November 30, 2025

Dark Light

Search

Aerospace Breaking News News

0

15

Cyber-attackers try to divert a commercial flight

Airline security has just entered a new era with news that on Saturday cybercriminals hacked the communications network on a commercial flight and tried to divert the plane to a fake destination and into the hands of the gang.

On Sunday, EL AL Israel Airlines confirmed the attack on one of its planes. During the attack, instructions were given to the El Al crew that differed from their set route, alerting them to the possibility that terrorists were planning to crash the plane or that their attackers were planning a kidnapping.

Cybercrime Expert Opinions Geopolitics

0

17

Exclusive interview with top military scientist

In an exclusive interview with Cyber Intelligence, top Israeli military scientist Prof. Isaac Ben-Israel reveals that Iran has tested a missile in space that could strike the UK and assesses the likelihood and nature of a full-scale outer-space cyber war and why children should be taught cybersecurity in elementary school.

cybercrime News Social Media

0

9

90 percent of US users mistrust social media

Nine out of 10 US citizens do not trust social media. In some other developed markets, trust in services such as Facebook is even lower. In the UK, only three percent of consumers trust social media services with their personal data, and in Japan, it is only two percent, about one in fifty.

Thales 2024 Digital Trust Index, which surveyed 12,426 people worldwide, reports that, while the majority of users mistrust social media and online retail and entertainment services, trust in some other services is far higher. Consumers have much more trust in banking, healthcare, and government services when it comes to sharing their personal data – a universal trend witnessed in all the markets surveyed. Banking services are the most highly trusted with 44 percent of users placing their trust in them. This was closely followed by healthcare with 41 percent and government services with 37 percent.

Business Email Compromise Cloud Security News

0

10

High level executives targeted in ongoing attacks

Highly organized cybercriminals suspected to be based in Russia and Nigeria are targeting hundreds of executives in dozens of organizations in an ongoing Microsoft Azure cloud account takeover (ATO) campaign.

According to US cybersecurity firm Proofpoint: “As part of this campaign, which is still active, threat actors target users with individualized phishing lures within shared documents.”

Innocent but weaponized documents sent to key executives include embedded links to “View Document”, which automatically directs them to a malicious site. The users affected by the attacks occupy a variety of trusted positions within their organizations. Victims include chief financial officers (CFOs), finance managers, account managers, corporate vice presidents, and sales directors. Proofpoint believes that targeting this variety of executive positions is far from being a series of random phishing attacks.

cybercrime News ransomware

0

30

Ransomware payments top US$1 billion in 2023

Last year, ransomware payments topped US$1 billion for the first time. According to a report from blockchain analyst firm Chainalysis, in 2023 ransomware gangs reached “an unprecedented milestone” in extorted cryptocurrency payments.

“This number does not capture the economic impact of productivity loss and repair costs associated with attacks. This is evident in cases like the ALPHV-BlackCat and Scattered Spider’s bold targeting of MGM resorts. While MGM did not pay the ransom, it estimates damages cost the business over US$100 million,” warns the report.

AI cybercrime News

0

37

Deepfake face swaps hijack video meetings

Artificial Intelligence (AI) tools such as face swaps are now being used in Mission Impossible-style cyber-enabled financial crimes. The South China Morning Post reports that last month criminals defrauded a multinational Hong Kong firm of HK$200 million (US$26 million) by using deepfake video technology.

The cybercriminal gang initially sent a message to an employee in the finance department of the unnamed company, inviting him to a video conference via a message purporting to be from the organization’s chief financial officer (CFO). While on the video conference, the employee was joined by what looked and sounded sufficiently like his CFO and other colleagues to convince him to make a fraudulent transfer of company funds.

Cyber Espionage News Spyware

0

21

Nation-state spyware goes mainstream

Commercial surveillance technology targeting smartphones, once the province of spymasters, is now becoming widely available on the open market. It is not only high-profile individuals such as politicians who are now threatened but also business people and ordinary smartphone users.

Half of the known zero-day exploits (a previously unknown vulnerability) used against Google and Android devices can be attributed to commercial surveillance vendors (CSVs), according to a new 50-page report from Google, Buying Spying: Insights into Commercial Surveillance Vendors.

“The commercial surveillance industry has emerged to fill a lucrative market niche: selling cutting edge technology to governments around the world that exploit vulnerabilities in consumer devices and applications to surreptitiously install spyware on individuals’ devices,” says Google.

Cryptocurrency cybercrime News

0

15

‘Pig Butchering’ crypto-fraudsters net billions

‘Pig Butchering’, a new and particularly mean and ruthless form of cryptocurrency fraud that originated in China, has evolved into a global scourge.

Sha zhu pan, which translates as “pig-butchering”, uses sophisticated fraudulent decentralized finance (DeFi) applications to bypass most of the defenses provided by mobile device vendors. WhatsApp is the preferred platform for targets outside China; Telegram is also used, as is Skype.

According to cybersecurity firm Sophos: “Originating in China at the beginning of the COVID pandemic, ‘pig butchering’ scams have expanded globally ever since, becoming a multi-billion-dollar fraud phenomenon.”

Cyber Espionage Energy Sector News

0

20

Critical infrastructure under increased attack

France-based Schneider Electric became the latest utility company to succumb to a ransomware attack on January 17, when some of its business divisions serving several critical industries were taken down. Although access to the system was eventually re-opened on January 31st, the incident underlines the growing seriousness of cyber-attacks aimed at the West’s critical infrastructure. Schnieder Electric has an annual turnover of over 42 billion and employs over 150,000 people.

The ransomware attack on Schneider Electric coincides with news that, in the US, the Federal Bureau of Investigation (FBI) has recently neutralized a botnet controlled by a Chinese threat group. The White House had previously authorized the FBI to take down the botnet after federal agencies and private sector researchers had accused cyberespionage gang Volt Typhoon of a major campaign aimed at a wide range of the US’s critical infrastructure.

cybercrime News sextortion

0

22

Sextortion racket triggers US youth suicides

Financial sextortion is now the most rapidly growing crime targeting American, Canadian, and Australian youth. The US Federal Bureau of Investigation (FBI) has called it: “a global crisis that demands everyone’s attention” – having observed a one thousand percent increase in financial sextortion incidents over the last 18 months.

In a December 2023 hearing, FBI Director Wray warned Congress that sextortion is “a rapidly escalating threat,” and teenage victims “don’t know where to turn.”

Almost all this activity is linked to West African cybercriminals known as the “Yahoo Boys”, who primarily target English-speaking minors and young adults on the online social networks: Instagram, Snapchat, and Wizz, according to the Network Contagion Research Institute (NCRI) report, “A Digital Pandemic: Uncovering the role of ‘Yahoo Boys’ in the Surge of Social Media-enabled Financial Sextortion Targeting Minors.

Analysis cybercrime Supply Chain

0

25

Supply-chain attacks impacted 54m victims in 2023

Last year saw exponential growth in the number of organizations impacted by supply-chain attacks, although the increase in the number of organizations targeted has remained slow. According to the 2023 data breach report from the Identity Theft Resource Center (ITRC) the number of organizations impacted has surged by more than 2,600 percent since 2018, affecting over 54 million victims.

“We must acknowledge the significant impact of Supply Chain Attacks and their effect on all organizations. A single supply chain attack can directly or indirectly impact hundreds or thousands of businesses that rely on the same vendor,” warns the ITRC.

While supply chain attacks have been around for many years, the ability to automate and launch the attacks at scale accelerated in 2018. The MOVEit attack last year shows the scope and scale a Supply Chain Attack can have. According to the report, 102 entities were directly impacted by threat actors exploiting a MOVEit product. However, 1,271 organizations were indirectly affected when information stored in or accessed by a MOVEit product or service was compromised via a vendor or vendors.

0

31

Businesses turn their back on GenAI

The reaction of businesses to the introduction of generative AI (GenAI) in the year since the launch of Microsoft-backed ChatGPT is one of increasing suspicion and disappointment.

Over one in four organizations have banned the use of GenAI outright. The majority of companies are now also refusing to trust a technology that has already gained a reputation for making errors and even entirely fabricating information, a failing that is referred to as “hallucinating”.

According to Cisco’s newly-released 2024 Data Privacy Benchmark Study, 68 percent of organizations mistrust GenAI because it gets results wrong and 69 percent also believe it could hurt their company’s legal rights. The study draws on responses from 2,600 privacy and security professionals across 12 geographies.

Cyber Budget cybercrime News

0

14

Budget shortfalls power cybercrime surge

Over half of all companies worldwide quote inadequate cybersecurity budgets as a key factor underpinning a dramatic rise in global cybercrime in the first three quarters of 2023.

According to a survey of almost 2,000 cybersecurity practitioners worldwide undertaken by the Ponemon Institute and commissioned by cybersecurity firm Barracuda: “There are a number of common factors that contribute to organizations’ exposable security postures. These include significant IT security budget shortfalls, a general lack of consistent enterprise-wide security policies and programs, ineffective (or no) incident response plans, and an inability to protect against automated security attacks criminals create using generative AI technology.”

Fifty-five percent of respondents quoted inadequate IT security budgets as the chief cause of their growing vulnerability to cyber-attacks. A further 42 percent highlighted inadequate enterprise-wide security policies and programs. A lack of inventory of third parties with access to sensitive and confidential data adversely impacted 38 percent. Another key factor is a lack of support from senior leadership, with 25 percent of respondents saying that management teams fail to regard cyberattacks as a significant risk.

Cyber Espionage Hacktivism News

0

15

Iran targets Western journalists

Hackers with close ties to the intelligence arm of Iran’s military, the Islamic Revolutionary Guard, are now personally targeting journalists, professors, and researchers. According to Microsoft, which detected the new activity, Iran is anxious to gather information on the entire range of Western views regarding the ongoing conflict in the Middle East.

“Based on the identities of the targets observed in this campaign and the use of lures related to the Israel-Hamas war, this campaign may be an attempt to gather perspectives on events related to the war from individuals across the ideological spectrum,” says Microsoft.

The Iran-backed hackers, known as Mint Sandstorm, a composite name used to describe several subgroups of activity with ties to the Islamic Revolutionary Guard, use a range of new techniques. For example, the hackers use legitimate but compromised email accounts to conduct highly planned phishing attacks against key journalists.

Breaking News Business Email Compromise News

0

27

Third-Party Attacks on the Rise

Criminal gangs are exploiting a new “side door” into organizations via connected third-party applications including everything from calendars to creative tools. Thwarted by the recent success of anti-phishing cybersecurity and aided by artificial intelligence (AI), criminal gangs are now compromising email accounts through third-party attacks.

“Third-party applications connected to the email environment are being exploited, and organizations are making the lives of bad actors easier as they continue to connect more applications with high-risk permissions. Application overload is a common and dangerous trend,” says cybersecurity firm Abnormal Security.

Abnormal Security believes that, although vulnerabilities in third-party software accounted for 13% of all breaches in 2022, costing organizations an average of US$4.55 million per incident, the problem has since worsened considerably. It quotes a recent vendor email compromise (VEC) attack that almost netted the criminals US$36 million, although most VEC attacks target less than US$150,000.

cybercrime News ransomware

0

23

British Library breach highlights new threat

The British Library, which houses about 14 million books plus manuscripts and items dating back to 2000 BC, was forced offline in October after refusing to pay a £600,000 ransomware demand.

According to The Financial Times, the digital destruction caused by the “deep and extensive” ransomware attack means that the world-renowned library will now be forced to pay ten times that sum to rebuild its online services at a cost of £6 million to £7 million, taking it offline for up to a year. The British Library breach is further evidence of the devastating speed of the latest generation of ransomware attacks.

Cybersecurity firm Sophos’s State of Ransomware 2023 report says that threat actors now succeed in encrypting data in 76 percent of ransomware attacks, up from 65 percent in 2022. According to Sophos, there has also been a 62 percent year-on-year rise in intentional remote encryption attacks since 2022

Analysis Cyber Media cybercrime

0

16

Cyber-gangs to launch media offensive in 2024

Cybercrime, which has become a multi-trillion-dollar industry over recent decades, became increasingly sophisticated during 2023, with criminal groups now adopting many of the business practices used by legitimate enterprises. According to a new report from cybersecurity firm, Sophos, leading ransomware gangs now increasingly employ their own internal HR and PR departments.

Far from shying away from the media, as criminals always have in the past, some ransomware gangs have been swift to seize the opportunities it affords them. Some regularly issue press releases and take great pains to forge relationships with individual journalists using the same PR methods as those employed by legitimate corporations. Threat actors also offer Frequently Asked Questions (FAQs) and answers for journalists visiting their leak sites, encouraging reporters to get in touch, give in-depth interviews, and recruit writers, reports Sophos.

Data Leak Finance News

0

21

Mr. Cooper breach exposes 14m victims’ data

US mortgage service provider Mr. Cooper has disclosed a breach to the U.S. Securities and Exchange Commission (SEC) affecting over 14.5 million people. Breached data includes names, addresses, phone numbers, social security numbers, dates of birth, and bank account numbers. The Mr Cooper breach is indicative of several trends likely to shape the cybersecurity industry in 2024.

The new obligation to report material cyber breaches within four days that came into effect last week on December 15 is widely expected to reveal a huge iceberg of what might have previously been unreported and, therefore, uncounted cyber breaches. The obligation to detail the loss and those affected also puts a big onus on organizations in all sectors to implement systems capable of identifying and tracking any intrusions into their network.

AI Breaking News News

0

21

Pope calls for global AI regulation in 2024

The New Year is set to start with a call to regulate artificial intelligence (AI) coming from a man whose views are considered by hundreds of millions of people to be infallible. On New Year’s Day, His Holiness Pope Francis is scheduled to issue a stark warning to the governments of the world on the dangers inherent in AI.

On January 1, 2024, His Holiness will announce: “Techno-scientific advances, by making it possible to exercise hitherto unprecedented control over reality, are placing in human hands a vast array of options, including some that may pose a risk to our survival and endanger our common home”.

Having warned that AI is a threat not to humanity but to the existence of the Planet Earth itself, His Holiness will then exhort “the global community of nations” to urgently adopt a binding international treaty to regulate not only the use of AI, but also its development.

Energy Sector News Supply Chain

0

17

Top 10 US energy firms hit by 3rd-party attacks

Nine out of ten of the world’s leading energy companies, including the top ten US energy companies, experienced a third-party data breach sometime in the last 12 months. According to cybersecurity ratings company Security Scorecard, while only four percent of leading energy companies worldwide suffered a direct data breach, most were compromised via a supplier, contractor, or other third-party organization.

“Fueling the global economy and daily life, reliance on the energy sector elevates it as a prime target for cyberattacks. Amid economic and political uncertainties, concerns about safeguarding this vital sector intensified. Energy attacks not only result in financial losses and disruptions but ripple through manufacturing, healthcare, and transportation sectors,” says Security ScoreCard.

Aerospace News Phishing

0

19

US aerospace company hit by cyber-attack

An unknown threat actor has breached an as-yet-unnamed US aerospace company. According to BlackBerry, who first highlighted the attack, the threat actor’s weaponization of a phishing attack became operational around September 2022, with the offensive phase of the attack occurring almost a year later in July of this year.

The cybercriminals responsible, whom BlackBerry has christened “AeroBlade,” are believed to have used the intervening nine months to develop the additional resources necessary to ensure access to the aerospace company’s systems to exfiltrate potentially highly valuable information – pointing to a high degree of professionalism and persistence on the part of the attacker.

AI Government News

0

24

EU’s planned AI rulings meet opposition

Next Wednesday will see the last round in a “King Kong meets Godzilla”-style contest between the European Union and the global technology sector over proposed regulations from Brussels to control AI. The opening rounds have been fought by lawyers, lobbyists, and bureaucrats over the monitoring of foundation model AI services such as GPT-4, access to source codes, fines for disobeying the Brussels rulings, and other related topics.

However, EU member states France, Germany, and Italy are known to be opposed to the EU’s proposed rulings and to favor self-legislation by the technology sector, as opposed to being constrained by hard rules dictated by Brussels. French AI company Mistral and Germany’s Aleph Alpha have criticized the EU’s tiered approach to regulating foundation models, defined as those with more than 45 million users.

Chip Technology Cyber Espionage News

0

14

Chip war with China heats up

As the Biden administration prepares to impose further limits on China’s access to leading-edge chip technology, news has broken over the weekend that Chinese hackers have been siphoning off some of Europe’s ground-breaking chip technology for years.

The infamous Chinese hacker group Chimera, had access to the network of Dutch semiconductor giant NXP, for over two years, from late 2017 to the beginning of 2020. The hackers, believed to be backed by the Chinese Communist Party (CCP), are understood to have consistently stolen intellectual property, including, crucially, the company’s cutting-edge chip designs. According to sources close to the situation, the full extent of the threat has still to be disclosed.

cybercrime Human Error News

0

15

IT security responsible for 14% of cyber-breaches

A staggering 14 percent of cyber incidents are due to senior IT security staff errors, compounded by a further 15% of errors caused by other IT staff. According to a new study published by cybersecurity firm Kaspersky, over the last two years, 77 percent of companies experienced between one and six cybersecurity breaches, with IT security staff being directly culpable for almost a third of all cybersecurity breaches.

Government News SEC

0

20

US Congress tries to block new cyber rulings

New cybersecurity rulings due to come into full force less than a month from today are being blocked in the US Congress and the House of Representatives. The new rulings include the mandatory reporting of any ‘material’ cyber-attack within four working days and were drawn up by the Securities and Exchange Commission (SEC).

But, according to a statement issued by Congressman Andrew Barbarino, Chairman of Homeland Security’s Cybersecurity and Infrastructure Protection Subcommittee, and Senator Thom Tillis: “This cybersecurity disclosure rule is a complete overreach on the part of the SEC … also increasing cybersecurity risk without a congressional mandate and in direct contradiction to public law that is intended to secure the homeland.”

Cybercrime Gambling News

0

19

FBI targets casino cybercrime

The attacks first identified by the FBI frequently targeted small and tribal casinos, encrypting servers and the personally identifying information (PII) of employees and patrons. As of June 2023, the FBI also reports that the Silent Ransom Group (SRG), also called Luna Moth, conducted callback phishing data theft and extortion attacks by sending victims a phone number in a phishing attempt, usually relating to pending charges on the victim’s account. When the victims called the provided phone number, cybercriminals directed them to a legitimate system management tool via a link provided in a follow-up email.

Analysis Phishing Search Engine

0

14

Beware the poisoned search

Conducting an innocent online search for any business-related document, such as a legal contract, has become as potentially risky as opening a link in an unsolicited email. Ransomware gangs, usually outside US, UK, and EU jurisdiction, are now luring business users of popular search engines to compromised websites designed to look like professional forums, creating a back door into the searcher’s entire organization.

AI Analysis cybercrime Government

0

21

Interpol demands global action to tackle cybercrime

Interpol is demanding that the world’s governments and business leaders act together to stem the rapidly rising global tide of cybercrime. Speaking this week at the Global Cybersecurity Forum in Riyadh, Interpol’s assistant director of cybercrime operations, Bernardo Pillot, urged the world’s governments and business leaders to adopt a more collective approach to online dangers.

Data Leak News Threat Intelligence

0

29

Enterprises face a steep rise in insider threats

As we predicted earlier this year, harsh economic conditions across Western democracies are acting as a catalyst for cybercrime – particularly those cyber-attacks that target staff inside the organization. As cybersecurity becomes more effective, cybercriminals are finding ways to bypass digital security barriers by victimizing and sometimes terrorizing key personnel within the target organization.

AI Government News

0

24

Global AI summit mired in controversy

The UK-hosted Artificial Intelligence (AI) Safety Summit due to take place on Wednesday and Thursday this week, attended by world leaders and AI experts, is set to become the focus of a widening global debate on the dangers of AI. Last Thursday, UK Prime Minister Rishi Sunak set out the agenda for the discussion, coming down heavily on the side of the AI doom-mongers, who once again are warning that AI poses an existential threat to humanity itself.

Data Leak News SMB

0

26

Three-quarters of SMBs hit by serious cyber-attacks

Roughly three-quarters of small-to-medium-sized businesses (SMBs) have experienced a cyber-attack, a breach, or both in the last year. According to non-profit organization the Identity Theft Resource Center (ITRC)’s third annual ITRC Business Impact Report, 73 percent of owners or leaders of SMB’s reported being attacked or breached in the past 12 months, following a slight dip in the previous year.

Cyber Espionage News North Korea

0

24

North Korea funding weapons program with cybercrime

Last week, the US seized 17 website domains alleged to have been used to defraud US and foreign businesses. These seizures come hard on the heels of previously sealed October 2022 and January 2023 court-authorized seizures of approximately $1.5 million of the revenue that the same group of IT workers collected from unwitting victims. According to the US Justice Department, The Democratic People’s Republic of North Korea has installed bogus contractors to steal from US companies in order to pay for weapons development.

cybercrime Healthcare News

0

16

Plastic surgeons and patients targeted in extortion rackets

The Federal Bureau of Investigation (FBI) warns that cybercriminals and online blackmailers are targeting plastic surgeons to harvest electronically protected health information (ePHI) on their patients. Personal ePHI includes sensitive information and photographs, enabling the cybercriminals to extort money from the patients themselves as well as from plastic surgery practices, something that could prove lucrative to blackmailers targeting wealthy celebrities who are in the public eye.

Israel Conflict Malware News

0

11

Hamas hijacks dead hostages’ smartphones for cyber-strikes

Terrorist group Hamas, which was responsible for the recent atrocities committed in Israel, is reported to be using the smartphones of dead and captured Israeli hostages as entry points to monitor Israeli citizens in preparation for forthcoming cyber-strikes on Israel.

Breaking News Finance News

0

16

Lloyd’s warns of a potential $3.5 trillion cyber-strike

According to Lloyds, a single well-orchestrated cyber strike breaching a financial services payments system could lead to losses of $1.1 trillion in the US alone, with global losses amounting to $3.5 trillion over a five-year period. China would face losses of around $470 billion and Japan $200 billion.

Cyber Espionage Israel Conflict News

0

30

Israel conflict spreads to cyberspace

Israel-based cybersecurity firm Check Point Software said that the company has tracked over 40 groups conducting attacks that overwhelmed and disrupted more than 80 websites starting with the day of the Hamas onslaught. These included government and media sites and have the appearance of a concerted cyber follow-up to the genocidal terrorist attacks that took place on the ground.

News ransomware Trends

0

26

Ransomware gangs start to fight dirty

According to cybersecurity company SecureWorks’ annual State of the Threat Report, over the last 12 months, attackers have shortened the time between the initial penetration of the corporate network to the ransomware demand itself from 4.5 days to less than one day. This period, known in the cybersecurity industry as ‘dwell time’, offers well-equipped cybercriminals a leisurely opportunity to drain the company of funds and its most sensitive secrets. In 10 percent of cases, ransomware was even deployed within five hours of initial access.

Cyber Espionage Geopolitics News Taiwan

0

21

Taiwan hit by major cyber-espionage attack

A cyber-espionage campaign in the Pacific, directed principally at Taiwan, which took place in the Spring, has now come to light. According to cybersecurity company, Symantec, a large-scale program of cyber-enabled international espionage began in February 2023 and continued until at least May 2023.

AI Malware News

0

17

Beware of Death by a Billion Bots

US corporations lose an average of 4.3 percent of their online revenues to malicious ‘bots,’ malware designed to resemble human communications. Malware attacks of this nature accounts for an average annual loss of $86.5 million a year for corporations with average annual online revenues of $1.9 billion, according to a new report from cybersecurity firm Netacea, “Death by a Billion Bots: The Accumulating Business Cost of Malicious Automation”.

1
2
3
4
5
6