November 30, 2025

Dark Light

Search

Arrest Breaking News News

0

19

Telegram chief arrested in Paris

Speculation is today mounting concerning the arrest of the popular encrypted messaging app Telegram head and founder, Pavel Durov, at Le Bourget airport north of Paris on Saturday evening. The arrest has been widely reported in France, although the authorities have yet to issue a full statement.

In the past, the French president. Emmanuel Macron and his team have been enthusiastic users of Telegram, using it to orchestrate their political strategies. But Durov’s arrest on Saturday is now being seen as part of an attempt by the UK and the European Union to curtail the reach and influence of largely unregulated communications platforms such as Telegram and X (formerly Twitter). This theory is born out of sources close to the situation, who believe that Durov will face charges of complicity in drug trafficking, crimes against children, and fraud – all allegedly stemming from a lack of moderation controls on Telegram.

Banking Threats Cybersecurity Executives Expert Opinions

0

13

Banks swamped by fake account scams

In an exclusive interview with Cyber Intelligence, Andy Sheldon, North American VP of US-based ID fraud specialist Deduce reveals how banks are now struggling to combat armies of fake account holders currently being generated by artificial intelligence (AI).

AI Analysis European Union

0

20

EU AI Act to act as a template for other regions

The European Union (EU) Artificial Intelligence (AI) Act, which came into effect earlier this month, is now set to act as a template for other regions, such as the US. The American government has already drafted an AI Bill of Rights, which aims to create a similar framework regulating AI.

However, while governments are rightly concerned about the personal privacy aspect of the universal adoption of AI, some have a dangerously bullish view of the new technology’s potential. Despite a deluge of hilarious howlers, such as Google’s AI-driven images of African Vikings and American founding fathers, politicians anxious not to be left behind in the tech race swallowed Silicon Valley’s AI hype hook, line, and sinker.

Geopolitics Government News

0

17

America’s enemies strive to sway the US presidential election

Nations hostile to America, primarily Russia and China, are currently doubling down on their efforts to influence the outcome of the upcoming US elections. So far, their efforts appear to be directed at preventing Donald Trump from winning a second term as president, possibly fearing a Republican victory could herald the US taking a tougher stance on international affairs.

According to an extensive nine-page Microsoft threat intelligence report: “Foreign malign influence concerning the 2024 US election started off slowly but has steadily picked up pace over the last six months due initially to Russian operations, but more recently from Iranian activity.”

Geopolitics News Russia

0

25

The West braces for massive Russian cyber offensive

Russia is believed to be planning widespread cyber-attacks on the West in part retaliation for Ukraine’s cyber-attack, which recently crippled Russia’s financial services.

“In retaliation to NATO support for Ukraine, cyberwarfare coinciding with the ongoing Russia-Ukraine conflict will likely include focused state-level attacks against Western critical and military sectors launched by Moscow’s hacker groups,” says Craig Watt, a consultant specializing in strategic and geopolitical intelligence at cybersecurity firm Quorum Cyber.

cybercrime News Vulnerability

0

26

Sharp rise in blindside cyber-attacks

More than one in five cybersecurity professionals report having had a cyber hit requiring immediate attention despite having threat-based detection and response security measures in place. According to a survey conducted by cybersecurity firm Criticalstart, 2024 Cyber Risk Landscape Peer Report, 2023’s figure of 83 percent represents a 21 percent increase from 2023.

Criticalstart also reports a sharp rise in the cost of data breaches. The average cost of a data breach reached an all-time high of $4.45 million in 2023 – a 15 percent increase over the past three years. Organizations with under 500 employees reported an average breach-impact increase from $2.92 million to $3.31 million—a rise of 13.4%.

AI Cybersecurity Events deepfake News

0

27

Deepfakes set to deceive at DEF CON

It looks as if deepfakes will be the hot topic at the big international hacker conference DEF CON in Las Vegas next week, just as they took center stage at InfoSecurity Europe in London in June.

Visitors to DEF CON’s Artificial Intelligence (AI) village will be encouraged to create their own highly professional deepfake videos of fellow conference attendees by cybersecurity company Bishop Fox’s red team. The purpose is to educate conference goers about the growing dangers now posed to all organizations by deepfake calls purporting to come from senior executives or highly-trusted members of staff.

Breaking News Geopolitics News

0

21

Ukraine takes down Russia’s financial services

Hackers from Ukraine’s Main Intelligence Directorate claim to have effected one of the largest Distributed Denial-of-Service (DDoS) attacks in history, derailing Russia’s financial services.

According to the Kyiv Post, the attack compromised the online services of all major Russian banks, including the Central Bank, telecommunications service providers, national payment systems, social networks and messengers, government resources, and dozens of other services.

The affected Russian financial institutions are reported to include VTB Bank, Alfa Bank, SberBank, Raiffeisen Bank, RSHB Bank, Ak Bars Bank, Rosbank, Gazprombank, Tinkoff Bank, iBank, Dom.RF Bank, and the Bank of Russia. On the last day of the attack, the resources of the Russian Ministry of Defense, the Ministry of Internal Affairs. The Federal Tax Service was also reported to have been affected.

Big Tech News Vulnerability

0

23

Latest Microsoft outage ‘triggered’ by a cyber-attack

A second outage of several Microsoft services in two weeks, this one attributed to a cyber-attack, is fuelling further questions about the underlying security of the Windows operating system.

According to Microsoft: “While the initial trigger event was a Distributed Denial-of-Service (DDoS) attack… initial investigations suggest that an error in the implementation of our defenses amplified the impact of the attack rather than mitigating it.”

Services affected included Outlook, Azure, and Microsoft 365, with some people complaining on social media that they were unable to work. Starbucks customers also reported issues with the Starbucks app in Boston, New York, Washington DC, Dallas, Chicago, Los Angeles, Tampa and other cities. The disruption caused by this latest outage is, however, minor compared with the Windows outage caused by a mishandled CrowdStrike security upgrade, which resulted in canceled flights and marooned passengers in major international airports around the world last week.

cybercrime News Supply Chain

0

8

Cyber-piracy on the high seas

Escalating geopolitical instability in the South China Seas and The Red Sea are being seen as the root cause behind a rapid rise in cyber-attacks on commercial shipping, as well as a sharp increase in cyber-assisted piracy.

“The risk has escalated significantly in the past year due to heightened geopolitical tensions and increased cyber capabilities of threat actors…The average cost per data breach now exceeds $545,000 for a shipping organization,” says Freight Right Global Logistics CEO Robert Khachatryan.

According to C. Todd Doss, Senior Managing Director at Guidepost Solutions: “Over the past year, these risks have escalated notably. Reports indicate that cyber-attacks on maritime infrastructure and vessels increased by over 20% in 2023 compared to the previous year .”

Analysis cybercrime Vulnerability

0

27

Exclusive: CrowdStrike crash is only the beginning…

The famous “blue screen of death,” witnessed with horror by 8.5 million Microsoft Windows users worldwide as a result of the ongoing CrowdStrike outage, may soon become a far more familiar sight across a wide range of sectors.

While there is no evidence that the widespread Microsoft Windows outage caused by the CrowdStrike upgrade was anything but accidental, many in the cybersecurity industry are seeing the past week’s experience as a dummy run for a full-fledged cyber-attack aimed at crippling critical infrastructure. As the current media pictures of people sleeping in airports testify, some sectors appear to be faring better than others.

Big Tech News Vulnerability

0

18

Cybercriminals capitalize on CrowdStrike outage

Organized cybercriminal gangs have lost little time in attempting to cash in on the ongoing CrowdStrike/Windows outage currently affecting banks, airlines and businesses.

According to the UK’s National Security Cyber Centre: “An increase in phishing referencing this outage has already been observed, as opportunistic malicious actors seek to take advantage of the situation. This may be aimed at both organizations and individuals.”

Analysis Cyber Espionage Geopolitics

0

24

Exclusive: Hostile nations ramp up attacks on US infrastructure

Recent reports that ransomware attacks on industrial organizations increased by over 50 percent in 2023 represent only “the tip of the iceberg.” According to operational technology (OT) cybersecurity company IXDen, critical infrastructure across the US is being attacked at unprecedented levels.

“The vast majority of cyber breaches of critical infrastructure such as water and power facilities go unreported, although a precise figure is impossible to gauge. Those that are reported in the media are only the tip of the iceberg. OT attacks on private businesses are not reported at all, and in public organizations, they are rarely reported,” says IXDen CEO and Co-Founder Zion Harel.

cybercrime News Vulnerability

0

15

‘Shadow IT’ poses a rapidly growing risk

The use of ‘shadow IT’, where staff purchase software without the approval of their IT department, is still on the rise. Despite being acutely aware of the cyber risks involved, three-quarters of security professionals admit to using off-the-shelf software-as-a-service (SaaS) applications in the last year.

According to a survey of over 250 global security professionals carried out by cybersecurity firm Next DLP, 73 percent admitted to using SaaS applications, with over half of the respondents naming data loss (65 percent), lack of visibility and control (62 percent) and data breaches (52 percent) as the chief risks inherent in using unauthorized tools. One in ten also admitted they were certain their organization had suffered a data breach or data loss as a result.

cybercrime Government News

0

21

Russian gang shuts down two Indiana counties

Clay County, Indiana, in the US, is sounding a Local Disaster Declaration in the wake of a “criminal ransomware attack” that occurred last week, following reports of increasing cyber-attacks on local governments across America.

“Clay County local government suffered a significant ransomware attack in the early morning hours of July 9, 2024. This has resulted in an inability to provide critical services required for the daily operation of all offices of the Clay County Courthouse, Community Corrections, and Clay County Probation,” said the county in an official statement.

Cyber Espionage News Phishing

0

14

Public sector phishing attacks increase fourfold

With national elections coming up later this year, US public-sector organizations are experiencing unprecedented levels of phishing attacks designed to dupe government staff into opening weaponized links in fake emails.

According to email security firm Abnormal Security: “Between May 2023 and May 2024, public sector organizations experienced an astounding 360 percent growth in phishing attacks. While phishing tends to consistently increase each year and regularly accounts for the majority of advanced threats, this level of growth is extraordinary.”

AI Analysis cybercrime

0

18

Exclusive: Expanding AI data centers have become tempting targets

Big Tech’s rapidly-expanding server farms are becoming increasingly tempting targets for ransomware gangs. In their Gadarene rush to be first with AI-based services, companies such as Google and Microsoft are not only abandoning any previous pretences about reducing their greenhouse emissions and energy consumption, they are also inadvertently building increasingly tempting targets for organized cybercriminals and nation-state threat actors.

The online industry’s vast data centers and server farms run on similar operational technology (OT) systems to other industrial facilities. Originally designed to run offline, these systems are notoriously difficult to secure, particularly when they need to interface with newer information technology (IT) systems.

AI Analysis deepfake

0

336

Exclusive: Deepfakes being used to manipulate share prices

Cash-rich cybercriminals are learning that the easiest way to make money on the stock markets while laundering cash at the same time is to use deepfake videos to impact share prices, albeit temporarily.

According to Tim Grieveson, Senior Vice President of Global Cyber Risk, BitSight: “Using video and audio deepfakes to manipulate share prices for financial gain is definitely happening, but is something no one is currently talking about.”

“Using a deepfake to announce a takeover could, for instance, drive up a stock in which the threat actor owns shares. Alternatively, a negative announcement such as a dire profits warning could be used to lower the share price so that the threat actor could buy the shares at a knock-down price, only to sell them again when the profits warning was seen to be fake” adds Grieveson.

Analysis Banking Threats cybercrime

0

21

Exclusive: Banks face a growing physical security threat

Banks, traditionally the main target for cybercriminal groups, are now being attacked not only by new online hacking techniques but also by a growing range of physical hacking tools and techniques. While financial institutions have high levels of cybersecurity and strong physical security, they currently face a growing threat from combined physical and digital assaults.

“Physical security and cybersecurity convergence in the business environment. A favorite weapon in the hacker arsenal is the Flipper Zero, an inexpensive pocketable device that enables you to hack into nearby smartphones and IT systems,” says Tim Grieveson, Senior Vice President of Global Cyber Risk, BitSight.

cybercrime News Retail

0

13

Levi’s breach exposes 72k customer details

Over 72,000 US consumers may have had their account details compromised following a cyber-attack on denim clothing giant Levi Strauss & Co. Almost two weeks ago, on June 13, Levi’s spotted an unusual spike in activity on its consumer-facing website and immediately realized its users were under threat.

“Our investigation showed characteristics associated with a “credential stuffing” attack where bad actor(s) who have obtained compromised account credentials from another source (such as a third-party data breach) then use a bot attack to test these credentials against another website – in this case www.levis.com,” said Levi’s in a published notice detailing the data breach.

China Chip Technology News

0

17

US to block use of Chinese semiconductor equipment

The US Congress has introduced a new act to prevent the Chinese and “other foreign entities of concern” from infiltrating the US’s domestic chipmaking industry.

The bill, the Chip Equipment Quality, Usefulness, and Integrity Protection Act of 2024 (Chip EQUIP Act), follows on from the CHIPS and Science Act, enacted in 2022, which earmarked roughly $280 billion in new funding to boost US domestic research and manufacturing of semiconductors. It included $39 billion in subsidies plus tax breaks for US chipmakers. However, China has recently matched this with a new $40 billion investment in its own semiconductor industry, which will heavily focus on chip manufacturing equipment. In April, Chinese tech giant Huawei announced investing in new R&D capabilities to rival US, Japanese, and Dutch firms.

AI Business Email Compromise News

0

21

AI-engineered email attacks are on the rise

Email scams aimed at business users are becoming increasingly sophisticated and increasingly tough to detect. Threat actors are now using artificial intelligence to research their targets in advance of an attack, a process known as ‘social engineering.’

Phishing attacks and email scams that appear to come from a trusted source make up 35.5% of all socially engineered threats, according to a report from cybersecurity firm Barracuda: Top Email Threats and Trends. Although these types of attacks have been around for some time, cybercriminals have recently devised ingenious new methods to avoid detection and being blocked by email-scanning technologies.

cybercrime Healthcare News

0

13

Healthcare attack exposes 200,000 Los Angeles patient records

The Los Angeles County Department of Public Health has been breached by a cyber-attack that has compromised the personal information of over 200,000 private individuals. This is the latest breach in a series of major cyber-attacks on the healthcare sector.

As with so many breaches, the Los Angeles County breach was the result of a phishing attack aimed at unsuspecting staff. The attack enabled a hacker to gain the log-in credentials of 53 public health employees and subsequently compromised the personal information of 200,000 patients.

According to the LA County Department of Public Health: “The information identified in the potentially compromised e-mail accounts may have included DPH clients/employees/other individuals’ first and last name, date of birth, diagnosis, prescription, medical record number/patient ID, Medicare/Med-Cal number, health insurance information, Social Security Number, and other financial information.”

cybercrime Geopolitics News

0

18

Cyber Tsunami Set to Overwhelm Paris Olympics

The Olympic games, which kick off in Paris towards the end of next month, are expected to attract over 15 million visitors to the French capital and generate around €11 billion. But there are also growing fears that the four-yearly global event will be the target of a tsunami of cybercrime and terrorism.

“The Tokyo Games in 2021 suffered 450 million computer attacks. Paris expects eight times more!” says the networking giant Cisco, an official partner for Paris 2024.

News One Minute Roundup

0

19

Microsoft Pauses AI Copilot+ Feature Rollout Due to Safety Concerns – June 14th

Microsoft revealed that it’s placing the AI-powered Copilot+ feature for PCs on hold due to critical safety concerns.

“We are adjusting the release model for Recall to leverage the expertise of the Windows Insider community to ensure the experience meets our high standards for quality and security,” Microsoft said in an update.

Big Tech News Vulnerability

0

19

Microsoft accused of major security gaps

Microsoft is accused of failing to implement some basic security controls on its hugely popular Visual Studio Code (VSCode) extensions marketplace. An open letter from independent researchers published on Medium reports “an incredible number of security design flaws implemented by Microsoft that provide amazing ways for threat actors to gain credibility and access.”

The researchers say the biggest security design flaw with VSCode extensions is the lack of any permission model. For example, a theme extension that should only change the colors of the user’s integrated development environment (IDE) may execute code and read or write files without any visibility or explicit authorization from the user. The researchers have also published research evidencing the security flaws highlighted in the open letter.

News One Minute Roundup

0

12

64% to Look for New Cybersecurity Jobs in the Next 12 Months – June 13th

According to a new Bitdefender survey, 64% of cybersecurity professionals are considering a shift to a new job in the sector within the next 12 months.

The 2024 Cybersecurity Assessment Report also discovered that 57% of respondents experienced a data breach in the last 12 months, mainly in the UK, Germany, and Singapore.

0

18

Musk deems “Apple Intelligence” offering insecure

Bereft of fresh ideas or new products, Apple’s main offering at its long-awaited annual Worldwide Developer’s Conference in Cupertino, California, is a cobbled-together artificial intelligence (AI) offering.

While AI may be Silicon Valley’s latest buzzword and marketing tool, “Apple Intelligence,” as Apple AI is branded, is already attracting heavy criticism – even from other tech giants. By pairing Microsoft-backed OpenAI’s ChatGPT with Apple’s voice-activated assistant, Siri, Apple hopes to make AI mainstream. But its critics say that all Apple has done is create a cybersecurity nightmare for corporations while sounding a death knell for the personal privacy of Apple users.

“It’s patently absurd that Apple isn’t smart enough to make their own AI, yet is somehow capable of ensuring that OpenAI will protect your security & privacy!… Apple has no clue what’s actually going on once they hand your data over to OpenAI. They’re selling you down the river,” says Elon Musk, Tesla and SpaceX founder and the owner of X Corp, formerly Twitter.

News One Minute Roundup

0

11

Adobe Applies Patches to Critical Flaws – June 12th

Yesterday, June 11th, Adobe announced that they rolled out security patches for 6 critical vulnerabilities affecting Adobe After Effects, Photoshop, and Illustrator.

According to Adobe, the vulnerabilities could have led to successful arbitrary code execution and/or memory leaks in the current user’s context.

News One Minute Roundup

0

15

Microsoft Helping US Hospitals from Cyber Attacks – June 11th

Microsoft announced the launch of its new cybersecurity program to support hospitals in rural America from cyber attacks.

Microsoft’s new security suite and cyber training offering will provide nonprofit pricing and discounts to critical access hospitals and rural emergency hospitals.

News ransomware Russia

0

14

It’s official…It definitely IS the Russians

The US Federal Bureau of Investigation (FBI) has laid the blame for escalating worldwide ransomware attacks squarely at Russia’s door.

Speaking at the 2024 Boston Conference on Cyber Security last week, FBI Cyber Division Assistant Director Bryan Vorndran said: “Almost all of the criminals developing sophisticated malware to enable ransomware attacks are based in Russian-speaking countries and operate as organized crime syndicates, similar to traditional organized crime elements.”

He focused on the FBI’s earlier this year disruption of Dark Web ransomware gang LockBit, stressing that organized cybercriminal gangs, particularly Russian ones, are essentially the same as old-school mafia mobsters. They differ only in their methods and avenues of attack.

One Minute Roundup

0

14

$10M Reward for LockBit Mastermind – June 10th

The U.S. Government launched a manhunt for the LockBit ransomware mastermind, Dmitry Yuryevich Khoroshev, for a bounty worth $10M.

According to the Justice Department, LockBit is suspected to be behind attacks in almost 120 countries that have extorted nearly $1 billion.

News One Minute Roundup

0

8

Meta, IRS, Apple, and Amazon Among Impersonated Brands – June 7th

According to a report from Mailtrack, Meta, the IRS, Apple, and Amazon are among the top impersonated American brands.

Mailtrack’s report also outlined the top impersonated non-American brands, such as Japanese au by KDDI, JR East, Aeon, and JCB. It was based on an analysis of more than 1.14 million phishing scam reports listed on PhishTank.

Breaking News Cybersecurity Events News

0

21

InfoSecurity Europe 2024 – Was It All Worth It?

As the stands were being packed away on the show floor at the end of the InfoSecurity Europe 2024 conference in London this week (June 4-6), it was time for exhibitors and attendees to take stock of the three-day event. The mood among exhibitors as they packed everything away in cardboard boxes was distinctly upbeat compared to last year’s event, which was still overshadowed by two long years of lockdown.

“It was great to be among people two years post-pandemic and to be able to see the whites of their eyes and the smiles on their faces. In an industry as serious as cybersecurity, it is also important to have face-to-face moments of levity and bonhomie,” said Matt Butterworth, senior account manager at data erasure specialist Blancco Technologies.

Neal Smyth, of managed cloud and cybersecurity company Ekco, commented: “Our presentation was oversubscribed with standing-room only. As well as generating leads, we had more customers coming to the stand this year. For example, a representative of a government department simply turned up and asked us to tender. I also hear that other exhibitors were seeing more potential customers attending InfoSecurity this year.”

News One Minute Roundup

0

14

TikTok Confirms Account Hack Targeting CNN – June 5th

In a public statement, Alex Haurek, TikTok’s spokesperson, announced the hack on CNN’s TikTok account, among other high-profile accounts.

“We have taken measures to stop this attack and prevent it from happening in the future. We’re working directly with affected account owners to restore access if needed,” he added.

Breaking News Cybersecurity Events News

0

27

Deepfakes dominate InfoSecurity Europe 2024

InfoSecurity Europe, widely acknowledged as the chief global challenger to RSA in the US, kicked off with a Keynote speech and panel discussion on “Mapping the Deepfake Landscape.” Broadcaster and researcher Henry Adjer quoted numerous examples of the increasing sophistication of malicious deepfakes.

The most interesting example of a deepfake was a false image purporting to show an explosion near the Pentagon shared by multiple verified Twitter accounts last year, resulting in a brief dip in the value of the New York Stock Exchange.

“Threat actors are starting to explore the possibility of using deepfakes to move share prices with fake podcasts and video interviews with company C-suite executives of listed companies. Even if the fake is quickly spotted and squashed and the company’s shares are only impacted for 10 minutes, the threat actor can make a huge profit by speculating on the movement of a specific stock,” says Tim Grieveson, senior vice president of global cyber risk at cybersecurity firm BitSight, which in 2021 received £250 million funding from financial services giant Moody’s.

News One Minute Roundup

0

18

Cox Communications Patched Flaw that Placed Millions at Risk – June 4th

Cox Communications fixed an authorization bypass vulnerability that could have enabled threat actors to abuse backend APIs to reset millions of modems and steal customer data.

Discovered by Sam Curry, the exploit gave a similar set of permissions as the ISP tech support.

RickJonesDigitalXRAID

Cybercrime Cybersecurity Executives Expert Opinions

0

13

Closing the chasm between cyber and CEOs

Risk is the common language that will close the knowledge and credibility chasm that frequently separates chief information security officers (CISOs) from their boards.

Even in large organisations, the CISO is rarely awarded the authority granted automatically to the chief financial officer (CFO) and some other c-suite executives. But this is already starting to change as new laws on both sides of the Atlantic are making not only CISOs but also chief executive officers (CEOs) responsible by law for significant but essentially preventable cyber-breaches.

The US Securities and Exchange Commission (SEC) last year is known to have notified the CFO and the CISO of SolarWinds about potential enforcement actions related to the 2020 cyberattack against the company’s Orion software platform, which the company had disclosed in a regulatory filing with the agency. This was further compounded when in October, the SEC finally charged SolarWinds and its CISO Timothy Brown with fraud and internal control failures for allegedly misleading investors about its cybersecurity practices leading up to the Sunburst attack discovered in December 2020.

Breaking News cybercrime News

0

15

Game over for European criminal botnet networks

An international operation coordinated by Europol has resulted in several arrests and the takedown of numerous cybercriminal networks. The operation focused on tackling the growing problem of the weaponization of botnets, which are strings of connected computers. Cybercriminal gangs use botnets to install droppers, a type of malicious software designed to install other malware, such as ransomware, onto a targeted system.

Between 27 and 29 May of this year, Europol’s “Operation Endgame” targeted droppers, including IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee, and Trickbot. The actions focused on disrupting criminal services, making arrests, taking down criminal infrastructures, and freezing illegal proceeds.

1
2
3
4
5
6
7
8
…
13