November 30, 2025

Dark Light

Search

Healthcare News ransomware

0

27

Cybercrime Kills

A patient’s death following a cyber-attack on the UK health sector by ransomware group Qilin has now been reported. The death has been confirmed by King’s College Hospital NHS Foundation Trust.

It has been attributed to a long wait for a blood test as a result of a cyber-attack on 3 June last year, which brought pathology services to a temporary standstill. IT company Synnovis, which provides blood test services primarily in southeast London, was the victim of a ransomware attack carried out by Qilin. The hospitals affected were Guy’s and St Thomas’, King’s College, and Lewisham and Greenwich, along with primary care facilities across six London boroughs and two mental health trusts.

News ransomware

0

21

Ransomware group offers cyber gangs legal advice

A new cybercriminal group, Qilin, is rapidly establishing dominance in the murky world of ransomware by providing not just ransomware-as-a-service (RaaS) but a full soup-to-nuts cybercrime service .In addition to the malware, Qilin also provides a full suite of legal guidance for criminals together with operational and storage features. According cybersecurity company, Cybereason, Qilin is positioning itself not just as a ransomware group, but as a full cybercrime service.

cybercrime News ransomware Russia

0

49

Teenage hackers run rings around cyber-defenses

The recent UK retail cyberattacks that impacted Marks & Spencer and the Co-Op supermarket chain are only the tip of a very large iceberg that now threatens organizations on both sides of the Atlantic.

Although media reports have attributed the attacks to a group named “Scattered Spider,” the actual threat is far bigger. For a start, there is no criminal group that actually calls itself “Scattered Spider”, which is just a made-up name attributed by cybersecurity researchers. These attacks and many others in the US and the UK are now known to be the work of a vast sprawling network of hackers, some as young as 14, spread across the US and the UK. They call themselves “the Community”, or “the Com” for short, and are essentially a vast teenage subculture of criminal hackers.

Cyber Espionage cybercrime News Russia

0

22

Russia orchestrates vast cyber-espionage campaign

A new Russian threat actor, Void Blizzard, also known as Laundry Bear, is gathering intelligence from Western states on an industrial scale unseen since the end of the Cold War. According to Microsoft Threat Intelligence, Void Blizzard primarily targets NATO member states, particularly those supporting Ukraine, and Ukraine.

cybercrime News Retail

0

20

UK government issues urgent cybercrime warning

The UK government is issuing a warning this week to all companies to make cybersecurity an “absolute priority”, following recent cyberattacks on retailers Marks & Spencer, Harrods, and the Co-op. UK cabinet office minister Pat McFadden is reported to have held a briefing last week with national security officials and the CEO of the National Cyber Security Centre, Richard Horne, aimed at providing support to the three retail groups.

Geopolitics News Russia

0

22

Cyber truce with Russia opens up US for cyber-attacks

US Defense Secretary Pete Hegseth’s shock directive to US Cyber Command to pause offensive cyber-operations against Russia may have unforeseen consequences for organizations across the US. It would mean that the West could be blind-sided by a lack of actionable intelligence regarding Russia’s ongoing cyber-war against countries such as the US and the UK.

Russian groups are already upping cyber-attacks on the US. In December, Cyber Intelligence reported that two Russian groups, the People’s Cyber Army and Z-Pentest, claim to have taken attacks on critical infrastructure in the US to a new and more dangerous level. This was evidenced by Telegram videos detailing attacks on US energy and water facilities far beyond the previously supposed capabilities of such groups.

AI Big Tech News

0

16

Cybercriminals Weaponize Google AI assistant

Cybercriminals have been quick to see nefarious possibilities in search engine giant Google’s new Gemini 2.0 AI assistant. According to Google’s own findings, nation-state-backed threat actors are already leveraging Gemini to accelerate their criminal campaigns.

The actors are using Gemini 2.0 for “researching potential infrastructure and free hosting providers, reconnaissance on target organizations, research into vulnerabilities, payload development, and assistance with malicious scripting and evasion techniques,” says Google.

China Cyber Espionage News

0

19

FBI unplugs Chinese hackers

The US Justice Department and FBI have completed a law enforcement operation to delete Chinese malware from approximately 4,258 U.S.-based computers and networks. The international operation was led by French law enforcement and France-based private cybersecurity company Sekoia.io.

According to court documents unsealed in the Eastern District of Pennsylvania, a group of hackers paid by the People’s Republic of China (PRC), known as “Mustang Panda” and “Twill Typhoon,” used a version of PlugX malware to infect, control, and steal information from victim computers. Since at least 2014, Mustang Panda hackers have infiltrated thousands of computer systems in campaigns targeting US victims, European and Asian governments and businesses, and Chinese dissident groups.

Geopolitics News Russia

0

25

Russian cyber gangs escalate attacks on US

Two Russian groups, the People’s Cyber Army and Z-Pentest, claim to have taken attacks on critical infrastructure in the US to a new and more dangerous level. Dark web researchers at threat intelligence firm Cyble have discovered Telegram videos detailing attacks on US energy and water facilities far beyond the previously supposed capabilities of such groups.

Cyble believes that the two groups may be working in cooperation with one another. Previously, the People’s Cyber Army, which also goes by the name of the Cyber Army of Russia Reborn, and lesser-known groups such as Z-Pentest, have largely confined their attacks on US critical infrastructure to simple and easy-to-repel distributed denial of service (DDoS) attacks.

Arrest News Russia

0

18

Russian Authorities Arrest FBI’s Most Wanted Hacker

The FBI’s most wanted hacker, Mikhail Pavlovich Matveev, dubbed the “Moriarty” of cybercrime, has finally been arrested by Russian authorities. Described by the FBI as a “prolific” cybercriminal, Matveev has had a $10 million bounty on his head for any information leading to his arrest since 2023.

The arrest is a turning point on the part of the Russian authorities, as cybercriminals have long seen Russia as a safe haven. According to intelligence sources, this could either represent an attempt to try and legitimize the Russian economy or an indication that the state is taking back control of cyber-attacks on Western economies.

News One Minute Roundup

0

15

UK Takes Down Russian Money Laundering Ring – December 5th

The FBI warns the public about rising fraud schemes using generative artificial intelligence. The FBI observed that GenAI can be utilized by hackers to create fraudulent social media accounts, generate false websites to entice cryptocurrency investors, and create AI chatbots in order to lure victims into clicking malicious links.

cybercrime News Russia

0

24

Women break glass ceiling of Russian cybercrime

Women cybercriminals and lady Darknet hackers are now starting to make inroads into the hitherto male-dominated fraternities of Russian-speaking cybercrime. According to the cybersecurity training and certification cooperative, the SANS Institute, women cybercriminals sometimes now pose as men in order to obfuscate their identities as well as to gain credibility among Russian-speaking criminals.

The SANS Institute interviewed one such woman cybercriminal, who is referred to only as a “Confidential Human Source (CHS)” in order to comply with her request for anonymity.

“I often took my boyfriend to in-person meetings,” CHS revealed, shining a new light on a so-far largely unrecognized aspect of cybercrime, the fact that cybercriminals meetings are frequently also conducted offline.

Cyber Espionage News Vulnerability

0

16

US water supply threatened by cyber-attacks

The USA’s drinking water is under threat. According to the US Environmental Protection Agency (EPA), 97 drinking water systems serving around 27 million users have critical or high-risk cybersecurity.

Although the EPA’s latest report focuses on the potential financial costs of cyber-attacks, there is also strong evidence that such attacks could also result in significant loss of life, with thousands or even millions of people being deliberately poisoned by terrorists or a hostile foreign power.

“We estimate that a [California] state-wide water service disruption could potentially cost at least $61 billion in lost revenue per day,” says the EPA report, Cybersecurity Concerns Related to Drinking Water Systems.

News Phishing Russia

0

14

Russian secret service steps up cyber-attacks on the West

Software giant Microsoft has made an urgent public announcement that the Russian secret service is currently sending thousands of weaponized spear-phishing emails to key individuals in over 100 organizations in countries including the US and the UK.

According to Microsoft: “The emails were highly targeted, using social engineering lures relating to Microsoft, Amazon Web Services (AWS)… In some of the lures, the actor attempted to add credibility to their malicious messages by impersonating Microsoft employees.”

cybercrime News Russia

0

14

GoldenJackal targets top-secret installations

An as-yet-unidentified group, known only as GoldenJackal with suspected links to the Russian state, is targeting high-security networks that are intentionally isolated from the internet. Confidential data is frequently stored in “air-gapped” computers that do not have an online connection and were, until now, virtually impossible to hack.

But cybersecurity firm ESET now reports that GoldenJackal was deploying “a highly modular toolset” against a government organization in a European Union (EU) country between May 2022 and March 2024. This follows similar ongoing attacks on air-gapped systems in Belarus that began in August 2019.

Arrest China Cyber Espionage News

0

22

Chinese phisher steals top US military secrets

This week, the US Department of Justice (DOJ) announced criminal charges against a Chinese national, Song Wu, accused of wire fraud and aggravated identity theft in an effort to obtain National Aeronautics and Space Administration (NASA) computer software and source code.

The DOJ has now revealed that the specialized software allegedly stolen by Song could be used by potentially hostile enemies to attack the US. According to the DOJ, the stolen software could be used for “industrial and military applications, such as development of advanced tactical missiles and aerodynamic design and assessment of weapons.”

Government News Russia

0

16

London’s transport cyber-breach is spreading fast

A cyber-attack on the London transport system earlier this month was far more serious than initially reported and is rapidly spreading across the UK. It is also now ringing loud alarm bells on both sides of the Atlantic, particularly in light of the upcoming US elections in November.

Transport for London (TfL) has now admitted that over 5,000 customers’ personal details and, in many cases, their financial details have been stolen. TfL added that the breach is also rapidly starting to affect services outside London.

The London Underground, the UK capital’s vast underground rail network, like most European metros, has a touchpad automatic electronic payment system using prepaid plastic cards. London also allows travelers simply to use their visa or MasterCard on the touchpads at the London underground barriers. This means that organizations such as TfL have become repositories of millions of commuters’ financial details, making them a tempting target for small-time cyber crooks.

Breaking News Geopolitics News

0

14

German Intelligence warns of Russian cyber-attacks

The cyber cold war just became a little warmer, with German Intelligence now publicly crying foul on Monday at Russia for online attacks stretching back to 2020.

Germany’s Bundesverfassungsschutz has issued a strong warning against a cyber group belonging to Russian military intelligence (GRU) Unit 29155, which was linked to the 2018 poisonings of a former Russian double agent and his daughter in the UK, claiming that the unit has also been active in carrying out cyberattacks against NATO and EU countries.

Breaking News News Surveillance

0

16

Brussels backs down on mass surveillance

The European Union (EU) Council has made a last-minute withdrawal of the EU’s highly controversial planned “Chat Control” legislation, which was due to vote yesterday. This would have effectively introduced mass digital surveillance by means of fully automated real-time monitoring of all messaging and chats.

The EU would appear to finally have heeded the harsh warnings that have been coming from the cybersecurity and communication sectors since the controversial ruling was first proposed in 2022. For the six months prior to Thursday’s decision, the EU Belgian Council presidency has been sitting on a deadlock between EU countries. Germany and Poland have heeded privacy experts’ warnings of a potential police state. But Ireland and Spain are pressing for draconian new online laws to fight a rise in online child sexual abuse material that has grown since the start of Europe’s widespread lockdowns two and a half years ago.

Arrest Breaking News News

0

19

Telegram chief arrested in Paris

Speculation is today mounting concerning the arrest of the popular encrypted messaging app Telegram head and founder, Pavel Durov, at Le Bourget airport north of Paris on Saturday evening. The arrest has been widely reported in France, although the authorities have yet to issue a full statement.

In the past, the French president. Emmanuel Macron and his team have been enthusiastic users of Telegram, using it to orchestrate their political strategies. But Durov’s arrest on Saturday is now being seen as part of an attempt by the UK and the European Union to curtail the reach and influence of largely unregulated communications platforms such as Telegram and X (formerly Twitter). This theory is born out of sources close to the situation, who believe that Durov will face charges of complicity in drug trafficking, crimes against children, and fraud – all allegedly stemming from a lack of moderation controls on Telegram.

Geopolitics Government News

0

17

America’s enemies strive to sway the US presidential election

Nations hostile to America, primarily Russia and China, are currently doubling down on their efforts to influence the outcome of the upcoming US elections. So far, their efforts appear to be directed at preventing Donald Trump from winning a second term as president, possibly fearing a Republican victory could herald the US taking a tougher stance on international affairs.

According to an extensive nine-page Microsoft threat intelligence report: “Foreign malign influence concerning the 2024 US election started off slowly but has steadily picked up pace over the last six months due initially to Russian operations, but more recently from Iranian activity.”

Geopolitics News Russia

0

24

The West braces for massive Russian cyber offensive

Russia is believed to be planning widespread cyber-attacks on the West in part retaliation for Ukraine’s cyber-attack, which recently crippled Russia’s financial services.

“In retaliation to NATO support for Ukraine, cyberwarfare coinciding with the ongoing Russia-Ukraine conflict will likely include focused state-level attacks against Western critical and military sectors launched by Moscow’s hacker groups,” says Craig Watt, a consultant specializing in strategic and geopolitical intelligence at cybersecurity firm Quorum Cyber.

Breaking News Geopolitics News

0

21

Ukraine takes down Russia’s financial services

Hackers from Ukraine’s Main Intelligence Directorate claim to have effected one of the largest Distributed Denial-of-Service (DDoS) attacks in history, derailing Russia’s financial services.

According to the Kyiv Post, the attack compromised the online services of all major Russian banks, including the Central Bank, telecommunications service providers, national payment systems, social networks and messengers, government resources, and dozens of other services.

The affected Russian financial institutions are reported to include VTB Bank, Alfa Bank, SberBank, Raiffeisen Bank, RSHB Bank, Ak Bars Bank, Rosbank, Gazprombank, Tinkoff Bank, iBank, Dom.RF Bank, and the Bank of Russia. On the last day of the attack, the resources of the Russian Ministry of Defense, the Ministry of Internal Affairs. The Federal Tax Service was also reported to have been affected.

cybercrime Government News

0

20

Russian gang shuts down two Indiana counties

Clay County, Indiana, in the US, is sounding a Local Disaster Declaration in the wake of a “criminal ransomware attack” that occurred last week, following reports of increasing cyber-attacks on local governments across America.

“Clay County local government suffered a significant ransomware attack in the early morning hours of July 9, 2024. This has resulted in an inability to provide critical services required for the daily operation of all offices of the Clay County Courthouse, Community Corrections, and Clay County Probation,” said the county in an official statement.

cybercrime Geopolitics News

0

18

Cyber Tsunami Set to Overwhelm Paris Olympics

The Olympic games, which kick off in Paris towards the end of next month, are expected to attract over 15 million visitors to the French capital and generate around €11 billion. But there are also growing fears that the four-yearly global event will be the target of a tsunami of cybercrime and terrorism.

“The Tokyo Games in 2021 suffered 450 million computer attacks. Paris expects eight times more!” says the networking giant Cisco, an official partner for Paris 2024.

News ransomware Russia

0

12

It’s official…It definitely IS the Russians

The US Federal Bureau of Investigation (FBI) has laid the blame for escalating worldwide ransomware attacks squarely at Russia’s door.

Speaking at the 2024 Boston Conference on Cyber Security last week, FBI Cyber Division Assistant Director Bryan Vorndran said: “Almost all of the criminals developing sophisticated malware to enable ransomware attacks are based in Russian-speaking countries and operate as organized crime syndicates, similar to traditional organized crime elements.”

He focused on the FBI’s earlier this year disruption of Dark Web ransomware gang LockBit, stressing that organized cybercriminal gangs, particularly Russian ones, are essentially the same as old-school mafia mobsters. They differ only in their methods and avenues of attack.

News One Minute Roundup

0

11

Ticketmaster Breach Data Posted on New BreachForums – May 31st

The ‘ShinyHunters’ threat actor group posted data from a Ticketmaster data breach, potentially belonging to 560M users, asking for $500K in exchange for the data.

Analysts at Vx-Underground analyzed a sample of the Ticketmaster data and determined that the data was authentic, containing entries dating back to 2011.

News One Minute Roundup

0

13

91% of Orgs Report Use of Gen AI for Cybersecurity – May 1st

Splunk reported that 91% of organizations reported the use of Generative AI for specific cybersecurity usage.

The report “State of Security 2024: The Race to Harness AI” also disclosed that 93% of security leaders said public Gen AI was in use across their respective organizations, among other insightful statistics on Gen AI’s impact on cybersecurity.

News One Minute Roundup

0

8

73% of SME Security Professionals Failed to Act on a High Priority Security Alert – April 17th

According to a survey from Coro, 73% of SME cybersecurity professionals admittedly say that they’ve missed, ignored, or failed to act accordingly on a high-priority security alert.

The survey also found respondents to spend an average of 4 hours and 43 minutes managing their cyber security tools daily, with an average of 11.55 tools in their security stack.

China Cyber Espionage Iran News

0

23

China and Iran launch lethal attacks on US infrastructure

The White House has issued an urgent appeal to all US state governors to prepare to cope with their water systems being attacked and taken down by Chinese cyber-attacks. Iran, which has honed its industrial espionage techniques via consistent attacks on Israel’s infrastructure, is also proving effective in taking down water facilities in the US.

The letter from the White House contains a stark warning that attacks on US water facilities are no longer a potential threat but an increasingly frequent event with real-world consequences. It was signed by the Assistant to the President for National Security Affairs, Jake Sullivan, and by Environmental Protection Agency Administrator Michael S. Regan.

News One Minute Roundup

0

9

CISA Warns of “Volt Typhoon” Group Targeting Critical Infrastructure – March 21st

The US Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about the Chinese-linked “Volt Typhoon” group, which is targeting critical infrastructure.

The CISA warning, issued in collaboration with the National Security Agency (NSA) and the Federal Bureau of Investigation (FBI), confirmed the recent critical infrastructure attacks initiated by “Volt Typhoon” and the group’s tactics and motives.

News One Minute Roundup

0

22

Russian Hackers Breach Microsoft’s Code Base – March 8th

Microsoft announced the cyber campaign by the Russian-state-sponsored ‘Midnight Blizzard’ hackers, resulting in the group stealing the tech giant’s source code.

The sophisticated ‘Midnight Blizzard’ campaign is said to be rooted in a grander scheme to gain unauthorized access to Microsoft’s environment using the stolen source code.

Geopolitics Hacktivism News

0

16

Doppleganger mob set to spike US and UK elections

Russian hacktivists named Doppelgänger have been interfering in Germany’s elections with a view to influence the outcome of upcoming European elections, according to a report from SentinelLabs and ClearSky Cyber Security.

“Doppelgänger represents an active instrument of information warfare. We anticipate that Doppelgänger’s activities, targeting not only Germany but also other Western countries, will persist and evolve, particularly in light of the major elections scheduled across the EU and the USA in the coming years,” says the report.

China Geopolitics News

0

28

FBI declares cyber-war on China

US Federal Bureau of Investigation (FBI) director Christopher Wray used his keynote speech at the weekend’s Munich Cyber Security Conference, which many regard as the security version of Davos, to effectively declare cyber-war on the People’s Republic of China (PRC).

“Our adversaries have been improving exponentially,” warns Wray. “Chief among those adversaries is the Chinese government…the cyber threat posed by the Chinese government is massive.”

Wray added that China’s hacking program is larger than that of all the other major world nations combined and that the PRC is using AI technology stolen from the Western powers to vastly increase the present threat. The FBI director told the major world powers assembled in Munich at the weekend that a new enhanced level of cooperation between government agencies such as his and the private sector is the only way to counter this new Red Menace.

News One Minute Roundup

0

14

11 Romantic AI Chatbots Fail Security Tests – February 15th

The Mozilla Foundation released research that unveils that all 11 romantic AI chatbots tested, failed security and privacy tests.

All 11 chatbots feature data privacy concerns, pulling much more data than is needed from the collective 100 million users of these chatbots. Mozilla urges these chatbots to minimize exploiting vulnerable users through more transparent data privacy practices.

Business Email Compromise Cloud Security News

0

10

High level executives targeted in ongoing attacks

Highly organized cybercriminals suspected to be based in Russia and Nigeria are targeting hundreds of executives in dozens of organizations in an ongoing Microsoft Azure cloud account takeover (ATO) campaign.

According to US cybersecurity firm Proofpoint: “As part of this campaign, which is still active, threat actors target users with individualized phishing lures within shared documents.”

Innocent but weaponized documents sent to key executives include embedded links to “View Document”, which automatically directs them to a malicious site. The users affected by the attacks occupy a variety of trusted positions within their organizations. Victims include chief financial officers (CFOs), finance managers, account managers, corporate vice presidents, and sales directors. Proofpoint believes that targeting this variety of executive positions is far from being a series of random phishing attacks.

cybercrime News ransomware

0

30

Ransomware payments top US$1 billion in 2023

Last year, ransomware payments topped US$1 billion for the first time. According to a report from blockchain analyst firm Chainalysis, in 2023 ransomware gangs reached “an unprecedented milestone” in extorted cryptocurrency payments.

“This number does not capture the economic impact of productivity loss and repair costs associated with attacks. This is evident in cases like the ALPHV-BlackCat and Scattered Spider’s bold targeting of MGM resorts. While MGM did not pay the ransom, it estimates damages cost the business over US$100 million,” warns the report.

News One Minute Roundup

0

11

Russia-Backed Hackers Infiltrate Microsoft’s Corporate Email System – January 22nd

Microsoft announced on a blog post that the email intrusion attack began in November 2023 and was discovered on January 12th, 2024. Microsoft deduced that the attack originated from a Russian nation-state hacking group.

The Microsoft blog post stated the attack gained access to a small percentage of Microsoft corporate email accounts, consisting of Microsoft leadership, security, and IT team members. The incident is still under investigation and reported to the SEC, Microsoft vowed to take any further necessary action while being as transparent as possible.

Geopolitics Malicious Bots News

0

19

Geopolitical tensions fuel botnet boom

Recent weeks have seen an exponential rise in malicious botnets performing reconnaissance scanning to scout out victims. According to researchers at cybersecurity firm Netscout, the number of potentially compromised devices rose from around 10,000 to roughly 144,000 over December, with no sign of the trend letting up.

“The trend continued into the new year, with the largest spikes occurring on January 5 and 6, eclipsing one million distinct devices. The levels reached an unprecedented 1,294,416 on the 5th,” reports Netscout.

The Netscout researchers say that this increased malicious scanning has been isolated to five key countries: The United States, China, Vietnam, Taiwan, and Russia. All have seen a rise in attackers using cheap or free cloud and hosting servers to create botnet launch pads.

1
2