Data For 11 Million Patients Stolen In Breach Of HCA Healthcare

A Cybersecurity Wishlist Ahead Of NATO Summit

Ex-Employee Charged For Hacking Water Treatment Facility

Nickelodeon Probes Massive Data Leak As SpongeBob Fans Rejoice

Truebot RCE Attacks Exploit Critical Netwrix Auditor Bug

Shell Confirms MOVEit-Related Breach After Ransomware Group Leaks Data

Iranian Hacking Group Impersonating Nuclear Experts To Gain Intel From Western Think Tanks

LockBit Louts Unload At Japan's Most Prolific Cargo Port

Iranian Hackers' Sophisticated Malware Targets Windows and macOS Users

The Iranian nation-state actor known as TA453 has been linked to a new set of spear-phishing attacks that infect both Windows and macOS operating systems with malware. "TA453 eventually used a variety of cloud hosting providers to deliver a novel infection chain that deploys the newly identified PowerShell backdoor GorjolEcho," Proofpoint said in a new report. "When given the opportunity, TA453

Mexico-Based Hacker Targets Global Banks With Android Malware

FBI Finally Track Swatting Incidents As Attacks Increase

330K FortiGate Firewalls Are Unpatched And Open To RCE Attacks

Chinese Hackers Use HTML Smuggling to Infiltrate European Ministries with PlugX

A Chinese nation-state group has been observed targeting Foreign Affairs ministries and embassies in Europe using HTML smuggling techniques to deliver the PlugX remote access trojan on compromised systems. Cybersecurity firm Check Point said the activity, dubbed SmugX, has been ongoing since at least December 2022, adding it's part of a broader trend of Chinese adversaries shifting their focus

Iranian Hackers Using POWERSTAR Backdoor in Targeted Espionage Attacks

Charming Kitten, the nation-state actor affiliated with Iran's Islamic Revolutionary Guard Corps (IRGC), has been attributed to a bespoke spear-phishing campaign that delivers an updated version of a fully-featured PowerShell backdoor called POWERSTAR. "There have been improved operational security measures placed in the malware to make it more difficult to analyze and collect intelligence,"

From MuddyC3 to PhonyC2: Iran's MuddyWater Evolves with a New Cyber Weapon

The Iranian state-sponsored group dubbed MuddyWater has been attributed to a previously unseen command-and-control (C2) framework called PhonyC2 that's been put to use by the actor since 2021. Evidence shows that the custom made, actively developed framework has been leveraged in the February 2023 attack on Technion, an Israeli research institute, cybersecurity firm Deep Instinct said in a

Gas Stations Impacted By Cyberattack On Canadian Energy Giant

Siemens Energy, UCLA Latest Confirmed Victims In MOVEit Hack

Prominent Cryptocurrency Exchange Infected With Previously Unseen Mac Malware

British Twitter Hacker Sentenced To Prison In United States

Microsoft Warns of Widescale Credential Stealing Attacks by Russian Hackers

Microsoft has disclosed that it's detected a spike in credential-stealing attacks conducted by the Russian state-affiliated hacker group known as Midnight Blizzard. The intrusions, which make use of residential proxy services to obfuscate the source IP address of the attacks, target governments, IT service providers, NGOs, defense, and critical manufacturing sectors, the tech giant's threat

GCHQ Warns Ransomware Crews Are Targeting Law Firms

Camaro Dragon Hackers Strike with USB-Driven Self-Propagating Malware

The Chinese cyber espionage actor known as Camaro Dragon has been observed leveraging a new strain of self-propagating malware that spreads through compromised USB drives. "While their primary focus has traditionally been Southeast Asian countries, this latest discovery reveals their global reach and highlights the alarming role USB drives play in spreading malware," Check Point said in new

Reddit Confirms BlackCat Gang Pinched Some Data

Now Patched VMware Zero-Day Bug Exploited In Wild

Progress Software Hit With Class Action Suit Over MOVEit Hack

Oreo Cookie Maker Says Crooks Gobbled Up Staff Info

Chinese Hacker Group 'Flea' Targets American Ministries with Graphican Backdoor

Foreign affairs ministries in the Americas have been targeted by a Chinese state-sponsored actor named Flea as part of a recent campaign that spanned from late 2022 to early 2023. The cyber attacks, per Broadcom's Symantec, involved a new backdoor codenamed Graphican. Some of the other targets included a government finance department and a corporation that markets products in the Americas as

Over 100,000 ChatGPT Accounts Found For Sale On Dark Web

Data Leak At Law Firm Sets Australia's Elites Scrambling

Rogue Android Apps Target Pakistani Individuals in Sophisticated Espionage Campaign

Individuals in the Pakistan region have been targeted using two rogue Android apps available on the Google Play Store as part of a new targeted campaign. Cybersecurity firm Cyfirma attributed the campaign with moderate confidence to a threat actor known as DoNot Team, which is also tracked as APT-C-35 and Viceroy Tiger. The espionage activity involves duping Android smartphone owners into

Abandoned S3 Bucket Used To Launch Malicious Payloads

Progress Software Rushes To Patch Another MOVEit SQL Vulnerability

Hacker Gang Clop Publishes Victim Names On Dark Web

Barracuda Zero Day Attacks Attributed To Chinese Cyberespionage Group

Hackers Can Steal Cryptographic Keys By Video Recording Power LEDs 60 Feet Away

Fortinet Warns Customers Of Possible Zero Day Exploited In Limited Attacks

Chinese Spies Caught Exploiting VMware ESXi Zero Day

MSSQL Makes Up 93% Of All Activity On Honeypots Across 10 DBs

Online Muggers Make Serious Moves On Unpatched Microsoft Bugs

New SPECTRALVIPER Backdoor Targeting Vietnamese Public Companies

Vietnamese public companies have been targeted as part of an ongoing campaign that deploys a novel backdoor called SPECTRALVIPER. "SPECTRALVIPER is a heavily obfuscated, previously undisclosed, x64 backdoor that brings PE loading and injection, file upload and download, file and directory manipulation, and token impersonation capabilities," Elastic Security Labs said in a Friday report. The

Ransomware Gang Clop Prepped Zero Day MOVEit Attacks In 2021

Hacker Attempts To Exploit Old And New Bugs Up 55%

Dozens Of Popular Minecraft Mods Found Infected With Fracturiser Malware

People Are Pirating GPT-4 By Scraping Exposed API Keys

Kimsuky Targets Think Tanks and News Media with Social Engineering Attacks

The North Korean nation-state threat actor known as Kimsuky has been linked to a social engineering campaign targeting experts in North Korean affairs with the goal of stealing Google credentials and delivering reconnaissance malware. "Further, Kimsuky's objective extends to the theft of subscription credentials from NK News," cybersecurity firm SentinelOne said in a report shared with The

BBC, BA, And Boots Issued With Ultimatum By Cyber Gang Clop

MoveIt Hack: What Actions Can Data Breach Victims Take?

Crypto Catastrophe Stikes Some Atomic Wallet Users, Over $35 Million Thought Stolen

Ransomware Attacks Have Room To Grow, Verizon Report Shows

Chinese PostalFurious Gang Strikes UAE Users with Sneaky SMS Phishing Scheme

A Chinese-speaking phishing gang dubbed PostalFurious has been linked to a new SMS campaign that's targeting users in the U.A.E. by masquerading as postal services and toll operators, per Group-IB. The fraudulent scheme entails sending users bogus text messages asking them to pay a vehicle trip fee to avoid additional fines. The messages also contain a shortened URL to conceal the actual

Qbot Malware Adapts To Live Another Day... And Another...

British Airways, Boots, And BBC Staff Details Targeted In Russia-Linked Cyber Attack

Brazilian Cybercriminals Using LOLBaS and CMD Scripts to Drain Bank Accounts

An unknown cybercrime threat actor has been observed targeting Spanish- and Portuguese-speaking victims to compromise online banking accounts in Mexico, Peru, and Portugal. "This threat actor employs tactics such as LOLBaS (living-off-the-land binaries and scripts), along with CMD-based scripts to carry out its malicious activities," the BlackBerry Research and Intelligence Team said in a report

BlackCat Updates Tradecraft With Stealth And Speed

Clickless iOS Exploits Infect Kaspersky iPhones With Never-Before-Seen Malware

Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering

The Chinese nation-state group known as Camaro Dragon has been linked to yet another backdoor that's designed to meet its intelligence-gathering goals. Israeli cybersecurity firm Check Point, which dubbed the Go-based malware TinyNote, said it functions as a first-stage payload capable of "basic machine enumeration and command execution via PowerShell or Goroutines." What the malware lacks in

North Korea's Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks

U.S. and South Korean intelligence agencies have issued a new alert warning of North Korean cyber actors' use of social engineering tactics to strike think tanks, academia, and news media sectors. The "sustained information gathering efforts" have been attributed to a state-sponsored cluster dubbed Kimsuky, which is also known by the names APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet (

Researchers Tell Owners To Assume Compromise Of Unpatched Zyxel Firewalls

N. Korean ScarCruft Hackers Exploit LNK Files to Spread RokRAT

Cybersecurity researchers have offered a closer look at the RokRAT remote access trojan that's employed by the North Korean state-sponsored actor known as ScarCruft. "RokRAT is a sophisticated remote access trojan (RAT) that has been observed as a critical component within the attack chain, enabling the threat actors to gain unauthorized access, exfiltrate sensitive information, and potentially

Organizations Warned Of Backdoor In Hundreds Of Gigabyte Motherboards