Cybercrime

January 29, 2024

On January 17th, 2024, a ransomware incident affected Schneider Electric Sustainability Business division. The attack has impacted Resource Advisor and other division specific systems. Schneider Electric Global Incident Response team has been immediately mobilized to respond to the attack, contain the incident, and to reinforce existing security measures. Sustainability Business division has informed impacted customers. Read more… Source: ...

January 29, 2024

Ukraine’s Ministry of Defense claims that pro-Ukrainian hacktivists breached the Russian Center for Space Hydrometeorology, known as “planeta” (планета), and wiped 2 petabytes of data. Planeta is a state research center that uses space satellite data and ground sources such as radars and stations to provide information and accurate predictions about weather, climate, natural disasters, extreme ...

January 29, 2024

This week, the SonicWall Capture Labs threat research team analyzed a sample tied to the Blackwood APT group. This is a DLL that, when loaded onto a victim’s computer, will escalate privileges and attempt to install a backdoor for communications monitoring and diversion. It has evasive capabilities and, as of this writing, is targeting companies and ...

January 26, 2024

If you’re like most people, you’ve likely got at least a few unused bank accounts floating around. However, there may be financial and security dangers associated with keeping these unused bank accounts active. Security risks of unused bank accounts Fraud exposure: Unused bank accounts can become targets for fraud. Closing these accounts minimizes the risk. Avoidance of fees: ...

January 26, 2024

Albabat, also known as White Bat, is a financially motivated ransomware variant written in Rust that identifies and encrypts files important to the user and demands a ransom to release them. It first appeared in November 2023 with the variant Version 0.1.0. Version 0.3.0 was released in late December, followed by version 0.3.3 in mid-January 2024. ...

January 26, 2024

Three local councils in the United Kingdom continue to experience disruption to their online services, a week after confirming a cyberattack had knocked some systems offline. The councils for Canterbury, Dover, and Thanet — all of which are based in the U.K. county of Kent and have a combined population of almost 500,000 residents — said ...

January 26, 2024

The Kansas City Area Transit Authority announced this week that is was hit by a ransom cyber-attack. The incident was reported on Tuesday, Jan. 23. KCATA said all service is operating, including fixed-route buss, Freedom and Freedom-On-Demand paratransit service. KCATA said at this time regional RideKC call centers can’t receive calls or can any KCATA landline. Read ...

January 25, 2024

An ongoing campaign of malicious ads has been targeting Chinese-speaking users with lures for popular messaging applications such as Telegram or LINE with the intent of dropping malware. Interestingly, software like Telegram is heavily restricted and was previously banned in China. Many Google services, including Google search, are also either restricted or heavily censored in mainland ...

January 25, 2024

EquiLend, a global financial technology, data and analytics firm, suffered a cyberattack – possibly ransomware – that forced parts of its digital infrastructure offline. In a press release, EquiLend said that on January 22, 2024, its technicians identified a “technical issue that placed portions of our system offline.” Following an investigation, the company identified a cybersecurity ...

January 25, 2024

The Phobos ransomware family is a notorious group of malicious software designed to encrypt files on a victim’s computer. It emerged in 2019 and has since been involved in numerous cyber attacks. This ransomware typically appends encrypted files with a unique extension and demands a ransom payment in cryptocurrency for the decryption key. FortiGuard Labs has ...