hackers
-
Blog
Microsoft and DOJ disrupt Russian FSB hackers’ attack infrastructure
Microsoft and the Justice Department have seized over 100 domains used by the Russian ColdRiver hacking group to target United States government employees and nonprofit organizations from Russia and worldwide in spear-phishing attacks. In December, the United Kingdom and its Five Eyes allies linked this threat group to Russia’s Federal Security Service (FSB), the country’s internal security and counterintelligence service.…
Read More » -
Blog
How to stop hackers attacking hybrid clouds
Adopting a hybrid cloud approach is a very attractive proposition for organizations that want to benefit from the best of both public and private options — and for plenty of good reasons. It is far more flexible than committing entirely to either the public or private cloud in totality but also caters to the various kinds of data and workloads…
Read More » -
Blog
FIN7 hackers launch deepfake nude “generator” sites to spread malware
Image: Midjourney The notorious APT hacking group known as FIN7 has launched a network of fake AI-powered deepnude generator sites to infect visitors with information-stealing malware. FIN7 is believed to be a Russian hacking group that has been conducting financial fraud and cybercrime since 2013, with ties to ransomware gangs, such as DarkSide, BlackMatter, and BlackCat, who recently conducted an exit scam after stealing…
Read More » -
Blog
FCC is offering $200 million to protect schools and libraries from hackers
The Federal Communications Commission is making up to $200 million available to help schools and libraries make their computer systems more secure. The Schools and Libraries Cybersecurity Pilot Program will be used to evaluate whether to fund this kind of program on a more permanent basis. The funding will come through a pool of money called the Universal Service Fund…
Read More » -
Blog
Hackers are using a ChromeLoader exploit to set up fake companies and malware-ridden websites
A large ChromeLoader campaign that uses valid ‘code-signing’ certificates to bypass Windows security policies has been identified by an HP Wolf Security report. Threat actors using the ChromeLoader exploit may also be setting up fake companies in a bid to validate certificates for bogus PDF reader websites, the report noted. In signing the installation file with valid code signing certificates,…
Read More » -
Blog
Hackers claim fresh Dell data breach just days after the company confirms probe into employee info leak
Hackers are claiming that they’ve carried out a second hack on Dell within a week, accessing internal files by compromising the company’s Atlassian account. According to reporting from Hackread, data allegedly leaked in the breach is believed to include information from Jira, Jenkins, and Confluence, including data associated with Jira files, database tables, and schema migrations. It amounts to 3.5GB…
Read More » -
Blog
How hackers are using legitimate tools to distribute phishing links
As both security tools and employees have become more astute at detecting traditional phishing attacks, threat actors have turned to manipulating trusted platforms to distribute phishing links hidden in seemingly legitimate URLs. In one example of this approach, a report from Barracuda Networks published on 12 September detailed a rise in phishing attacks leveraging trusted content creation and collaboration platforms.…
Read More » -
Blog
A cyber criminal group behind an MFA bypass operation promised hackers “profit within minutes” – they’re now facing lengthy jail sentences
Three men have pleaded guilty in a UK court after operating a website assisting cyber criminals to bypass multi-factor authentication. The group, composed of Vijayasidhurshan Vijayanathan, Callum Picari, and Aza Siddeeque, ran the OTP[.]Agency site between September 2019 and March 2021, when the page was shut down. During this period, the NCA suggested the trio could have made as much…
Read More » -
Blog
Russian APT29 hackers use iOS, Chrome exploits created by spyware vendors
The Russian state-sponsored APT29 hacking group has been observed using the same iOS and Android exploits created by commercial spyware vendors in a series of cyberattacks between November 2023 and July 2024. The activity was discovered by Google’s Threat Analysis Group (TAG), who said the n-day flaws have already been patched but remain effective on devices that have not been…
Read More » -
Blog
Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs
Volt Typhoon, a Chinese state-sponsored hacking group, has been caught exploiting a zero-day vulnerability in Versa Director servers, used by managed service providers and internet service providers. CVE-2024-39717 was added to CISA’s “Known Exploited Vulnerabilities Catalog” on Aug. 23 after Lumen Technologies discovered its active exploitation. Data from Censys shows that there are 163 devices in the U.S., Philippines, Shanghai,…
Read More »