- Israeli spyware startup Paragon acquired by U.S.-based private equity fund for up to $900M
December 16, 2024
Israeli offensive cyber company Paragon will be acquired by the U.S.-based private equity fund AE Industrial Partners for an initial payment of $500 million, with an additional $400 million contingent on meeting business milestones. Despite the acquisition, Paragon will remain an Israeli company, adhering to regulatory guidelines set by Israel’s Defense Ministry and the U.S. ...
- Europol spearheads largest referral action against online hate speech
December 16, 2024
Europol has supported 18 European law enforcement agencies in the 2024 Referral Action Day (RAD) on hate speech and incitement to violence targeting ethnoreligious groups. Spanish and Hungarian authorities led the action, which resulted in a record number of online content being identified. In total, 12 countries collected over 6 350 links from 46 online platforms ...
- NotLockBit ransomware targets Apple users with advanced file-locking and data exfiltration
December 15, 2024
The recent discovery of macOS.NotLockBit suggests a shift in the landscape, as this newly identified malware, named after the notorious LockBit variant, could mark the beginning of more serious ransomware campaigns against Mac users. Ransomware targeting Mac devices tends to lack the necessary tools to truly lock files or exfiltrate data. The general perception has been ...
- Ireland: Loss of papers and devices among the Department of Justice’s 482 data breaches
December 15, 2024
The Department of Justice has recorded more than 480 data breaches over the past three years, including the loss of sensitive papers, encrypted devices, and unauthorised access to social media. The breaches occurred across the department including key areas such as international protection, the response to the Ukraine refugee crisis, and in citizenship applications. A log ...
- Cyber attack may affect personal information of thousands of Rhode Islanders
December 13, 2024
A massive cyberattack could impact the personal information of hundreds of thousands of Rhode Islanders after hackers targeted a state contractor that stores health and personal data. Governor Dan McKee announced that the personal information of thousands was compromised in a cybersecurity attack. Anyone who has ever received or applied for health coverage or human service ...
- Six arrested in South Thailand for call centre scams and firearms
December 13, 2024
Police apprehended six people suspected of being involved in call centre scams and the illegal trade of firearms. The Cyber Crime Investigation Bureau (CCIB) announced the arrest on Tuesday, December 10, indicating possible connections between the suspects and insurgency financing in Thailand’s southern regions. The arrests took place on December 10 in Songkhla and Yala provinces ...
- Maritime Cyber Priority 2024/25: Tackling a growing cybersecurity threat in an increasingly connected industry
December 12, 2024
The digitalization of the maritime industry is in full flow. Shipowners, ports, cargo owners and many other stakeholders throughout the value chain are increasingly utilizing connected digital technologies to make shipping greener, safer and more efficient. However, DNV’s new Maritime Cyber Priority report highlights that this also introduces new cybersecurity risks, which need to be managed ...
- Careto is back: what’s new after 10 years of silence?
December 12, 2024
During the first week of October, Kaspersky took part in the 34th Virus Bulletin International Conference, one of the longest-running cybersecurity events. There, Kaspersky researchers delivered multiple presentations, and one of our talks focused on newly observed activities by the Careto threat actor, which is also known as “The Mask”. The Mask APT is a legendary ...
- Update now! Apple releases new security patches for vulnerabilities in iPhones, Macs, and more
December 12, 2024
Apple has released security patches for most of its operating systems, including iOS, Mac, iPadOS, Safari, and visionOS. To check if you’re using the latest software version, go to Settings (or System Settings) > General > Software Update. It’s also worth turning on Automatic Updates if you haven’t already, which you can do on the same ...
- Hackers find hole in Krispy Kreme Doughnuts’ cyber-security
December 11, 2024
Doughnut chain Krispy Kreme says it has been hit by a cyberattack which has disrupted its online systems. Some customers in the US have been unable to make online orders as a result of the hack, which occurred in late November but has only just been disclosed. Krispy Kreme revealed the attack in a regulatory filing ...
- Modular Java Backdoor Dropped in Cleo Exploitation Campaign
December 11, 2024
While investigating incidents related to Cleo software exploitation, Rapid7 Labs and MDR observed a novel, multi-stage attack that deploys an encoded Java Archive (JAR) payload. Our investigation revealed that the JAR file was part of a modular, Java-based Remote Access Trojan (RAT) system. This RAT facilitated system reconnaissance, file exfiltration, command execution, and encrypted communication with ...