Threat Assessment: BianLian ransomware group

Unit 42 researchers have been tracking the BianLian ransomware group, which has been in the top 10 of the most active groups based on leak site data they’ve gathered. From that leak site data, Unit 42 primarily observed activity affecting Read More …

Subway reportedly hit by LockBit ransomware – but is it half-baked speculation?

Subway has allegedly suffered a data breach at the hands of none other than the notorious LockBit ransomware gang. According to a media report, the ransomware-as-a-service provider added the sandwich makers to its data leak site earlier this week after Read More …

Australia: Russian man Aleksandr Ermakov has been sanctioned over the Medibank data breach

The Australian government has used Magnitsky-style sanctions for the first time to punish Russian man Aleksandr Ermakov over what it says is his role in the 2022 Medibank Private data breach. Foreign Minister Penny Wong, Home Affairs Minister Clare O’Neil Read More …

New macOS backdoor stealing cryptowallets

A month ago, Kaspersky researchers discovered some cracked apps circulating on pirating websites and infected with a Trojan proxy. The malicious actors repackaged pre-cracked applications as PKG files with an embedded Trojan proxy and a post-install script initiating the infection. Read More …

Lebanon: Ministry of Social Affairs’ website suffers cybersecurity breach

The Ministry of Social Affairs’ website has been subjected to a cyber-attack. Authorities are actively working to resolve the issue and ensure the restoration of normalcy to the site. Reportedly, the website does not contain any personal information. Read more… Read More …

VF Corp’s cyber incident causes data breach of 35.5 million consumers

Vans sneaker maker VF Corp said on Thursday the cyber incident that hit the company in December led to a breach of personal data of about 35.5 million consumers, and added that it does not expect a material impact to Read More …

Carnegie Mellon University hit by cyberattack, informs 7,300 people possibly affected

Carnegie Mellon University informed about 7,300 people that their personal information may have been compromised in an August cyberattack that was quietly investigated by law enforcement and the university. The breach impacting one of the nation’s top schools for computing Read More …

Chinese Espionage Group UNC3886 Found Exploiting CVE-2023-34048 Since Late 2021

While publicly reported and patched in October 2023, Mandiant and VMware Product Security have found UNC3886, a highly advanced China-nexus espionage group, has been exploiting CVE-2023-34048 as far back as late 2021. These findings stem from Mandiant’s continued research of Read More …