November 30, 2025

Dark Light

Search

Chip Technology cybercrime News

0

18

Critical infrastructure at risk from modem flaws

“Critical flaws” have been identified in modems deployed in millions of devices worldwide. Cybersecurity firm Kaspersky has issued a report warning companies of severe security vulnerabilities in Cinterion cellular modems.

According to Kaspersky, Cinterion modems are cornerstone components in machine-to-machine (M2M) and Internet of Things (IoT) communications and now offer a back door for all kinds of threat actors. They support various applications, ranging from industrial automation and vehicle telematics to smart metering and healthcare monitoring. Gemalto, the initial developer of the modems, was subsequently acquired by Thales. In 2023, Telit acquired Thales’ cellular IoT products business, including the Cinterion modems.

Breaking News cybercrime News

0

12

BogusBazarr signals red light for brands

By operating a “fraud-as-a-service’ (FaaS) website, BogusBazarr, operating out of China, runs 200 fraudulent webshops and has so far claimed 850,000 victims, mostly from the US and Western Europe.

Victims who access BogusBazarr shops are offered amazing-sounding deals on shoes and apparel from well-known brands. But as the webshops are totally fraudulent, the victims end up having their credit card details stolen with nothing to show for it.

China Geopolitics News

0

22

SSCL named as breached MoD contractor

UK-based Shared Services Connected Limited (SSCL) has been named as the Ministry of Defence (MoD) contractor hacked by, according to senior government sources, China.

British defense minister Grant Shapps has admitted that the personal and financial details of 272,000 service personnel were hacked by “a malign actor.” However, the breach is now being widely attributed to China, despite China’s dismissal of the allegations as “absurd”. But while the compromised payment system has now been taken offline, there are growing fears that the breach may not merely be confined to the MoD, as SSCL handle a number of UK government contracts.

“We’re the largest provider of critical business support services for the Government, the UK Military & Veterans (MoD), Metropolitan Police Service, and the Construction Industry Training Board (CITB),” boasts SSCL on its website.

Cyber Espionage News North Korea

0

12

FBI warns of fresh North Korean hacking tactic

The US Federal Bureau of Investigation (FBI) has issued a joint advisory warning of a new tactic being used by North Korean intelligence-gathering cyber group Kimsuky. The warning is squarely aimed at think tanks, academic institutions, non-profit organizations, and members of the media in Western countries. Despite North Korea’s previous reliance on revenue from international crime to finance its weapons and military programs, the FBI reports that Kimsuky’s role is intelligence gathering.

Kimsuky exploits an improperly configured Domain Name System (DNS) to mimic legitimate email senders and hack targeted individuals. Without properly configured DNS Domain-based Message Authentication, Reporting, and Conformance (DMARC) policies, malicious hackers can send spoofed emails as if they came from a legitimate domain’s email exchange.

AI cybercrime News

0

22

Cybercrime continues to cold-shoulder AI

Organized cybercriminals continue to give artificial intelligence (AI) the cold shoulder. New research from US telecoms conglomerate Verizon confirms a report in November from cybersecurity firm Sophos revealing that cybercriminals judged AI to be “overrated, overhyped and redundant.”

According to Verizon’s 2024 Data Breach Investigations Report: “We did keep an eye out for any indications of the use of the emerging field of generative artificial intelligence (GenAI) in attacks and the potential effects of those technologies, but nothing materialized in the incident data we collected globally…The number of mentions of GenAI terms alongside traditional attack types and vectors such as “phishing,” “malware,” “vulnerability,” and “ransomware” was shockingly low, barely breaching 100 cumulative mentions over the past two years.”

Breaking News News Workforce Cyber

0

12

Gulf of misunderstanding between CEOs and CISOs widens

There is a widening gulf of miscommunication between security teams and their boards. According to software intelligence platform, Dynatrace, 77 percent of company information security officers (CISOs) say their boards and CEOs focus too heavily on the ability to react to security incidents and not enough on reducing and preventing risk proactively.

“Executive engagement has often been limited to conversations around regulatory compliance and high profile or user-centric security risks, such as phishing attacks, ransomware, or the use of mobile devices among an increasingly hybrid workforce. There is often less understanding of the material operational effects created by other, more technology-centric risks, such as gaps in the organization’s application security posture,” says Dynatrace.

Breaking News cybercrime News

0

16

‘Brute force’ cyber-attacks continue to escalate

Cybersecurity firm Okta reports a spike in ‘brute-force’ credential-stuffing attacks over the last month. This follows earlier reports of a spike in ‘brute force’ credential-stuffing attacks reported last week.

Increasingly sophisticated ‘brute force’ attacks use trial and error techniques to crack passwords, login credentials, and encryption keys. New life is now also being breathed into what is essentially an old hacking technique, with widely available software using artificial intelligence (AI) that can carry out large numbers of attempts automatically.

Breaking News Cyber Budget News

0

16

Rubrik listing underlines strength of cyber sector

The cyber sector has received another boost with the initial public offering (IPO) of shares in Microsoft-backed cloud-based cybersecurity firm Rubrik, valuing the company at around $6.5 billion. Last week also saw that US private equity (PE) firm Thoma Bravo is to take UK cybersecurity company Darktrace private in a deal valuing the firm at over $5 billion.

Orders for Rubrik’s IPO were reported to be oversubscribed for 20 times the 23.5 million shares on offer, with half of the shares allocated to top institutional investors. This investor appetite for the cyber stock is being seen as a testimony to the robustness of the cybersecurity sector, as Rubrik posted operating losses of $307 million last year. But it is the company’s current growth curve that seems to have spurred on investors, with annual recurring revenues reported at $784 million as of the end of 2023, up 47% on the year before.

0

12

$5bn Darktrace deal to boost cyber sector

Private equity (PE) firm Thomas Bravo is to take UK cybersecurity company Darktrace private in a deal valuing the firm at over $5 billion. The US-based PE firm, which manages around $140 billion in assets, intends to use its US market experience to expand Darktrace’s worldwide operations. News of the deal comes hard on the heels of better-than-expected quarterly earnings from US tech giants Alphabet and Microsoft.

Darktrace claims to be a global leader in cybersecurity artificial intelligence (AI), protecting over 9000 customers from ransomware, cloud, and software-as-a-service (SaaS) attacks. Its main research center is in Cambridge, UK, with a second research and development facility in the Hague, Netherlands. The firm holds over 145 patents and pending applications.

0

15

Apple enters GenAI marketplace

Apple has joined Google and Microsoft in launching its own generative artificial intelligence (AI) offering, OpenELM. Apple claims that OpenELM, “a state-of-the-art open language model,” will offer users more accurate and less misleading results than its widely criticized competitors.

“OpenELM uses a layer-wise scaling strategy to efficiently allocate parameters within each layer of the transformer model, leading to enhanced accuracy,” says Apple.

Apple claims that OpenELM exhibits a 2.36 percent improvement in accuracy compared to its initial predecessor OLMo, while requiring half as many pre-training tokens. So far, Apple has delayed offering modern AI capabilities on its devices, but it is expected that the next version of its operating systems will need to include some unique AI features. The launch of iOS 18 is scheduled for June 10.

cybercrime News ransomware

0

25

Ransomware drives corporate cyber-crime

Cybercriminals are getting greedier. According to Google subsidiary Mandiant’s M-Trends 2024 Special Report, the proportion of financially motivated intrusions grew from more than a quarter of all investigations (26 percent) in 2022 to over a third (36 percent) in 2023.

Ransomware-related intrusions represented almost two-thirds of financially motivated intrusions and 23 percent of all 2023 intrusions; the remaining financially motivated intrusions included business email compromise (BEC) fraud and cryptocurrency theft. In 70 percent of cases, organizations learned of ransomware-related intrusions from external sources. In three-quarters of those cases, organizations were notified of a ransomware incident by an attacker ransom message. The remaining quarter came from external partners, such as law enforcement or cybersecurity companies.

“This is consistent with the extortion business model in which attackers intentionally and abruptly notify organizations of a ransomware intrusion and demand payment,” says Mandiant.

cybercrime News Phishing

0

19

Police rounding up LabHost users

International law enforcement is hailing last week’s bust of LabHost, the world’s largest phishing-as-a-service platform, as a major victory in the war against cybercrime. In addition to multiple arrests, the Europol-co-ordinated investigation also unearthed the identities of around 10,000 users of the illegal site, many of whom are now already under police investigation.

The year-long investigation, led by the UK’s London Metropolitan Police, resulted in the arrest of 37 suspects worldwide following Europol-coordinated raids across 70 addresses worldwide. Partners in the investigation also included Chainalysis, Intel 471, Microsoft, The Shadowserver Foundation, and Trend Micro.

Big Tech cybercrime News

0

16

Beware weaponized Google Ads

Cybercriminals are exploiting a previously unseen backdoor to substitute ‘malvertizing’, weaponized bogus ads to push them to the top of Google searches. The attacks are particularly dangerous to corporations of all sizes, as they are aimed squarely at in-house IT professionals, who invariably hold the keys to the organization’s digital kingdom

The unknown threat actor(s) ‘ selection of spoofed software evidences that cybercriminals’ targets primarily consist of IT professionals, particularly those in IT security and network administration roles, according to research from Zscaler ThreatLabz.

“Beginning in March of 2024, Zscaler ThreatLabz observed a threat actor weaponizing a cluster of domains masquerading as legitimate IP scanner software sites to distribute a previously unseen backdoor. The threat actor registered multiple look-alike domains…and leveraged Google Ads to push these domains to the top of search engine results targeting specific search keywords,” says Zscaler ThreatLabz.

cybercrime News VPN

0

19

Rise in ‘brute force’ attacks on VPNs

The past four weeks have seen a sharp global increase in ‘brute force’ attacks on virtual private network (VPN) services, which supply private networks using encryption over the internet. ‘Brute force’ attacks use trial and error to crack passwords, login credentials, and encryption keys. New life has been breathed into what is an old hacking technique with widely available software using artificial intelligence (AI) that can carry out large numbers of attempts automatically.

Cisco Talos Intelligence Group reports a sharp rise worldwide in this type of attack against targets, including virtual private network (VPN) services and web authentication interfaces.

“Cisco Talos has been actively monitoring a global increase in brute-force attacks against a variety of targets, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH services since at least March 18, 2024. The traffic related to these attacks has increased with time and is likely to continue to rise,” predicts Cisco Talos

Investment Scam News

0

12

Online investment scams on the rise

Online investment fraudsters are becoming more devious and organized, making their increasingly sophisticated scams tough to detect for ordinary investors. A bust carried out by Europol and local European law enforcement on the perpetrators of the €645 million JuicyFields marijuana investment scam on April 11 is a prime example.

Europol estimates that 550,000 investors worldwide, most from Europe, were drawn into the scam. Using bank transfers or cryptocurrencies, around 186,000 participants transferred funds to JuicyFields from early 2020 to July 2022. The JuicyFields fraudsters used advertisements on social networks to lure victims to their websites. These offered crowdsourcing investment opportunities in the cultivation, harvesting, and distribution of marijuana plants to be used for medicinal purposes. For a minimum initial investment of €50 in a so-called ‘e-growing’ opportunity, investors were promised to be linked with producers of medical cannabis.

China Chip Technology News

0

17

China bans US semiconductors

A new bamboo curtain has fallen across China, with a reported blanket ban on US chips. The move is bad news for long-time Silicon Valley tech giant chipmaker Intel, whose Chinese sales accounted for roughly a quarter of its global revenues.

Big names join Semiconductor ban

But China’s retaliatory move may not only be bad news for US chip makers such as Intel and AMD but also for China’s own communications infrastructure. The order from China’s Ministry of Industry and Information Technology includes big players China Telecom, China Mobile, and China Unicorn, together with other Chinese operators. All are now obliged to submit draft deadlines for the replacement of foreign microchips. It is uncertain to what extent the CCP actually believes that Intel and AMD chips are likely to have built-in spyware or anything of the sort. The ban can be seen as part of a broader strategy on the part of the Chinese Communist Party (CCP) to end its country’s long-term reliance on US technology.

Analysis Data Leak sextortion

0

20

US Data Compromises Double Year-on-Year

It’s official – the US is losing the battle against cybercrime. The first quarter of this year has seen 841 publicly reported data compromises – a 90 percent increase compared to 442 compromises in Q1 2023.

According to the Identity Theft Resource Center (ITRC), the picture may be even grimmer than these bald statistics suggest. Year-on-year, the number of cyberattack-related data breach notices without information about the root cause of the attack leapt from 166 in Q1 2023 to 439 in Q1 2024. This represents a staggering rise of 265 percent in unsolved data breaches.

0

9

Raspberry Robin attacks via Windows

Raspberry Robin, a tough-to-detect worm carrying malware and ransomware, is now being delivered via Windows Shortcut Files and Windows Script Files. Researchers at Hewlett Packard (HP) first began to identify the new trend in March of this year.

Previously, Raspberry Robin was delivered physically by inserting a weaponized USB stick into a targeted device. But now, this highly effective malware is being delivered via Windows Script Files (WSF), which are widely used by administrators and legitimate software to automate tasks within Windows. The WSF file format supports scripting languages, such as JScript and VBScript, that are interpreted by the Windows Script Host component built into the Windows operating system. It can, however, also be abused by attackers. The Windows Script Files are offered for download via various malicious domains and subdomains controlled by the attackers, which can be distributed via spam or fake online advertising campaigns.

0

18

AI could overload US power grid

Silicon Valley’s tech giants are fond of publicizing their green credentials by installing everything from waterless urinals to solar power. But, according to a new report from the International Energy Agency (IEA), tech giants’ latest offerings, primarily artificial intelligence (AI), are driving energy consumption to unprecedented levels.

The report, Electricity 2024 Analysis and Forecast to 2026, predicts that, if current trends continue, AI and cryptocurrency power consumption could more than double from 460 TWh in 2022 to up to 1,050 TWh in 2026, roughly equivalent to adding another Germany to global electricity consumption. According to the IEA, there are currently over 8,000 data centers globally, with about 33% of these located in the United States, with the largest data center hubs located in California, Texas, and Virginia.

0

22

AI is fueling China’s cyber war against the US

Once again, China is harnessing new Western technology to attack and undermine the US at home and overseas. According to a new report from Microsoft, this time, China is using AI-generated fake social media accounts to influence the outcome of the upcoming US presidential elections.

The report, Same targets, new playbooks: East Asia threat actors employ unique methods, details China’s recent attempts to discredit the US government, including misinformation regarding: the Kentucky train derailment in November; the Maui wildfires in August; the disposal of Japanese nuclear wastewater, illegal drug use in the US as well as exacerbating the increasing racial tensions across the US.

Aerospace cybercrime News

0

16

Cyber-attackers try to divert a commercial flight

Airline security has just entered a new era with the news that on Saturday, cybercriminals hacked the communications network on a commercial flight and tried to divert the plane to a fake destination, putting it in the hands of the gang.

On Sunday, EL AL Israel Airlines confirmed the attack on one of its planes. During the attack, instructions were given to the El Al crew that differed from their set route, alerting them to the possibility that terrorists were planning to crash the plane or that their attackers were planning a kidnapping.

However, despite the nationality of the airline concerned, the motive behind hacking into the airline’s communications is thought not to have been primarily political. Although the attack took place over an area where Iran-backed Houthis are known to be active, it is believed that the hackers are most likely based in Somaliland, which last month signed a controversial territorial agreement with neighboring Ethiopia.

0

15

Cisco bets the farm on Splunk

Cisco’s US$28 billion acquisition of cybersecurity firm Splunk is the largest acquisition in the networking giant’s history. It is now being seen as a clear signpost for the future value of cybersecurity companies worldwide.

The price paid for the 20-year-old San Francisco company represented over 12 percent of Cisco’s US$198 billion market capitalization. The $28 billion acquisition was closed within only six months, at a time when many large mergers are being blocked or delayed by regulators.

“We will revolutionize the way our customers leverage data to connect and protect every aspect of their organization as we help power and protect the AI revolution,” said Cisco CEO Chuck Robbins.

AI cybercrime News

0

15

OpenAI’s voice cloning raises security concerns

OpenAI, the maker of Microsoft-backed consumer-facing artificial intelligence (AI) service ChatGPT, may have scored something of an own-goal with the unveiling of Voice Engine, billed as “a model for creating custom voices”.

While OpenAI’s blog on Friday highlights the legitimate use of voice cloning, sometimes referred to as ‘deepfake voice’, such as providing reading assistance to non-readers and children, its widespread availability could soon metamorphose into a cybersecurity nightmare.

Deepfake voice and video software are already being used by cybercriminals to mimic the voices of senior executives to commit financial fraud and other crimes. But the widespread availability and marketing of deepfake voice software is now set to make cybercrime a virtual cottage industry where any number can play. It will open the floodgates to a whole new generation of cybercriminals, terrorists, pranksters, and disgruntled employees.

Big Tech Chip Technology News

0

22

Tough Times ahead for Apple

These are troubled times for Silicon Valley tech giant, Apple. Hard on the heels of the US Justice Department suing Apple for monopolizing the smartphone market comes news of a major security flaw in Apple M-series chips (M1, M2, and M3).

The US Justice Department appears determined to call time on Apple’s long-standing domination of the smartphone market. It holds that “Apple’s broad-based, exclusionary conduct” makes it harder for Americans to switch smartphones. Apple also stands accused of undermining innovation for apps, products, and services, and imposing extraordinary costs on developers, businesses, as well as on consumers.

AI Geopolitics News

0

20

UN drafts US-led AI resolution

The United Nations has drafted a resolution aimed at bringing the rest of the world in line with existing US artificial intelligence (AI) security guidelines. These follow those already developed by the US Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC).

Both emphasize the importance of “secure-by-design” and “secure-by-default” principles for AI systems. The UN Assembly called on all Member States and stakeholders “to refrain from or cease the use of artificial intelligence systems that are impossible to operate in compliance with international human rights law.” The Assembly added that the same rights that people have offline must also be protected online throughout the life cycle of artificial intelligence systems.

Cyber Espionage Government News

0

20

US blocks sales of citizens’ data to hostile powers

In what is being seen by some on the Hill as a case of too little too late, Washington has this week finally blocked the sale of US citizens’ personal sensitive data to four hostile foreign powers: North Korea, China, Russia, and Iran.

Sensitive data includes ordinary people’s social security numbers, financial account numbers, biometric information, genetic information, precise geolocation information, and most of their private communications. Washington’s Energy and Commerce Committee top Democrat, Congressman Frank Pallone Jr, simultaneously issued a statement highlighting the massive threat foreign data sales present to ordinary people.

China Cyber Espionage Iran News

0

23

China and Iran launch lethal attacks on US infrastructure

The White House has issued an urgent appeal to all US state governors to prepare to cope with their water systems being attacked and taken down by Chinese cyber-attacks. Iran, which has honed its industrial espionage techniques via consistent attacks on Israel’s infrastructure, is also proving effective in taking down water facilities in the US.

The letter from the White House contains a stark warning that attacks on US water facilities are no longer a potential threat but an increasingly frequent event with real-world consequences. It was signed by the Assistant to the President for National Security Affairs, Jake Sullivan, and by Environmental Protection Agency Administrator Michael S. Regan.

0

16

SEC fines companies $400k for over-hyping AI

Ever since the launch of the deeply flawed Microsoft-backed public-facing artificial intelligence (AI) service ChatGPT at the end of 2022, AI has been used to power a whole range of services. But the days of marketing and PR departments simply attaching the words “AI-driven” to over-hype any digital offering in the hope of attracting investors and customers are now hopefully coming to an end.

Earlier this week, the US Securities and Exchange Commission (SEC) fined two investment advisers, Delphia (USA) Inc. and Global Predictions Inc., a total of US$400,000 between them. The SEC’s order against Global Predictions alleged that the San Francisco-based firm made false and misleading claims in 2023 on its website and on social media about its purported use of AI. The order against Toronto-based Delphia alleged that the firm had made false and misleading statements in its SEC filings, in a press release, and on its website regarding its purported use of AI and machine learning.

cybercrime News Phishing

0

20

Beware of fake Google docs

An under-the-radar attack that creates fake Google docs is now playing havoc across multiple sectors in the US and UK, particularly in healthcare. Companies’ increasing reliance on widely-used off-the-shelf external software may save costs and create efficiencies in the short-term, but it also offers new inroads for the current generation of increasingly devious and skilled cybercriminals

Cybersecurity firm Netskope has identified a new Google Docs threat in the wild, AZORult infostealer. It is designed to steal sensitive information such as user credentials, browser information, credit card details and crypto-wallet data. A comprehensive study conducted by Netskope’s research team has uncovered a campaign where an attacker created fake Google Docs pages on Google sites from which to download malicious payloads.

cybercrime News

0

19

SE Asian cybercriminals adopt drug-cartel tactics

A police raid on a Philippines online organization highlights not only the ongoing digital crime boom in Southeast Asia but also the increasingly blurred line between cybercrime and ordinary gangsters.

Police raided the premises of the Tarlac Pogo firm following a complaint filed by a Vietnamese worker who bore signs of having been recently tortured in the form of electrocution scars. The police discovered 875 people, including 504 foreigners, who had been lured to work for what purported to be an online gaming company, but was actually a forced labour camp operating romance scams.

AI News Workforce Cyber

0

17

Employee mistrust of workplace AI is growing

Amid widespread speculation that artificial intelligence (AI) will make most of today’s jobs redundant and even replace humanity itself, the UK’s Institute for the Future of Work has taken a more pragmatic approach.

Its study on the impact of modern technologies on almost 5,000 workers highlights employee concerns about the adverse effect AI is already having on their day-to-day work lives. While the majority of those surveyed believed that older technologies such as laptops and smartphones generally improve their quality of life, the same is not true of AI.

cybercrime Finance News

0

14

FBI reports record cybercrime losses in 2023

The US Federal Bureau of Investigation reports that last year the Internet Crime Complaint Center (IC3) received a record number of complaints, with potential losses exceeding $12.5 billion.

Although the figures for 2023 represent a 10 percent increase over 2022 and a 22 percent rise in losses suffered, the FBI fears that even this only represents the tip of a vast unseen iceberg of cybercrime. The report quotes the FBI’s recent infiltration of the Hive ransomware group, which discovered that only 20 percent of victims had reported the incidents to law enforcement authorities.

Geopolitics News ransomware

0

24

Ransomware alert for US critical infrastructure

The US Federal Bureau of Investigation (FBI) and the US Cybersecurity and Infrastructure Security Agency (CISA) have jointly issued a stark warning. The Phobos ransomware-as-a-service (RaaS) model is now being widely used by threat actors of all kinds to attack a wide variety of critical infrastructure across America.

“Since May 2019, Phobos ransomware targeted municipal and county governments, emergency services, education, public healthcare, and other critical infrastructure entities,” says the joint cybersecurity advisory document.

Phobos RaaS is particularly dangerous as it is an off-the-shelf software that can be deployed by even relatively unskilled threat actors in conjunction with other open-source tools such as Smokeloader, Cobalt Strike, and Bloodhound. These tools are all widely accessible and easy to use in various operating environments, making Phobos the obvious go-to choice for a wide variety of threat actors.

AI cybercrime News

0

25

Public AI opens doors to cybercrime

Companies using public artificial intelligence (AI) services such as Microsoft-backed ChatGPT are at increasing risk of allowing cybercriminals to access confidential data. According to cybersecurity firm Group-IB’s Hi-Tech Crime Trends Report 2023/2024, between June and October of 2023, over 130,000 unique hosts with access to OpenAI were compromised, representing a 36 percent rise over the first five months of the year.

Companies currently take one of two main approaches to integrating AI into workflows. One is to use public AI models and the second is to create bespoke proprietary AI systems based on pre-trained and available models. The second approach is by far the safest as it helps control data exchange with AI systems at every stage, guaranteeing confidentiality. But this is far more expensive and labor-intensive than using more insecure publicly available AI services.

cybercrime Healthcare News

0

29

BlackCat gives go-ahead for healthcare attacks

Following actions taken against the infamous BlackCat ransomware group in December by the US Federal Bureau of Investigation (FBI), the cybercriminal gang has warned it is taking off the gloves in its fight with law enforcement. BlackCat previously took pride in regularly announcing that it does not encourage or support affiliates who target crucial sectors such as healthcare. But this approach has changed radically since the end of 2023.

“Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized. This is likely in response to the ALPHV Blackcat administrator’s post encouraging its affiliates to target hospitals after operational action against the group and its infrastructure in early December 2023,” said the FBI.

Cyber Espionage Geopolitics News

0

30

Geopolitical crises fuel cyber-attacks in the US

As geopolitical tensions and conflicts rise across the globe, so are cyber-attacks on critical Western infrastructure, particularly industrial facilities running on operation technology (OT) systems.

Ransomware attacks on industrial organizations increased by over 50 percent in 2023, according to a report by cybersecurity firm Dragos: OT Cybersecurity – 2023 in Review. Seventy percent of all ransomware attacks targeted 638 manufacturing entities in 33 unique manufacturing subsectors.

Dragos tracked a total of 21 threat groups targeting industrial organizations including three new threat groups: Gananite, Laurionite, and Voltzite. Dragos reports all three new groups as conducting diverse operations against various organizations, including cybersecurity research firms, government and military defense entities, rail, manufacturing, automotive, and utilities. Voltzite has been the most active of the three in targeting critical infrastructure.

cybercrime News ransomware

0

19

Ransomware is evolving into protection rackets

There is growing evidence that ransomware gangs are rapidly evolving into full-scale protection rackets. Ransomware gangs are increasingly returning to fleece their victims multiple times, even after the ransom has been paid.

“Despite most victims agreeing to pay the ransom, less than half who did get their systems and data back uncorrupted. And most were breached again within a year,” says security company Cybereason’s report Ransomware: the true cost to business 2024.

All of the 1008 enterprise IT professionals surveyed had been breached at least once in the past 24 months. While 84 percent paid the ‘ransom’, only 47 percent got their data and services back intact. But this new generation of ransomware attacks frequently do not stop – even once the ransom is paid. An astonishing 78 percent were breached again and 63 percent were asked to pay more the second time. In 36 percent of the cases, the second attack was carried out by the same gang that conducted the first.

Geopolitics Hacktivism News

0

16

Doppleganger mob set to spike US and UK elections

Russian hacktivists named Doppelgänger have been interfering in Germany’s elections with a view to influence the outcome of upcoming European elections, according to a report from SentinelLabs and ClearSky Cyber Security.

“Doppelgänger represents an active instrument of information warfare. We anticipate that Doppelgänger’s activities, targeting not only Germany but also other Western countries, will persist and evolve, particularly in light of the major elections scheduled across the EU and the USA in the coming years,” says the report.

China Geopolitics News

0

28

FBI declares cyber-war on China

US Federal Bureau of Investigation (FBI) director Christopher Wray used his keynote speech at the weekend’s Munich Cyber Security Conference, which many regard as the security version of Davos, to effectively declare cyber-war on the People’s Republic of China (PRC).

“Our adversaries have been improving exponentially,” warns Wray. “Chief among those adversaries is the Chinese government…the cyber threat posed by the Chinese government is massive.”

Wray added that China’s hacking program is larger than that of all the other major world nations combined and that the PRC is using AI technology stolen from the Western powers to vastly increase the present threat. The FBI director told the major world powers assembled in Munich at the weekend that a new enhanced level of cooperation between government agencies such as his and the private sector is the only way to counter this new Red Menace.

1
2
3
4
5
6