Dec 16, 2024Ravie LakshmananCyber Attack / Cyber Espionage The Security Service of Ukraine (SBU or SSU) has exposed a novel espionage campaign suspected to be orchestrated by Russia’s Federal Security Service (FSB) that involves recruiting…
This year, a Serbian journalist and an activist had their phones hacked by local authorities using a cellphone-unlocking device made by forensic tool maker Cellebrite. The authorities’ goal was not only to unlock the phones…
Remember back when Windows 11 first came out and Microsoft gave everyone a free pass to upgrade? On the surface, it was a generous move; in actuality, it was a ploy to lure us away…
State officials said hundreds of thousands of Rhode Island residents could be affected by a cyberattack on the state’s online portal for social services, with a “high probability” that personally identifiable information was breached. According…
Dec 14, 2024Ravie LakshmananBotnet / Ad Fraud Germany’s Federal Office of Information Security (BSI) has announced that it has disrupted a malware operation called BADBOX that came preloaded on at least 30,000 internet-connected devices sold…
Dec 14, 2024Ravie LakshmananMalware / Cyber Threat Thai government officials have emerged as the target of a new campaign that leverages a technique called DLL side-loading to deliver a previously undocumented backdoor dubbed Yokai. “The…
Screenshot showing a graph tracking mining activity. Credit: Checkmarx But wait, there’s more On Friday, Datadog revealed that MUT-1244 employed additional means for installing its second-stage malware. One was through a collection of at least…
Last month, Microsoft officially announced the coming end of its Mail, Calendar, and People apps. If you’re still using those apps, you’ll start receiving pop-ups notifying you that end-of-support is coming up on December 31,…
Healthcare giant Optum has restricted access to an internal AI chatbot used by employees after a security researcher found it was publicly accessible online, and anyone could access it using only a web browser. The…
Dec 13, 2024Ravie LakshmananCyber Attack / Malware A now-removed GitHub repository that advertised a WordPress tool to publish posts to the online content management system (CMS) is estimated to have enabled the exfiltration of over…