The United Kingdom's national cybersecurity agency on Friday marked the 20th anniversary of its response to the first-ever cyberattack against the government by disclosing how government agencies responded. The incident paved way for the launch of the National Cyber Security Center in 2016.
The new ransomware group 8Base is fast becoming a big player in the underground market, amassing nearly 40 victims in June - second only to the notorious LockBit ransomware gang. The group's top targets include business services, finance, manufacturing and IT industries.
Cyberattackers have hit Ukraine's critical infrastructure over 3,000 times since the beginning of the Russian invasion in 2022, according to Ukraine's national incident response team, which warned that such attacks may continue for years even after the fighting on the ground is over.
Ukrainian cyber police raided and closed more than a dozen fraudulent call centers last week, saying the operations were running fake investment scams that involved stealing cryptocurrency and payment card details from European and Central Asian citizens.
Microsoft discovered hackers targeting internet-facing Linux systems and IoT devices to steal IT resources for cryptocurrency mining operations. The campaign begins by brute-forcing target systems and devices and then uses a backdoor to deploy open-source tools such as rootkits and an IRC bot.
Apple has fixed multiple zero-days that were actively being exploited since 2019 and infect several iOS devices with a spyware implant dubbed TriangleDB via zero-click iMessage exploits. The tech giant said the vulnerabilities actively exploited iOS versions released before iOS 15.7.
The U.S. Department of Justice unveiled a new team - the National Security Cyber Section - to disrupt nation-state threat actors and prosecute them at the "earliest stages." NatSec Cyber will work closely with the DOJ's Computer Crime and Intellectual Property Section.
Cybersecurity defenders in Ukraine revealed multiple Russian spear-phishing campaigns including an effort by Kremlin military intelligence to penetrate open-source email servers used by government agencies. Russia is intensifying phishing campaigns against Ukraine.
Australian consumer lender Latitude Financial Services anticipates its spring cybersecurity incident will cost it up to AU$105 million, which includes a five-week period during which debt collection systems were severely affected by the attack.
In the days between May 19 and May 25, the spotlight was on flaws in Barracuda Networks Email Security Gateway appliances, another GoAnywhere data breach that affected Franklin Templeton Canada and an American teenager out on bail and facing federal charges for hacking DraftKings accounts.
Possibly Russian hackers likely compromised the official email address of Ukraine's embassy in Tajikistan to send phishing emails to organizations located in central Asia, Israel and India. The Computer Emergency Response Team of Ukraine tracks the campaign as UAC-0063.
Android smartphone device manufacturer Samsung has a patch for a flaw used by commercial surveillance hackers to implant malware in the United Arab Emirates. The U.S. Cybersecurity and Infrastructure Security Agency on Friday gave federal agencies until June 9 to patch the vulnerability.
Apple is patching actively exploited zero-day flaws in its browser rendering engine for mobile devices, and one cybersecurity firm says the vulnerabilities are likely evidence of takeover attacks. Two of the bugs were the subject of Apple's first-ever Rapid Security Response.
In this week's data breach roundup: the Philadelphia Inquirer, Swiss multinational ABB, French electronics manufacturer Lacroix, the U.S. Department of Transportation employee data and more. Dallas is still recovering from a ransomware attack and researchers infiltrated a ransomware group.
Ukraine's top cybersecurity agency says Russian hackers took a sudden interest in obtaining personal data and mounted successful attacks against more than one-third of the country's largest insurers. It predicts the stolen data may end up for sale on the dark web.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.