biggest fishing shop has been hacked, with its website redirecting keen anglers to an adult website. Angling Direct said it was hit by the attack late on Friday.
Increased levels of cybersecurity activity are a fundamental business risk for retailers. From website outages to online fraud, security incidents lead to loss of sales and unhappy customers.
In the source of the webpage, no instance of “apiujquery” was found anywhere since the attackers were using "atob" Javascript function, an obfuscation technique often used by credit card skimmers.
Conti gang posted a statement apologizing to Arab royals, stating that they don't intend to sell or trade the data. They promise to implement a “rigid data review process for any future operations.”
While the company still beat expectations for Q3, the financial cost of the attack -- which was first reported by The Record -- illustrates how much damage DDoS incidents can cause.
The surge in DDoS attacks signal a re-distribution of tactics by malicious actors away from cryptomining and toward the use of DDoS as a tool of intimidation, disinformation, and extortion.
The discovery of the common initial access broker has revealed a tangled web of related attack infrastructure underpinning disparate (and in some cases rival) malware campaigns.
Enterprise information management solutions provider OpenText on Monday announced the acquisition of email security company Zix for $860 million. OpenText will acquire Zix for $8.50 per share in cash.
Palo Alto Networks discovered that Emissary Panda, a hacking group with ties to China, is exploiting Zoho software flaws in the networks of at least nine organizations in the defense, energy, technology, healthcare, and education sectors. The attackers were using malicious tools for credentials harvesting and stealing show more ...
Cryptocurrency has recently gained huge popularity among netizens. However, this has also drawn cybercriminals to various crypto platforms and their users for malicious intents and purposes.
SafeBreach announced that it has raised $53.5 million in Series D funding, led by Sonae IM and Israel Growth Partners (IGP), with additional participation from Sands Capital and Leumi Partners.
Forescout Research Labs, with support from Medigate Labs, have discovered a set of 13 new vulnerabilities affecting the Nucleus TCP/IP stack, which are collectively being referred to as NUCLEUS:13.
DomainTools described the deal as “a natural extension of both companies’ long-standing partnership to deliver the market-leading DNS intelligence and real-time security telemetry."
The compromised Docker Hub registry accounts were being used to host malicious images and were an active part of botnets and malware campaigns that abused the Docker REST API.
Google Assistant suffered from an authentication bypass vulnerability allowing a webpage to execute commands without permission.
This Metasploit module exploits a remote command injection vulnerability in Movable Type versions 7 r.5002 and below.
Moodle versions 3.10 to 3.10.1, 3.9 to 3.9.4, 3.8 to 3.8.7, and 3.5 to 3.5.16 suffer from cross site scripting and server-side request forgery vulnerabilities.
Ubuntu Security Notice 5134-1 - An information disclosure issue was discovered in the command line interface of Docker. A misconfigured credential store could result in supplied credentials being leaked to the public registry, when using the docker login command with a private registry.
Ubuntu Security Notice 5137-1 - It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service or possibly execute arbitrary code. show more ...
Ubuntu Security Notice 5136-1 - It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service or possibly execute arbitrary code. show more ...
Ubuntu Security Notice 5135-1 - It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 5130-1 - Jann Horn discovered a race condition in the tty subsystem of the Linux kernel in the locking for the TIOCSPGRP ioctl, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jann Horn discovered that show more ...
The U.S. government on Monday charged a Ukrainian suspect, arrested in Poland last month, with deploying REvil ransomware to target multiple businesses and government entities in the country, including perpetrating the attack against software company Kaseya, marking the latest action to crack down on the cybercrime group and curb further attacks. According to unsealed court documents,
Romanian law enforcement authorities have announced the arrest of two individuals for their roles as affiliates of the REvil ransomware family, dealing a severe blow to one of the most prolific cybercrime gangs in history. The suspects are believed to have orchestrated more than 5,000 ransomware attacks and extorted close to $600,000 from victims, according to Europol. The arrests, which
Robinhood on Monday disclosed a security breach affecting approximately 7 million customers, roughly a third of its user base, that resulted in unauthorized access of personal information by an unidentified threat actor. The commission-free stock trading and investing platform said the incident happened "late in the evening of November 3," adding it's in the process of notifying affected users.
No business is out of danger of cyberattacks today. However, specific industries are particularly at risk and a favorite of attackers. For years, the healthcare industry has taken the brunt of ransomware attacks, data breaches, and other cyberattacks. Why is the healthcare industry particularly at risk for a cyberattack? What are the unique challenges to cybersecurity in healthcare, and how can
No business is out of danger of cyberattacks today. However, specific industries are particularly at risk and a favorite of attackers. For years, the healthcare industry has taken the brunt of ransomware attacks, data breaches, and other cyberattacks. Why is the healthcare industry particularly at risk for a cyberattack? What are the unique challenges to cybersecurity in healthcare, and how can
Robinhood on Monday disclosed a security breach affecting approximately 7 million customers, roughly a third of its user base, that resulted in unauthorized access of personal information by an unidentified threat actor. The commission-free stock trading and investing platform said the incident happened "late in the evening of November 3," adding it's in the process of notifying affected users.
The U.S. government on Monday charged a Ukrainian suspect, arrested in Poland last month, with deploying REvil ransomware to target multiple businesses and government entities in the country, including perpetrating the attack against software company Kaseya, marking the latest action to crack down on the cybercrime group and curb further attacks. According to unsealed court documents,
Romanian law enforcement authorities have announced the arrest of two individuals for their roles as affiliates of the REvil ransomware family, dealing a severe blow to one of the most prolific cybercrime gangs in history. The suspects are believed to have orchestrated more than 5,000 ransomware attacks and extorted close to $600,000 from victims, according to Europol. The arrests, which
At least nine entities across the technology, defense, healthcare, energy, and education industries were compromised by leveraging a recently patched critical vulnerability in Zoho's ManageEngine ADSelfService Plus self-service password management and single sign-on (SSO) solution. The spying campaign, which was observed starting September 22, 2021, involved the threat actor taking advantage of
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of critical vulnerabilities affecting Philips Tasy electronic medical records (EMR) system that could be exploited by remote threat actors to extract sensitive personal data from patient databases. "Successful exploitation of these vulnerabilities could result in patients' confidential data being exposed or extracted
In what's yet another instance of supply chain attack targeting open-source software repositories, two popular NPM packages with cumulative weekly downloads of nearly 22 million were found to be compromised with malicious code by gaining unauthorized access to the respective developer's accounts. The two libraries in question are "coa," a parser for command-line options, and "rc," a
The U.S. government on Thursday announced a $10 million reward for information that may lead to the identification or location of key individuals who hold leadership positions in the DarkSide ransomware group or any of its rebrands. On top of that, the State Department is offering bounties of up to $5 million for intel and tip-offs that could result in the arrest and/or conviction in any country
