Threats from API and application vulnerabilities increased in 2022, but ransomware, human error and hygiene continue to pose the greatest threats to organizations, according to findings from CyberTheory's 2022 Performance Study. CyberTheory's Steve King shares how education can make a difference.
Attackers are continuing to target unpatched VMware hosts to infect them with ESXiArgs and RansomExx2 crypto-locking malware and hold them to ransom. VMware urges immediate updating, saying that the attacks don't appear to be targeting zero-day vulnerabilities but rather long-patched flaws.
Russian military intelligence agency hackers walloped Ukraine with waves of data wipers and phishing attacks, but the torrent of destructive cyberattacks doesn't appear to have been as effective as previous Russian cyberattacks, report researchers from the Google Threat Analysis Group and Mandiant.
A ransomware incident last fall that disrupted some of hospital chain CommonSpirit's operations for at least a month has cost the organization $150 million in lost revenue, remediation and other expenses so far. CommonSpirit also likely faces additional legal expenses.
Negotiations between the LockBit ransomware-as-a-service gang and Royal Mail appear to have broken down shortly after a postal representative called the criminal group's $80 million extortion demand "absurd." A LockBit ransomware attack incapacitated Royal Mail's international shipping operation.
The California city of Oakland is in a state of emergency as its response to a ransomware attack enters its second week. The attack did not affect emergency systems, including 911 dispatch and fire services, or the city's financial systems, the city says.
Vladislav Klyushin, who ran a Moscow-based IT services firm associated with the Russian government, has been found guilty of running a criminal hacking scheme that earned $90 million via insider trading. He faces up to 50 years in prison. His four alleged co-conspirators remain at large.
As ransomware continues to disrupt British organizations, the U.K. for the first time has sanctioned alleged cybercriminals, including accused Conti and TrickBot operators. Ransomware victims must conduct due diligence before paying any ransom, as violating sanctions carries severe penalties.
Police busted nine members of a cyber fraud gang that targeted mainly Americans. Spanish police arrested eight members, and U.S. authorities arrested one. In less than a year, the ring pocketed 5 million euros in scammed funds, say the Spanish National Police.
Group-IB says a July 2022 spear-phishing attempt on its own employees came from the Chinese threat actor known variously as Tonto Team and CactusPete. Tonto Team may be a unit of China's People's Liberation Army. Malwarebytes says the group has ramped up spying against Russian government agencies.
A cryptocurrency service that North Korean hackers used to launder stolen funds and that was sanctioned by the U.S. Department of the Treasury appears to have resumed as "Sinbad." It has laundered almost $100 million in bitcoin from hacks by Lazarus Group, says blockchain analysis firm Elliptic.
Ahead of RSA Conference 2023, Greg Day, a program committee member focusing on "hackers and threats," previews top themes at this year's event. Day, a member of the RSA Conference program committee, says one common theme is "old vulnerabilities and threat techniques being used in new environments."
The South Korean government sanctioned four North Korean individuals and seven organizations for their involvement in illegal cyber activities to finance the totalitarian regime's nuclear and missile development programs. Stolen cryptocurrency is a principle source of hard currency for North Korea.
The BlackCat ransomware-as-a-service group dumped more than 6 gigabytes worth of information stolen from Ireland's Munster Technological University staff. The Sunday dump appears to include sensitive data including staff medical diagnoses and student bank account information.
A previously unknown, self-proclaimed politically-motivated hacking group disrupted Israel's Technion University following a Sunday ransomware attack. Attackers, going under the name "DarkBit," took credit for the attack in a Telegram post accusing Technion of serving "an apartheid regime."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.