Cybercrime

August 15, 2022

Although DDoS attacks are mainly carried out with bots, the initiators and coordinators of the attacks are humans. The nature of the attacks, their intensity and duration largely depend on their motivation and behaviors. According to StormWall researchers observations, attackers who launch DDoS attacks almost always want to ensure that their efforts have been successful and ...

August 11, 2022

A cyberattack that hit a major IT provider for the NHS and severely affected the 111 service involved ransomware and could take up to four weeks to fix, it has emerged. Advanced, which supplies vital systems for the NHS, said it suffered a cyber breach around 7am on 4 August which has now been contained. The attack ...

August 11, 2022

Cisco disclosed on Wednesday that its corporate network was accessed by cyber-criminals in May after an employee’s personal Google account was compromised – an act a ransomware gang named “Yanluowang” has now claimed as its work. The world’s largest networking vendor disclosed the months-old compromise after a list of files accessed during the incident appeared on ...

August 11, 2022

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint CSA to disseminate known Zeppelin ransomware IOCs and TTPs associated with ransomware variants identified through FBI investigations as recently as 21 June 2022. The FBI and CISA encourage organizations to implement the recommendations in the Mitigations section ...

August 10, 2022

An automotive supplier had its systems breached and files encrypted by three different ransomware gangs over two weeks in May, two of the attacks happening within just two hours. The attacks followed an initial breach of the company’s systems by a likely initial access broker (IAB) in December 2021, who exploited a firewall misconfiguration to breach ...

August 10, 2022

At least two security-sensitive companies—Twilio and Cloudflare—were targeted in a phishing attack by an advanced threat actor who had possession of home phone numbers of not just employees but employees’ family members as well. In the case of Twilio, a San Francisco-based provider of two-factor authentication and communication services, the unknown hackers succeeded in phishing the ...

August 8, 2022

7-Eleven stores in Denmark shut down today after a cyberattack disrupted stores’ payment and checkout systems throughout the country. The attack occurred early this morning, August 8th, with the company posting on Facebook that they were likely “exposed to a hacker attack”. The translated statement says that the company has closed all the stores in the country ...

August 6, 2022

A new ransomware family called ‘GwisinLocker’ targets South Korean healthcare, industrial, and pharmaceutical companies with Windows and Linux encryptors, including support for encrypting VMware ESXi servers and virtual machines. The new malware is the product of a lesser-known threat actor dubbed Gwisin, which means “ghost” in Korean. The actor is of unknown origin but appears to ...

August 5, 2022

A vulnerability in Twitter’s software that exposed an undetermined number of owners of anonymous accounts to potential identity compromise last year was apparently exploited by a malicious actor, the social media company said Friday. It did not confirm a report that data on 5.4 million users was offered for sale online as a result but said ...

August 4, 2022

Taiwan’s Ministry of National Defense confirmed it was hit by a DDoS attack on Wednesday in what has been an eventful week for the island nation, US-Sino relations, and semiconductors. The ministry said the network was attacked around 23:40 with connection restored by 00:30 local time on Thursday. Cabinet spokesperson Lo Ping-cheng said work on heightening ...