State-Sponsored DNS Hijacking Infiltrates 40 Firms Globally
An ongoing campaign, active since 2017, has been stealing credentials via global DNS hijacking attacks.
RatVermin Spyware Targets Ukraine Gov Agencies
Researchers are pinning a recent phishing campaign against Ukraine government agencies on the Luhansk People's Republic, a proto-state in eastern Ukraine which declared independence in 2015.
Romanian Duo Convicted of Malware Scheme Infecting 400,000 Computers
The duo are convicted of infecting 400,000 computers in the U.S. with malware and scamming victims out of millions of dollars.
North Korea’s Hidden Cobra Strikes U.S. Targets with HOPLIGHT
The custom malware is a spy tool and can also disrupt processes at U.S. assets.
ThreatList: Tax Scammers Launch a Raft of Fake Mobile Apps
Convincing phishing pages and millions of suspicious apps are plaguing tax season.
SAS 2019: Gaza Cybergang Blends Sophistication Levels in Highly Effective Spy Effort
The SneakyPastes campaign was highly effective but hardly advanced.
SAS 2019: Meet ‘TajMahal,’ A New and Highly Advanced APT Framework
A highly sophisticated APT framework has been found targeting a single Central Asian diplomatic entity for years.
Lazarus Group Widens Tactics in Cryptocurrency Attacks
MacOS users, as well as Windows, are in the cross-hairs, especially those based in South Korea.
FTC Demands Broadband Providers Reveal Data Handling Practices
The FTC is ordering seven companies - including AT&T, T-Mobile, Comcast and more - to outline what data they collect, what they use the data for, and how transparent they're being with consumers.
Grindr Poses National Security Risk, U.S. Gov Says
According to a report, Grindr's Chinese owners are selling the platform after concerns were raised about user data handling.
FEMA Exposes PII for Millions of Hurricane, Wildfire Survivors
The contractor with whom it shared the data has a vulnerable, unpatched network.
Years-Long Phishing Campaign Targets Saudi Gov Agencies
The campaign, codenamed “Bad Tidings,” has sought out victims’ credentials with clever fake landing pages pretending to be the Saudi Arabian Ministry of Interior’s e-Service portal.
Privacy Regulations Needed for Next-Gen Cars
With wide deployment expected in the next decade, the driverless automobile landscape looks fraught – from road safety to data protection.
Purveyor of Cracked Netflix, Hulu, Spotify Accounts Arrested
A Sydney man is accused of selling nearly 1 million compromised accounts, for a significant profit.
Federal Focus on Cyber Plays Out in President’s Budget, IoT Legislation
Money earmarked for the Defense Department and DHS, and bipartisan bills to address the security of federal IoT devices, showcase growing federal cyber-efforts.
RSA Conference 2019: The Sky’s the Limit For Satellite Hacks
Satellites are spotted with vulnerabilities and design flaws - and hackers are taking note, researchers report at the RSA Conference.
RSAC 2019: An Antidote for Tech Gone Wrong
As many ponder the big ethical questions around cyber, some are proposing public interest technologist as a solution.
RSAC 2019: New Operation Sharpshooter Data Reveals Higher Complexity, Scope
New look at server data behind a previously-identified espionage campaign shows that it has exceeded researchers' expectations in complexity, scope and breadth.
Bronze Union APT Updates Remote Access Trojans in Fresh Wave of Attacks
The China-linked threat group has returned in 2018 using updated RATs to launch its attacks, including ZxShell, Gh0st RAT, and SysUpdate malware.
Microsoft: Russia’s Fancy Bear Working to Influence EU Elections
As hundreds of millions of Europeans prepare to go to the polls in May, Fancy Bear ramps up cyber-espionage and disinformation efforts.