January 19, 2022 Accellion Proposes $8.1 Million Settlement to Resolve Class Action Data Breach Lawsuit Accellion has proposed an $8.1 million settlement to resolve a class action data breach lawsuit related to the December 2020 cyberattack on its legacy File ... Read more
January 17, 2022 New Wiper Malware Was Used in Recent Cyberattacks in Ukraine Last week, Ukraine experienced a massive cyberattack that affected around 70 government websites, including those of the Ministry of Foreign Affairs and the education ministry. ... Read more
January 14, 2022 14 REvil Ransomware Gang Members Arrested by Russian Government The Federal Security Service (FSB) of the Russian Federation has announced 14 individuals suspected of being part of the notorious REvil ransomware operation have been ... Read more
January 14, 2022 New York Attorney General Issues Business Guide for Credential Stuffing Attacks The Bureau of Internet and Technology at the Office of the New York State Attorney General (OAG) has issued a Business Guide for Credential Stuffing ... Read more
January 10, 2022 How Do Hackers Steal Passwords? You often hear about cyberattacks that utilized stolen credentials to gain access to business networks, but how do hackers steal passwords? In this article, we ... Read more
December 30, 2021 LastPass Denies Data Breach After Users Claim Their Master Passwords Were Used to Access Their Vaults Several LastPass users have claimed their master passwords have been used by unauthorized individuals to access their password vaults, including individuals who claim never to ... Read more
December 10, 2021 30% of Security Breaches Are Caused by Poor Password Practices Passwords can provide a very good level of security but many people are guilty of poor password practices. While there are now alternatives to passwords ... Read more
December 7, 2021 New Malware Variant Being Used in Targeted Attacks by SolarWinds Hackers The Advanced Persistent Threat (APT) actor believed to be responsible for the SolarWinds supply chain attack is continuing to conduct attacks on U.S. companies to ... Read more
December 2, 2021 Multiple APT Actors Using Novel RFT Template Injection Technique in Phishing Attacks A novel Rich Text Format (RTF) Template Injection technique is being used in phishing campaigns conducted by multiple nation-state hacking groups. Researchers at Proofpoint say ... Read more
December 1, 2021 FBI Seizes $2.3 Million in Ransomware Payments from Russian Affiliate of REvil and GandCrab RaaS Operations The Federal Bureau of Investigation (FBI) has seized 39.89 Bitcoins with a current value of around $2.3 million from a Russian national alleged to be ... Read more
November 26, 2021 GoDaddy Data Breach Affects 1.2 Million Customers and 6 Web Hosts On November 22, GoDaddy said it was the victim of a data breach that exposed the email addresses and customer numbers of up to 1.2 ... Read more
November 22, 2021 Survey Reveals Worrying Lack of Action by Consumers After Receiving a Breach Notification Letter The National Institute of Standards and Technology (NIST) no longer recommends regular password changes for employees, as while updating passwords every few months does improve ... Read more
November 18, 2021 Ransomware Attacks on CNA, Colonial Pipeline, and JBS the Result of Minor Security Lapses Ransomware attacks in 2021 have increased to record levels and no industry sector is immune. Cyber threat actors have become bolder and have conducted an ... Read more
November 15, 2021 Legitimate FBI System Hacked and Used to Send Spam Emails About Fake Cyberattack A spam email campaign involving at least 100,000 emails has been conducted using ‘hacked’ FBI-owned servers. The messages advised the recipients that their network had ... Read more
November 10, 2021 Security Researcher ‘Hacks’ 70% of WiFi Passwords with Next to No Effort A password is often the only thing that stands in the way of a hacker and a treasure trove of sensitive data. It is therefore ... Read more
November 9, 2021 Robinhood Announces Breach of 7 Million User Records Hacking attempts are often sophisticated but in some cases gaining access to a company’s internal networks is as simple as asking an employee for login ... Read more
November 4, 2021 FBI Warns of New Ransomware Attacks Exploiting Financial Business Events The Federal Bureau of Investigation has issued a private industry alert warning about a new tactic being used by ransomware gangs to pressure victims into ... Read more
November 3, 2021 BlackMatter Ransomware Operation Shuts Down Law enforcement agencies around the world have stepped up their efforts to disrupt ransomware gangs in recent months. The infrastructure of the notorious REvil ransomware ... Read more
November 1, 2021 Europol Announces Arrest of 12 Individuals Suspected of Conducting Over 1,800 Ransomware Attacks Ransomware gangs have been able to conduct thousands of attacks on businesses with little threat of being caught, but the massive increase in attacks in ... Read more
October 29, 2021 Microsoft Warns of Increase in Password Spraying Attacks Microsoft’s Detection and Response Team (DART) has issued a warning about an increase in password spraying attacks by nation-state hacking groups and cybercriminals. These attacks ... Read more
October 22, 2021 Sinclair Broadcast Group Suffers Evil Corp Ransomware Attack The prolific Russian cybercriminal group Evil Corp has started using a new ransomware variant named Macaw Locker. The latest attack was conducted on the U.S. ... Read more
October 21, 2021 $5.2 Billion in Ransomware Payments Identified by FinCEN The U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) has identified $5.2 billion in outgoing Bitcoin transactions in cryptocurrency wallets linked to ransomware gangs, highlighting ... Read more
October 20, 2021 Feds Issue Security Advisory About BlackMatter Ransomware Law enforcement agencies in the United States have issued a joint advisory about BlackMatter ransomware which includes details of the tactics, techniques, and procedures (TTPs) ... Read more
October 18, 2021 Reporter Referred to Missouri Prosecutor for Notifying State About Data Leak A reporter at the St. Louis Post-Dispatch who alerted the Missouri Department of Elementary and Secondary Education (DESE) that a web application was leaking the ... Read more
October 12, 2021 Iranian Threat Actor Conducting Password Spraying Attacks on Defense Companies An Iranian threat actor is conducting a password spraying campaign targeting the Office 365 accounts of U.S. EU, and Israeli defense companies. Microsoft’s Threat Intelligence ... Read more
October 12, 2021 Operator of Botnet Used for DDoS and Password Spraying Attacks Arrested in Ukraine A hacker alleged to be the creator and manager of a powerful botnet consisting of more than 100,000 devices has been arrested by law enforcement ... Read more
September 29, 2021 SolarWinds Hackers Deploy FoggyWeb Backdoor to Exfiltrate Data from AD Servers The threat actors behind the cyberattack on SolarWinds are using a malware variant dubbed FoggyWeb to steal data from compromised Active Directory servers. In a ... Read more
September 27, 2021 TangleBot Android Malware Has Extensive Range of Features for Use in Wide Variety of Attacks A new Android malware variant has been discovered by researchers that is being used distributed via SMS messages and has been used in attacks in ... Read more
September 17, 2021 Universal Master REvil Ransomware Decryptor Released by Bitdefender Bitdefender has released a free master REvil ransomware decryptor that allows previous victims of REvil ransomware to recover their files for free. The REvil master ... Read more
September 13, 2021 Olympus Investigating Potential BlackMatter Ransomware Attack The technology firm Olympus is investigating a cybersecurity incident that has affected IT systems used in the EMEA region. Olympus issued a statement confirming suspicious ... Read more