Cybersecurity researchers are analyzing about 200,000 messages from inside the high-profile Black Basta ransomware operation that were leaked recently.
State officials from Lithuania and Estonia are among those raising the alarm about Russian interference with navigation signals.
A draft proposal, offered ahead of European elections in June, reportedly would allow the EU to impose tougher restrictions on individuals and entities involved in Russia-backed influence operations worldwide.
Cheap ransomware is being sold for one-time use on dark web forums, allowing inexperienced freelancers to get into cybercrime without any interaction with affiliates.
Researchers at the intelligence unit at the cybersecurity firm Sophos found 19 ransomware varieties being offered for sale or advertised as under development on four forums from June 2023 to February 2024.
he ransomware attack on a company owned by healthcare giant UnitedHealth Group (UHG) has so far caused $872 million in losses, according to the corporation’s latest earnings report.
UnitedHealth owns Change Healthcare, a key cog in the U.S. healthcare industry that was crippled by a ransomware attack in February. Change Healthcare and UHG subsidiary Optum took hundreds of systems offline as a result of the incident and faced criticism from the White House and Congress over its handling of the ransomware attack.
Cisco said one of the providers it uses to send multifactor authentication (MFA) messages was breached by a threat actor on April 1.
In emails to customers, Cisco said the incident specifically affected Duo — a multifactor authentication company it acquired in 2018. The attacker breached the system of a telephony supplier that Duo uses to send MFA messages through texts and phone calls to its customers.
Prosecutor General Adam Bodnar says an investigation into Pegasus use by current and former government officials has expanded to hundreds more people than initially reported.
CISA publicly released an emergency directive issued to federal agencies earlier this month, detailing how a breach at Microsoft could have affected the government.
A previously unknown ransomware gang has been attacking Russian businesses with malware based on the leaked source code from the Conti hacking group.
The gang, which researchers at the Moscow-based cybersecurity company F.A.C.C.T. have dubbed “Muliaka," or Muddy Water in English, has left minimal traces from its attacks but has likely been active since at least December 2023.
Rubycarp has been in operation for at least a decade, and its campaigns appear to overlap with other cybercrime groups, according to researchers at Sysdig.
A Russian developer of Trickbot malware has been sentenced to five years and four months in prison, the U.S. Department of Justice said on Thursday.
An “unauthorized party” hijacked the cell phone number of the person running the SEC’s X account before taking over the social media feed and posting messages.
In a statement on Monday, an SEC spokesperson explained that two days after the January 9 account takeover, the government agency spoke to its telecom carrier and discovered that someone “obtained control of the SEC cell phone number associated with the account in an apparent ‘SIM swap’ attack.”
Two bugs in Citrix technology are drawing serious attention this week from the Cybersecurity and Infrastructure Security Agency.
CISA says federal agencies much patch one of the vulnerabilities — tagged as CVE-2023-6548 — by January 24. It’s one of the rare times the cyber agency has put a remediation date of less than three weeks on a vulnerability.
CISA did not respond to requests for comment about why the remediation timeline was shorter than most.
The other bug — listed as CVE-2023-6548 — must be fixed by February 7. CISA’s alerts are aimed at federal agencies but often serve as general warnings for the public.
What happened in Denmark can also happen to you, cybersecurity researchers are warning in a new report that examines attacks against the country’s energy sector last year.
Waves of incidents in May that seemed like a highly-targeted effort by a nation-state actor — perhaps Russia’s Sandworm hacking group — might have been less connected than originally thought, according to a new report by Forescout.
The researchers say their analysis found two distinct waves against Danish energy providers, and evidence suggests they were unrelated.
The World Council of Churches reported an incident in December, and the Lutheran World Federation said it experienced a related incident. The Rhysida gang claimed it carried out the attack on the federation.
The printing and business services giant said its XBS division "experienced a security incident." A cybercrime gang called INC said it was responsible.
Since it appeared in July 2022, Play ransomware has launched devastating attacks on municipalities and critical infrastructure, agencies said.
Ukraine's defense intelligence directorate (GUR) said it infected thousands of servers belonging to Russia's state tax service with malware, and destroyed databases and backups.
The British government accused a unit of Russia’s Federal Security Service (FSB) on Thursday of using cyberattacks in a “sustained but unsuccessful” campaign to undermine democratic institutions in the country.
The company’s AirLink cellular routers are often used in critical infrastructure sectors, such as government and emergency services.
