News • Insights • Analysis
In the new Lazarus Group campaign we recently disclosed, the North Korean state-sponsored actor continues to use much of the same infrastructure despite those components being well-documented by security researchers over the years. Their continued use of the same tactics, Read More …
Cloud host CloudNordic says most of its customers have “lost all data with us” following a ransomware attack on its data center systems, including its backups. The Denmark-based cloud company said the ransomware attack began Friday, during which cybercriminals “shut Read More …
In July 2023, Malwarebytes researchers observed a malvertising campaign that lured potential victims to a fraudulent site for a Windows IT management tool. Unlike previous similar attacks, the final payload was packaged differently and not immediately recognizable. The decoy file Read More …
A previously unknown advanced persistent threat (APT) group used the legitimate Cobra DocGuard software to carry out a supply chain attack with the goal of deploying the Korplug backdoor (aka PlugX) onto victim computers. In the course of this attack, Read More …
Japanese watchmaker Seiko Group Corp. has been struck by a ransomware attack, with the BlackCat/ALPHV ransomware gang claiming responsibility. The attack, officially described as a data breach, was disclosed by Seiko on Aug. 10 and is said to have taken Read More …
Operators of critical utility infrastructure across the UK may have been affected by a developing cyber attack on the systems of Energy One, an Australia-based supplier of software and services for the energy sector. The ongoing incident was disclosed via Read More …
A man arrested by detectives investigating criminality linked to last week’s major PSNI data breach has been released on bail to allow for further police enquiries. The 39-year-old man had been detained following a search in Lurgan, Co Armagh on Read More …
Since at least 2019, Mandiant has tracked threat actor interest in, and use of, AI capabilities to facilitate a variety of malicious activity. Based on Mandiant own observations and open source accounts, adoption of AI in intrusion operations remains limited Read More …
Someone is targeting LinkedIn accounts, trying to break in with either login credentials leaked elsewhere, or with brute-force attacks. As a result, many people have had their accounts compromised, while others have been locked out due to too many failed Read More …
China’s Ministry of State Security (MSS) on Wednesday warned of data security risks after recent reports identified US intelligence agencies were behind a cyberattack on Wuhan Earthquake Monitoring Center. A joint investigation team formed by the National Computer Virus Emergency Read More …
