- Hundreds of Snowflake customer passwords found online are linked to info-stealing malware
June 5, 2024
Cloud data analysis company Snowflake is at the center of a recent spate of alleged data thefts, as its corporate customers scramble to understand if their stores of cloud data have been compromised. Snowflake helps some of the largest global corporations — including banks, healthcare providers and tech companies — store and analyze their vast amounts ...
- RansomHub: New Ransomware has Origins in Older Knight
June 5, 2024
RansomHub, a new Ransomware-as-a-Service (RaaS) that has rapidly become one of the largest ransomware groups currently operating, is very likely an updated and rebranded version of the older Knight ransomware. Analysis of the RansomHub payload by Symantec, revealed a high degree of similarity between the two threats, suggesting that Knight was the starting point for RansomHub. ...
- MediSecure put into administration weeks after massive data breach
June 5, 2024
Online prescription provider MediSecure has collapsed into administration and liquidation just weeks after a large-scale ransomware attack resulted in customer details being leaked on the dark web. The Melbourne-based health provider last month confirmed the massive data breach had taken place, with the personal information and some limited health information of people who used the service ...
- Kremlin critics targeted with spyware inside European Union
June 5, 2024
At least seven critics of the Kremlin, including journalists were targeted inside the European Union (EU) by a state using Pegasus, a report by digital civil rights NGO Access Now said on Thursday (May 30). In its report, Access Now said on Thursday an investigation by the NGO revealed that the use of Pegasus (a hacking ...
- Sapphire Werewolf polishes Amethyst stealer to attack over 300 companies
June 5, 2024
Since March 2024, the BI.ZONE Threat Intelligence team has been tracking the cluster of activity dubbed Sapphire Werewolf. The threat actor targets Russia’s industries, such as education, manufacturing, IT, defense, and aerospace engineering. Over 300 attacks were carried out using Amethyst, an offshoot of the popular open‑source SapphireStealer. The attackers disguise the malware as an enforcement ...
- Chinese Nationals Plead Guilty To Cyber Crimes In Zambia
June 5, 2024
Twenty-two Chinese nationals have pleaded guilty to committing cyber-related crimes in Zambia. They are among 77 suspects arrested in April in connection with a “sophisticated internet fraud syndicate,” according to authorities. The operation targeted a Chinese-run company in Lusaka following a surge in internet fraud cases affecting people globally. The Chinese nationals are scheduled for sentencing ...
- Canada does not have the tools to fight cyber crime, says watchdog
June 5, 2024
Canada’s federal government does not have the capacity and tools to effectively fight cyber crime in part because of excessive bureaucracy and staff shortages, the country’s top watchdog said on Tuesday. In an official report, Auditor General Karen Hogan said she found breakdowns in response, coordination, tracking, and information sharing between and across the organizations responsible ...
- Are data breaches the new normal? Should we just assume our data isn’t safe?
June 5, 2024
In recent days, both Ticketek Australia and Ticketmaster have experienced breaches which have exposed customer details to hackers. They join a growing list of high-profile data breaches that have put the privacy of millions at risk. For example, in 2022, Optus disclosed a breach of 9.8 million records. In 2023, Latitude, the Australian financial services firm, ...
- Critical Path Traversal Vulnerability in Check Point Security Gateways (CVE-2024-24919)
June 5, 2024
The SonicWall Capture Labs threat research team became aware of an exploited-in-the-wild information disclosure vulnerability affecting the Check Point Security Gateways. Identified as CVE-2024-24919 and given a CVSSv3 score of 8.6, the vulnerability is more severe than it initially appears. While labeled as a sensitive information disclosure vulnerability, it is actually a path traversal attack leading ...
- Cyber Attacks and the Risk of Real War: A NATO Perspective
June 5, 2024
The possibility of a cyber-attack on any NATO member country escalating into a real war is a pressing concern. This question is particularly relevant as the US-led North Atlantic Treaty Organization (NATO) has started establishing ‘cyber labs’ in countries bordering Russia, signalling an increased focus on cyber defence. At the recent Shangri-La Dialogue (31 May-2 June) ...
- Ukrainian intelligence’ hackers attack Russian government agencies and large companies
June 5, 2024
Hackers from the Main Intelligence Directorate (DIU) of Ukraine’s Ministry of Defense have attacked the electronic services of several Russian ministries and banking institutions, according to RBC-Ukraine source in the special services. According to Roskomnadzor (Federal Service for Supervision of Communications, Information Technology and Mass Media) , the disruption is allegedly linked to an accident in ...