Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION
Security Affairs
JANUARY 7, 2024
Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea Merck settles with insurers regarding a $1.4
This site uses cookies to improve your experience. By viewing our content, you are accepting the use of cookies. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country we will assume you are from the United States. View our privacy policy and terms of use.
Security Affairs
JANUARY 7, 2024
Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea Merck settles with insurers regarding a $1.4
Krebs on Security
FEBRUARY 9, 2023
Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “ Trickbot ,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. companies and government entities.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Krebs on Security
MARCH 1, 2022
A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. On Sunday, Feb. ” GAP #1.
Krebs on Security
SEPTEMBER 30, 2023
GandCrab dissolved in July 2019, and is thought to have become “ REvil ,” one of the most ruthless and rapacious Russian ransomware groups of all time. In April 2020, Truniger was banned from two of the top Russian cybercrime forums, where members from both forums confirmed that Semen7907 was one of Truniger’s known aliases.
Krebs on Security
MARCH 22, 2022
Pavel Vrublevsky , founder of the Russian payment technology firm ChronoPay and the antagonist in my 2014 book “ Spam Nation ,” was arrested in Moscow this month and charged with fraud. RedEye also was the administrator of Crutop , a Russian language forum and affiliate program that catered to thousands of adult webmasters.
Krebs on Security
JUNE 1, 2023
This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. Russian motor vehicle records show two different vehicles are registered to this person at the same Moscow address.
IT Governance
APRIL 28, 2022
An unusual attack. Unlike most cyber attacks, ransomware isn’t designed to sneak in undetected and exfiltrate data before the organisation closes the vulnerability. It instead takes a shock-and-awe approach, crippling the victim’s system, encrypting sensitive data and making it obvious that an attack is underway.
IT Governance
JUNE 16, 2022
Channel 4 has faced heavy criticism after broadcasting a fake emergency news message warning that the UK is about to be hit by a catastrophic cyber attack. The threat of crippling nation-state cyber attacks has existed for years, dating back at least to the interference of the US Presidential Election in 2016.
The Security Ledger
DECEMBER 9, 2020
Related Stories Episode 194: What Happened To All The Election Hacks? The Department of Justice in October announced charges against six men believed to work for the Russian GRU and linked to some of the most sinister cyber attacks of the last decade including the NotPetya malware and attacks on the government of Ukraine.
Krebs on Security
JUNE 28, 2022
On December 7, 2021, Google announced it was suing two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. Kilmer said RSOCKS was similarly disabled after Google’s combined legal sneak attack and technical takedown targeting Glupteba.
IT Governance
DECEMBER 20, 2022
It’s been a year full of predictable and unpredictable incidents alike, and in this blog, we’ve compiled the most memorable stories of 2022. You can see more incidents from January in our list of data breaches and cyber attacks. Tensions rose throughout February as the Russian military amassed across the Ukrainian border.
Security Affairs
JANUARY 27, 2019
Russian hacker Alexander Zhukov extradited by Bulgaria to US. Hacker threatened a family using a Nest Camera to broadcast a fake missile attack alert. DHS issues emergency Directive to prevent DNS hijacking attacks. New Russian Language Malspam is delivering Redaman Banking Malware. 20% discount. Paper Copy.
eSecurity Planet
DECEMBER 2, 2021
Hacking groups linked to Russia, China and India are leveraging a novel attack technique that makes it easier for them to spread malware , steal data and evade detection, according to a report this week by security firm Proofpoint. Bad actors are using the new technique to leverage RTF text file attachments in phishing emails.
Krebs on Security
DECEMBER 29, 2022
Thanks to your readership and support, I was able to spend more time in 2022 on some deep, meaty investigative stories — the really satisfying kind with the potential to affect positive change. I will also continue to post on LinkedIn about new stories in 2023.
KnowBe4
FEBRUARY 14, 2023
link] Spear Phishing Attacks Increase 127% As Use of Impersonation Skyrockets Impersonation of users, domains and brands is on the rise, as is the use of malicious links, in response to security vendors improving their ability to detect malicious attachments. Date/Time: TOMORROW, Wednesday, February 15, @ 2:00 PM (ET) Save My Spot!
Krebs on Security
DECEMBER 14, 2023
Shortly after breaking the Target story, KrebsOnSecurity reported that Rescator appeared to be a hacker from Ukraine. Efforts to confirm my reporting with that individual ended when they declined to answer questions, and after I declined to accept a bribe of $10,000 not to run my story.
ForAllSecure
AUGUST 30, 2022
What if you could simulate an ongoing attack to test your teams’ readiness? SimSpace, a cyber range company, joins The Hacker Mind podcast to explain how using both live Red Teams and automated cyber ranges can keep your organization ahead of the attackers. So the question is, what are the Russians up to?
Krebs on Security
DECEMBER 16, 2019
Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “ Evil Corp ” and stole roughly $100 million from businesses and consumers. Bogachev, in undated photos.
KnowBe4
MAY 9, 2023
CyberheistNews Vol 13 #19 | May 9th, 2023 [Watch Your Back] New Fake Chrome Update Error Attack Targets Your Users Compromised websites (legitimate sites that have been successfully compromised to support social engineering) are serving visitors fake Google Chrome update error messages. The message displayed reads, "UPDATE EXCEPTION.
KnowBe4
JUNE 27, 2023
Today, your organizations' incident response and crisis management plan should also have an effective strategy to recover from disinformation attacks. Request your kit now to learn how ransomware has evolved, what new attack vectors you need to be prepared for, and our best advice on how to protect your organization.
KnowBe4
JULY 5, 2023
We've seen plenty of attacks that impersonated a single brand along with a few domains used to ensure victims can be taken to a website that seeks to harvest credentials or steal personal information. But I don't think an attack of such magnitude as the one identified by security researchers at Internet security monitoring vendor Bolster.
Krebs on Security
JULY 16, 2019
What follows are a series of clues that point to the likely real-life identity of a Russian man who appears responsible for enabling a ridiculous amount of cybercriminal activity on the Internet today. The document shows he was born in Ukraine and is approximately 36 years old. Image: Intel471. The company says he moved to St.
IT Governance
JANUARY 30, 2024
Welcome to this week’s global round-up of the biggest and most interesting news stories. At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: 2 PB. Data breached: 750 million victims’ personal data.
KnowBe4
APRIL 25, 2023
In an interesting twist, new data hints that organizations with cyber insurance may be relying on it too much, instead of shoring up security to ensure attacks never succeed. Regardless of whether cyber insurance is prevalent, according to Barracuda, 27% of organizations say they are not fully prepared for an attack.
ForAllSecure
MAY 30, 2023
Mark Lance, the VP of DFIR and Threat intelligence for GuidePoint Security, provides The Hacker Mind with stories of ransomware cases he’s handled. VAMOSI: Four days after the Russian invasion of Ukraine, on February 28, 2022, members of the Conti ransomware group began leaking information about the internal operations.
ForAllSecure
APRIL 26, 2022
Can criminal hackers shut down a city’s electrical grid? There’s a classic trope in fiction, that a criminal hacker somehow gets information that allows them or their team to take down a power grid of a major city. In December, 2016, the lights went out in Kyiv, Ukraine. Well, nothing’s impossible.
KnowBe4
JUNE 20, 2023
1 Root Cause of Data Breaches Verizon's DBIR always has a lot of information to unpack, so I'll continue my review by covering how stolen credentials play a role in attacks. As an example, in Basic Web Application Attacks, the use of stolen credentials was involved in 86% of attacks. US officials have confirmed this news.
ForAllSecure
JULY 6, 2022
There’s an online war in Ukraine, one that you haven’t heard much about because that country is holding its own with an army of infosec volunteers worldwide. But in all probability, there's more likelihood of what we call the 'backhoe attack' that would have more impact on a region than Code Red, or anything we've seen so far.”
ForAllSecure
OCTOBER 25, 2022
PBS : Judy Woodruff: Officials confirm that a Russian criminal group is behind the hacking of a crucial energy pipeline. William Bangham is back now with the latest on that story. With ransomware, attackers encrypt an organization's data and hold it hostage until a ransom is paid. Ransomware is not new.
IT Governance
FEBRUARY 24, 2022
As the threat of war between Russia and Ukraine reached breaking point this week, experts noted that the conflict would play out not only in the Donbas border area but also in cyberspace. “Another mass DDoS attack on our state [has] begun,” Ukraine’s Digital Transformation Minister, Mykhaylo Fedorov, wrote on Telegram.
KnowBe4
MARCH 7, 2023
They started out with: "As Putin began his invasion of Ukraine, a network used throughout Europe—and by the Ukrainian military—faced an unprecedented cyberattack that doubled as an industrywide wake-up call. The Viasat hack was widely considered a harbinger of attacks to come." What they refer to is the Viasat hack.
KnowBe4
MAY 2, 2023
link] Latest QBot Attacks Use a Mixture of PDF Attachments and Windows Scripting Host Files to Infect Victims QBot malware seems to be outliving its competitors through innovative new ways to socially engineer victims into helping install it. Fed's Jerome Powell was social engineered by Russian pranksters posing as Zelensky.
KnowBe4
MARCH 21, 2023
CyberheistNews Vol 13 #12 | March 21st, 2023 [Heads Up] This Week's New SVB Meltdown Social Engineering Attacks On Saturday March 11, I warned about the coming wave of phishing attacks that would undoubtedly follow the SVB collapse. com and many others that will probably all be used for business email compromise (BEC) attacks.
Schneier on Security
MARCH 5, 2020
In the 1980s, for example, the Soviet Union spread the false story that the US Department of Defense bioengineered HIV in order to kill African Americans. Researchers have confirmed that Russian trolls and bots tweeted anti-vaccination messages at up to 22 times the rate of average users.
KnowBe4
FEBRUARY 28, 2023
Grimes Teaches Data-Driven Defense Even the world's most successful organizations have significant weaknesses in their cybersecurity defenses, which today's determined hackers can exploit at will. The attacker first sent smishing messages to several Coinbase employees, urging them to click a link and log in to their Coinbase work account.
Security Affairs
NOVEMBER 26, 2023
million patients in the U.S. million patients in the U.S.
Schneier on Security
JUNE 11, 2018
The story behind this request is one of sophisticated malware and unsophisticated home-network security, and it's a harbinger of the sorts of pervasive threats from nation-states, criminals and hackers that we should expect in coming years. The FBI suggested the Russian government was involved for two circumstantial reasons.
The Last Watchdog
JUNE 28, 2018
Today he commands a cyber army, some 7,000 hackers and support staff strong, that has emerged as a potent and disruptive force. The Wall Street Journal recently reported that North Korea is cultivating elite hackers much like other countries train Olympic athletes. Meanwhile, Iran-sponsored cyber operatives are making hay, as well.
Schneier on Security
NOVEMBER 27, 2018
On November 4, 2016, the hacker "Guccifer 2.0,: a front for Russia's military intelligence service, claimed in a blogpost that the Democrats were likely to use vulnerabilities to hack the presidential elections. s are intended to undermine public confidence in voting: a cyber-attack against the US democratic system.
Expert insights. Personalized for you.
We have resent the email to
Are you sure you want to cancel your subscriptions?
Let's personalize your content