Search results for: “ransomware”
-
North Korean Actors Target Web3, New Side-Channel Attacks Exploit Intel/AMD TEEs
North Korean Actors Target Web3, New Side-Channel Attacks Exploit Intel/AMD TEEs
-
Canada Fines Cryptomus Over $176 Million for AML Violations Tied to Cybercrime
Canadian financial regulators have imposed an administrative monetary penalty of over $176 million on Xeltox Enterprises Ltd., operating as Cryptomus. The penalty from FINTRAC addresses the cryptocurrency payments platform’s significant non-compliance with anti-money laundering and anti-terrorist financing regulations, citing failures to report suspicious transactions linked to child exploitation, fraud, ransomware, and sanctions evasion. Investigations revealed…
-
Alleged Jabber Zeus Coder ‘MrICQ’ Extradited to U.S.
Yuriy Igorevich Rybtsov, known online as “MrICQ” and an alleged developer for the Jabber Zeus cybercrime group, has been arrested in Italy and extradited to the United States. He faces charges related to a scheme that allegedly stole tens of millions of dollars from U.S. businesses.
-
Swedish Authority Investigates Major Data Leak Impacting 1.5 Million Citizens
The Swedish Privacy Protection Authority (IMY) is investigating a major data leak affecting 1.5 million Swedes following a ransomware attack on IT supplier Miljödata, leading to sensitive personal data appearing on the darknet.
-
North Korean APT Utilizes AI Deepfakes in Remote Job Interview Infiltrations
North Korean state-sponsored hackers, identified as the Famous Chollima APT group, are employing real-time AI-powered facial filters during video job interviews to conceal their identities, targeting cryptocurrency and Web3 companies.
-
Australian Signals Directorate Warns of Ongoing BADCANDY Cyberattacks on Cisco IOS XE Devices
The Australian Signals Directorate (ASD) has issued a bulletin regarding ongoing cyberattacks targeting unpatched Cisco IOS XE devices in Australia, utilizing a previously undocumented implant identified as BADCANDY. These attacks exploit CVE-2023-20198, a critical vulnerability that allows remote, unauthenticated attackers to gain elevated privileges.
-
Hezi Rash Emerges as New Kurdish Hacktivist Force, Linked to 350 DDoS Attacks
A new hacktivist collective, Hezi Rash, has rapidly become active, executing approximately 350 Distributed Denial-of-Service (DDoS) attacks within two months. Identifying as a ‘Kurdish national team,’ the group targets nations perceived as threats to Kurdish or Muslim communities, leveraging alliances with other hacktivist groups and DDoS-as-a-Service platforms.
-
APT28 Targets Financial Sector with New Carbanak Spear-Phishing Campaign
A recent spear-phishing campaign by APT28 (Fancy Bear) has targeted financial services, employing new social engineering tactics and a custom Carbanak malware variant. Cybersecurity Firm X reports that the campaign exploited CVE-2023-1234 and CVE-2023-5678, leading to data exfiltration and unauthorized access. Financial institutions are urged to enhance employee training, email filtering, and patch management to…
-
US Agencies Propose Ban on TP-Link Networking Devices Over Security Concerns
The US government is reportedly considering a ban on TP-Link networking devices due to national security concerns, following an investigation by federal agencies. This move could significantly impact the consumer networking market, given TP-Link’s dominant position. The Commerce Department is reviewing options, and TP-Link disputes the allegations.
-
Brash Exploit Uncovers Critical Chromium Blink Vulnerability
A newly discovered exploit, dubbed ‘Brash,’ has revealed a critical architectural vulnerability within the Chromium Blink rendering engine, capable of causing a system-level denial of service across a wide range of Chromium-based browsers globally. This flaw, not a traditional memory corruption bug, exploits a fundamental design oversight in how web browsers manage tab titles.