attack
-
Blog
Phishing attack hides JavaScript using invisible Unicode trick
A new JavaScript obfuscation method utilizing invisible Unicode characters to represent binary values is being actively abused in phishing attacks targeting affiliates of an American political action committee (PAC). Juniper Threat Labs that spotted the attack reports that it took place in early January 2025 and carries signs of sophistication such as the use of: Personalized non-public information to target…
Read More » -
Blog
Lee Enterprises newspaper disruptions caused by ransomware attack
Newspaper publishing giant Lee Enterprises has confirmed that a ransomware attack is behind ongoing disruptions impacting the group’s operations for over two weeks. As a local news provider and one of the largest newspaper groups in the United States, Lee publishes 77 daily newspapers and 350 weekly and specialty publications across 26 states. Its newspapers have a daily circulation of…
Read More » -
Blog
Ransomware gang INC claims recent cyber attack on the City of McKinney, Texas
Ransomware gang INC added the City of McKinney, Texas, to its data leak site this weekend. This comes after the city issued a data breach notification following a cyber attack that started in October 2024. In its notification, the city states that it was: “the victim of an unknown third party gaining unauthorized access to the City network environment on…
Read More » -
Blog
Chinese espionage tools deployed in RA World ransomware attack
A China-based threat actor, tracked as Emperor Dragonfly and commonly associated with cybercriminal endeavors, has been observed using in a ransomware attack a toolset previously attributed to espionage actors. The hackers deployed the RA World ransomware against an Asian software and services company and demanded an initial ransom payment of $2 million. Researchers from Symantec’s Threat Hunter Team observed the activity in late 2024…
Read More » -
Blog
Hacker pleads guilty to SIM swap attack on US SEC X account
Today, an Alabama man pleaded guilty to hijacking the U.S. Securities and Exchange Commission (SEC) account on X in a January 2024 SIM swapping attack. This comes after the defendant, 25-year-old Eric Council Jr., first pleaded not guilty to hacking the account and enabling his co-conspirators to make a fake announcement that Bitcoin ETFs were approved. “Today the SEC grants approval to…
Read More » -
Blog
Cisco dispels Kraken data breach claims, insists stolen data came from old attack
Cisco has pushed back on claims it has been breached in a new ransomware attack after a threat actor exposed sensitive information allegedly stolen from the firm’s internal network. The Kraken ransomware group posted the information, which according to reporting by Cyber Press contained credentials linked to Cisco’s Windows Active Directory environment, to its dark web leak site. This data…
Read More » -
Blog
Australians Hit With One Cyber Attack Every Second in 2024
A cyber attack hit an Australian user every second in 2024, marking a staggering twelvefold increase from the previous year. This surge contributed to a global cybersecurity crisis, where 5.6 billion accounts were compromised worldwide, equating to 176 breaches per second, according to Surfshark. The global total represents a nearly eightfold surge from 2023 when only 23 accounts were compromised…
Read More » -
Blog
Cyber Attack Severity Rating System Established in U.K.
A new rating system in the U.K. will classify the severity of cyberattacks on a scale from one to five, aiming to provide businesses and policymakers with more precise insights into the impact of cyber threats. The Cyber Monitoring Centre, an independent nonprofit organisation of industry experts, will assess incidents in real time and publish results for free. The system…
Read More » -
Blog
Massive brute force attack uses 2.8 million IPs to target VPN devices
A large-scale brute force password attack using almost 2.8 million IP addresses is underway, attempting to guess the credentials for a wide range of networking devices, including those from Palo Alto Networks, Ivanti, and SonicWall. A brute force attack is when threat actors attempt to repeatedly log into an account or device using many usernames and passwords until the correct combination…
Read More » -
Blog
Engineering firm IMI hit with cyber attack just days after Smiths Group incident
Birmingham-based engineering firm IMI has revealed that it has been hit by a cyber attack. The FTSE-100 firm said the incident involved unauthorised access to its systems, but gave no further details. “As soon as IMI became aware of the unauthorised access, the company engaged external cybersecurity experts to investigate and contain the incident. In parallel, the company is taking…
Read More »