UNC3944 is a financially motivated threat group that carries significant overlap with public reporting of "0ktapus," "Octo Tempest," "Scatter Swine," and "Scattered Spider" and has been observed adapting its tactics to include data theft from software-as-a-service (SaaS) applications to attacker-owned cloud storage objects (using cloud synchronization tools), persistence mechanisms against virtualization platforms, and lateral movement via SaaS permissions abuse. Active since at least May 2022, UNC3944 has leveraged underground communities like Telegram to acquire tools, services, and support to enhance their operations.
A researcher has found a way to impersonate Microsoft corporate email accounts, which could make phishing attacks harder to spot.
Spanish newspaper Murcia Today reported that a British man was detained at Palma Airport as he prepared to board a flight to Italy.
Microsoft has released a critical security update for users of all supported Windows versions as a new Wi-Fi compromise requiring no authentication has been confirmed.
A ShinyHunters hacker tells WIRED that they gained access to Ticketmaster’s Snowflake cloud account—and others—by first breaching a third-party contractor.
Threat actors deliver fake software updates on websites for popular browsers: Sites with a high search engine ranking are at an increased risk.
Former employee says software giant dismissed his warnings about a critical flaw because it feared losing government business. Russian hackers later used the weakness to breach the National Nuclear Security Administration, among others.
Arm discloses a critical vulnerability (CVE-2024-4610) in Mali GPU Kernel Drivers. This flaw, actively exploited, affects versions from r34p0 to r40p0
The Cardinal cybercrime group (Storm-1811, UNC4394), who are the main operators of the Black Basta ransomware, is suspected of exploiting a Windows privilege escalation vulnerability, CVE-2024-26169, before a fix was made available.
The breached data appears partly legitimate — if imperfect — but also widely available for sale by data brokers.
The New York Times notified an undisclosed number of contributors that some of their sensitive personal information was stolen and leaked after its GitHub repositories were breached in January 2024.
The U.S. military launched a clandestine program amid the COVID crisis to discredit China’s Sinovac inoculation – payback for Beijing’s efforts to blame Washington for the pandemic. One target: the Filipino public. Health experts say the gambit was indefensible and put innocent lives at risk.
OpenAI has appointed Paul M. Nakasone, a retired general of the US Army and a former head of the National Security Agency, to its board of directors.
Redmond splats dozens of bugs as does Adobe while Arm drivers and PHP under active attack
Facebook and Instagram's parent company Meta is pausing its plans to roll our artificial intelligence tools in Europe, following a request from Ireland's Data Protection Commission (DPC), the firm said in a Friday (14 June) blogpost.
The servers supported multiple media outlets linked to Islamic State. They were used to disseminate worldwide propaganda and messages capable of inciting terrorism in at least thirty languages. Eurojust and Europol coordinated and supported the joint operations.This week’s joint operations are part of ongoing efforts and constant vigilance to tackle online terrorist propaganda and communications, including through social media. They...
We recently rolled out a re-acceptance of our Terms of Use which has led to concerns about what these terms are and what they mean to our customers. This has caused us to reflect on the language we use in our Terms, and the opportunity we have to be clearer and address the concerns raised by the community.
Over the next few days, we will speak to our customers with a plan to roll out updated changes by June 18, 2024.
Specialists with the Ukrainian Defense Ministry's Main Intelligence Directorate (HUR) carried out a cyberattack on the websites of Russian government agencies and Russian airports on "Russia Day," with a number of flights being delayed. — Ukrinform.
Recently KILLNET creator; ‘KillMilk’, announced that they were building a global team of operators from the darknet and special services members, with financially motivated destructive capabilities. Their operation went full circle from offering services to hackers and competing businessmen, to taking orders from private and state persons, along with defending the interests of the Russian Federation. This report focuses on analyzing KILLNET, Subgroups, capabilities, and recent development in the group’s motive.
