Iron Tiger APT Group Roars Louder With New Toolkit
Iron Tiger threat actor group was spotted using an upgraded toolkit in an 18-month old cyberespionage campaign against a gambling firm in the Philippines.
Cyware
ICS Computers Face Increased Ransomware Attacks - Kaspersky Report
In a new report, Kaspersky noted that developed countries faced a large number of ransomware attacks on ICS systems during the pandemic owing to their consistency in keeping businesses up and running.
Malware That Spreads via Xcode Projects Now Targeting Apple's M1-based Macs
A Mac malware campaign targeting Xcode developers has been retooled to add support for Apple's new M1 chips and expand its features to steal confidential information from cryptocurrency apps.
Beverage Giant C&C Group Subsidiary Suffers IT Systems Outage Due to Security Incident
Matthew Clark Bibendum (MCB), a distributor of alcoholic beverages and soft drinks in the UK and Ireland, says it’s working to restore IT systems following a cybersecurity incident.
Bad bot traffic reaching an all-time high over the past year
There was a 372% increase in bad bot traffic on healthcare websites since September 2020. As vaccines became more widely available, bot activity was recorded at rates of 12,000 requests per hour.
FIN7 Sysadmin Gets 10 Years Behind Bars
The systems administrator for a notorious organized cybercrime group has been handed a 10-year jail sentence for his part in financial crimes that cost firms and consumers billions.
Ryuk Ransomware Anatomy of an Attack in 2021
Advintel observed actors conducting OSINT research related to the compromised host domain to identify the infected victim company and evaluate their revenue to assess what the ransom amount will be.
Payment transaction volume using 3-D Secure protocol grows globally
RSA has published its latest quarterly fraud report, reinforcing the migration to more precise payment authentication methods and showing a notable spike in brand abuse attacks.
WordPress could treat Google FloC as a security issue
The backlash against Google's Federated Learning of Cohorts (FLoC) has continued, with a proposal raised in WordPress Core to block the alternative identifier to third-party cookies by default.
US sanctions cryptocurrency addresses linked to Russian cyberactivities
The US government sanctioned this week twenty-eight cryptocurrency addresses allegedly associated with entities or individuals linked to Russian cyberattacks or election interference.
Ransomware attack on 24 schools near Bristol impacts more than 1,000 devices
More than 1,000 devices are having to be rebuilt and many teachers could start the new term on Monday (April 19) without laptops, whiteboards, and other vital equipment and resources.
ioXt Alliance expands its Compliance Program to bring transparency to mobile apps and VPNs
The ioXt Alliance announced that it is expanding its ioXt Compliance Program with a new mobile application profile with added requirements for VPN applications to mitigate potential security risks.
Credit Card Data of Nearly 1 Million Domino's Pizza India Customers Allegedly Sold Online
A cybersecurity researcher claimed that credit card details of nearly 1 million people who purchased online on Domino's Pizza India, is allegedly being sold for around $550,000 on the dark web.
OneTrust acquires Convercent to bring ethics and compliance technology into a single platform
The acquisition of the ethics and compliance platform brings together privacy, data governance, GRC, third-party risk, ESG and ethics and compliance together into a single operational workflow.
U.S. Takes Aim at Russia’s Cyber Ops Ecosystem
Russian tech companies identified and sanctioned by the US Treasury Department include ERA Technopolis, Pasit AO, SVA, Neobit OOO, Advanced System Technology, and Pozitiv Teknolodzhiz.
Attackers Demand Discord Nitro Gift Codes as Ransomware Payments
In a novel approach to ransom demands, a new ransomware calling itself 'NitroRansomware' encrypts victim's files and then demands a Discord Nitro gift code to decrypt files.
Growing reliance on third-party suppliers signals increasing security risks
Adversaries are turning their focus on cheaper, easier targets within an organization's supply chain, especially as businesses increasingly acquire software from external suppliers.
Ransomware micro-criminals are still out here (and growing)
The conventional ransomware operation model is still very active: victims keep receiving e-mails with malicious attachments that automatically execute the ransomware payload on the unlucky machine.
Major data breach at cleaning and catering company Spotless
The potentially exposed data could have included the names, email addresses, phone numbers, and residential addresses as well as passport details and tax numbers of current and former employees.
PlexTrac Raises $10 Million for Its Purple Teaming Platform
PlexTrac last week announced closing a $10 million Series A funding round led by Noro-Moseley Partners and Madrona Venture Group, with participation from StageDotO Ventures.
Cyber security news articles covering the latest trends, major breaches and incidents, new malware and vulnerabilities, threat intelligence, cyber analysis, laws regulations, innovations, tools, strategies, and events around the world.
Subscribe to Cyware feed