Tag: malware
Cyberattack Halts Albanian Parliament Data System – December 29th
Albania's Parliament announced it was hit by a cyberattack targeting its data system, resulting in halting the Parliament's services. The Albanian Parliament assured that although disrupted, the data was not encrypted by the threat actors and that their services would go back online soon.
‘GTA V’ Source Code Leaked on Telegram Channel – December 26th
Links to Rockstar Games’ 'GTA V' source code were posted on a Telegram group, later posted on Discord servers and a dark web site. The Rockstar Games leak ensued a year after threat actor group, Lapsus$ claimed a cyberattack on the gaming giant. Lapsus$ hacker, Arion Kurtaj is the suspected source of the video game's code distribution.
November’s Ransomware Leak Victims Reach Record High – December 25th
A record-high 484 ransomware victims were posted on publicly available sites in November 2023, according to a Corvus Insurance report. The spike in ransomware victims' information being leaked reflects a 39.08% increase compared to October 2023 and a staggering 110.43% increase compared to November 2022.
Financial Sector Sees Most Cyberattacks in 2023 – December 20th
Based on a Netwrix survey, the financial sector in 2023 experienced the most cyberattacks among any other sector in 2023. Surveying 1,610 IT and security professionals from more than 100 countries, the survey also revealed phishing and malware to be the most common attacks across all sectors.
Ukraine’s Largest Telecom Crippled by Russian Cyberattack – December 13th
Kyivstar, Ukraine's largest telecom provider announced it was hit by a devastating cyberattack, disrupting internet access for over 26 million users. Kyivstar's parent company, VEON Ltd confirmed the devastating cyberattack, claiming it to be “one of the largest cyberattacks in the history of the global telecom market.”
AutoSpill Attack May Lead to Stolen Android Credentials – December 11th
Researchers from the International Institute of Information Technology (IIIT) presented a new attack named 'AutoSpill' that enables attackers to steal account credentials on Android devices via an autofill operation, during the Black Hat Europe security conference. IIIT researchers pinpointed WebView, the Android feature used to open external links through an internal browser view as the starting point of the security flaw, leaving autofilled usernames and passwords vulnerable.
Convicted Russian Pleads Guilty to Ransomware Attacks – December 5th
The Department of Justice announced that the Russian national behind the malware tool Trickbot, used to launch ransomware attacks on American hospitals, pleaded guilty to his role in the malware tool's development. Trickbot was used to facilitate ransomware attacks on a string of American hospitals and health systems, disrupting care delivery and risking patient safety.
GE Military Project Hack Sparks National Security Concerns – November 30th
General Electric (GE) recognized the data theft from threat actor IntelBroker pertaining to a project involving the Defence Advanced Research Projects Agency, sparking national security concerns. The GE Spokesperson commented on the data theft, saying they are thoroughly investigating the claims, will work on further protecting the integrity of their security systems, and that business operations will not be affected.
AI “overrated and overhyped” say cybercriminals
The verdict on artificial intelligence (AI) from the real experts is finally in; professional cybercriminal fraternities have judged AI to be “overrated, overhyped and redundant,” according to fresh research from cybersecurity firm Sophos. It has, hitherto, been accepted wisdom in the cybersecurity industry that cybercriminals, free from any regulatory authority or moral scruples, were among the first to harness the awesome power of AI to create bespoke and virtually unstoppable malware. However, having infiltrated the Dark Web forums where top professional cybercriminals discuss their trade, Sophos reports that the cybercrime sector has thoroughly tested the capabilities of AI and found it wanting.
UK and US Develop Global AI Security Guidelines – November 27th
The UK's National Cyber Security Center (NCSC), in partnership with the US's Cybersecurity and Infrastructure Security Agency (CISA) launched the 'Guidelines for Secure AI System Development'. The guidelines are set to secure AI system development, to help developers make informed cybersecurity decisions at every step of the AI development process. These AI guidelines were also co-signed in cooperation with 21 other international agencies and ministries from across the world.
Europol Urges Police to Prepare for Quantum Computing – October 26th
Europol released a statement directed to European law enforcement agencies to prepare for the impact quantum computing will have on the cybersecurity ecosystem. This warning is based on Europol's latest report, "The Second Quantum Revolution: The Impact of Quantum Computing and Quantum Technologies on Law Enforcement" which dives into the threats and opportunities of quantum computing to threat actors.
Plastic surgeons and patients targeted in extortion rackets
The Federal Bureau of Investigation (FBI) warns that cybercriminals and online blackmailers are targeting plastic surgeons to harvest electronically protected health information (ePHI) on their patients. Personal ePHI includes sensitive information and photographs, enabling the cybercriminals to extort money from the patients themselves as well as from plastic surgery practices, something that could prove lucrative to blackmailers targeting wealthy celebrities who are in the public eye.