Operators of a new ransomware strain dubbed Cactus are using critical vulnerabilities in a data analytics platform to gain access to corporate networks. Cactus ransomware operators are also getting an assist from deploying Danabot malware that is distributed through malvertising.
This week, a KyberSwap hacker demanded total control, the U.S. Treasury called for additional tools to sanction crypto baddies, the Aerodrome and Velodrome DeFi platforms' front ends were hacked, a scam-as-a-service wallet drainer shut down, Indexed Finance thwarted hijacking attempts, and more.
Identity and authentication giant Okta said the attacker behind its September data breach stole usernames and contact details for all users of its primary customer support system and warned customers to beware potential follow-on phishing and social engineering attacks.
A cyber incident that incapacitated four major Australian ports for days also resulted in the theft by hackers of employee data, the port operator said Tuesday. Hackers obtained personal information of current and former employees of DP World Australia in an incident first detected on Nov. 10.
Police have arrested a group of criminals in Ukraine, including their alleged ringleader, who they suspect launched ransomware attacks against organizations across 71 countries, amassing at least 1,800 victims, from which they demanded ransoms collectively worth hundreds of millions of dollars.
Mobile banking Trojans spread through deceptive social media messages remain a problem for Indian smartphone users, warns Microsoft. India accounts for 4 in 10 global transactions made with digital payments, according to the National Payments Corporation of India.
A hacking group linked to Russian domestic intelligence and known as Gamaredon is deploying a worm dubbed "LitterDrifter" that is spread through thumb drives to attack Ukrainian organizations. LitterDrifter has two functions: automatic propagation and communication with command-and-control servers.
An Israeli private eye faces nearly seven years in U.S. prison after admitting he had overseen a hacking campaign against climate change activists. A Manhattan federal judge on Thursday sentenced Aviram Azari to 80 months in prison after he pleaded guilty in April 2022.
Russian state hackers targeted European embassies and international organizations in espionage attacks exploiting a recently patched vulnerability in a popular Windows utility for archiving files, say Ukrainian government cybersecurity researchers.
Operations resumed Monday at four major Australian ports incapacitated by a cybersecurity incident. Dubai-based DP World took systems offline Friday, provoking what government officials called a significant outage frustrating the movement of goods in and out of the country.
A cybersecurity incident at an operator of major Australian maritime ports caused what a government official on Saturday called a "nationally significant" outage frustrating the movement of goods in and out of the country. The incident affects the ports of Sydney, Melbourne, Brisbane and Fremantle.
A ransomware attack affecting the New York financial services subsidiary of the Industrial and Commercial Bank of China resulted in disruptions to the U.S. Treasury market. Close observers of the criminal underground say ransomware-as-a-service group LockBit is responsible.
A Russian digital extortion gang behind a raft of attacks on file transfer applications is now targeting a newly patched vulnerability in SysAid IT support software. Attacks can lead to ransomware and data theft, tweeted Microsoft late on Wednesday.
Ransomware hackers have seized on an exploit of a recently disclosed zero-day vulnerability in Atlassian Confluence instances days after the company urged its customers to patch immediately. Atlassian on Monday elevated the bug's criticality to 10, the maximum possible on the CVSS scale.
Members of Armenian civil society say they have received warnings from Apple regarding commercial spyware. John Scott-Railton, a senior researcher at The Citizen Lab, tweeted that "Apple threat notifications are 'clear & invaluable' signs something serious is going on."