Cybercrime

May 6, 2024

Generative artificial intelligence (GenAI) tools like ChatGPT have extensive business value. They can write content, clean up context, mimic writing styles and tone, and more. But what if bad actors abuse these capabilities to create highly convincing, targeted and automated phishing messages at scale? No need to wonder as it’s already happening. Not long after the ...

May 6, 2024

A Maine accounting firm has been sued after a data breach exposed the personal information of more than a million people. BerryDunn, an accounting firm based out of Portland, is facing lawsuits from nine different people. The lawsuits claim that names and Social Security numbers of 1.1 million people were exposed in the breach involving one ...

May 5, 2024

Singapore law firm Shook Lin & Bok was hit by a ransomware attack in April, and the incident is now under investigation by the local authorities. In response to queries from The Straits Times, the firm said in a statement on May 2 that the incident was discovered on April 9, and it immediately engaged a ...

May 4, 2024

The US administration rejecting dialogue with Moscow on the cyber sphere undermines international information security, Russian Ambassador to Washington Anatoly Antonov said on the embassy’s Telegram channel. “We regard such statements as another example of megaphone diplomacy and evidence of Washington’s irrepressible desire to accuse Russia of all mortal sins. We have repeatedly told the US: ...

May 3, 2024

The U.K.’s National Cyber Security Centre (NCSC) and other international cyber authorities, including the Federal Bureau of Investigation (FBI), have warned about pro-Russia hacktivist attacks targeting providers of operational technology. OT is hardware and software that interacts with the physical environment and includes smart water metres, automated irrigation systems, dam monitoring systems, smart grids and IoT ...

May 2, 2024

A Ukrainian man has been sentenced to 13 years and seven months in prison for his role in conducting more than 2,500 ransomware attacks across the globe. Yaroslav Vasinskyi, 24, demanded more than $700 million in ransom payments for data he stole from his victims, or he would publicly release it. He was also ordered to ...

May 2, 2024

A campaign using sponsored search results is targeting home users and taking them to tech support scams. Sponsored search results are the ones that are listed at the top of search results and are labelled “Sponsored”. They’re often ads that are taken out by brands who want to get people to click through to their website. ...

May 2, 2024

Dropbox has confirmed that a hacker has accessed customer information including emails and usernames, phone numbers and hashed passwords, OAuth tokens and multi-factor authentication information. Dropbox has issued a statement confirming that it became aware of unauthorized access to the production environment of the Dropbox Sign platform on April 24. That statement confirms that customer information ...

May 2, 2024

A Sydney man has been arrested by police over an alleged data breach of personal information of members and patrons from at least 17 licensed clubs in New South Wales and the ACT. An unauthorised website claimed to have published online the personal details of many customers, with a threat to publish those of more than ...

May 1, 2024

In April, FortiGuard Labs observed a new botnet targeting a D-Link vulnerability from nearly a decade ago, CVE-2015-2051. This vulnerability allows remote attackers to execute arbitrary commands via a GetDeviceSettings action on the HNAP interface. As a result, an attacker can create a crafted HTTP request with a malicious command embedded in the header. Fortinet IPS ...