Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2023-01-27 14:29:39 |
Cyberattack confirmed as cause for phone and IT problems at British music school (lien direct) |
A school in Guildford, southwest of London, has confirmed that a cyberattack is responsible for knocking out its phone lines and impacting the school's IT systems. Guildford County School, a specialist music academy with over 1,000 students, first announced IT issues on Twitter on January 19. At the time its headteacher Steve Smith said the [… |
General Information
|
|
★★★
|
|
2023-01-27 13:37:41 |
Russia blocks access to US \'Rewards for Justice,\' FBI and CIA websites (lien direct) |
Russian telecommunications regulator Roskomnadzor blocked access to the U.S. State Department's Rewards for Justice website on Friday, alongside the sites for the Central Intelligence Agency and the Federal Bureau of Investigation. The restrictions were first reported by the Russian newspaper Kommersant. Interfax later quoted Roskomnadzor as explaining that the blocks were put in place because [… |
|
|
★★★
|
|
2023-01-26 21:30:32 |
Large East Asian companies attacked with SparkRAT open source tool (lien direct) |
Large companies in East Asia are being attacked with an open source tool named SparkRAT, according to a new report. Researchers from SentinelLabs told The Record that they have been tracking a hacking group named “DragonSpark” since October due to its frequent attacks on large companies, which they did not name, and its ability to [… |
Tool
|
|
★★
|
|
2023-01-26 20:15:18 |
CISA\'s Joint Cyber Defense Collaborative to tackle energy, water security in 2023 (lien direct) |
The Cybersecurity and Infrastructure Security Agency's (CISA) Joint Cyber Defense Collaborative (JCDC) will be focusing this year on beefing up security in the energy sector and leading the effort to update the National Cyber Incident Response Plan, according to the body’s planning agenda. Announced in 2021, the JCDC is an initiative spearheaded by CISA Director [… |
Guideline
|
|
★★
|
|
2023-01-26 17:25:14 |
\'We hacked the hackers:\' DOJ, FBI take down Hive ransomware after spending months inside gang systems (lien direct) |
The FBI and Justice Department took down the infrastructure of the Hive ransomware group on Thursday, announcing that their agents had been inside the group's systems since July 2022. FBI Director Christopher Wray said agents gained “clandestine, persistent access” to the control panel used by Hive operators seven months ago, allowing them to identify victims [… |
Ransomware
|
|
★★★★
|
|
2023-01-26 16:44:17 |
Britain\'s cyber intel agency GCHQ to start search for new director as Fleming signals departure (lien direct) |
GCHQ, Britain's cyber and signals intelligence agency, is searching for a new director, following the announcement on Thursday that Sir Jeremy Fleming would be leaving. In a statement, the agency said: “In line with normal practice, there will be an internal civil service competition to identify a successor. Sir Jeremy and the Board will continue [… |
|
|
★★
|
|
2023-01-26 16:19:08 |
Google shut down thousands of pro-Beijing disinformation channels on Taiwan, COVID-19 (lien direct) |
Google says it shut down more than 50,000 accounts promoting pro-People's Republic of China (PRC) disinformation in 2022 that focused on Taiwan, COVID-19 and U.S. politics. The takedowns are the latest salvo in an ongoing battle between Google and a campaign it has named “Dragonbridge.” Since 2019, the company says has shut down more than [… |
|
|
★★★
|
|
2023-01-26 13:48:34 |
Royal Mail nearly back to full operations following ransomware attack (lien direct) |
Royal Mail is close to resuming full operations just two weeks after a ransomware attack caused “severe service disruption,” marking a victory for British cyber authorities who have stressed the importance of recovery as well as resistance to combat the impact of attacks. The British postage and courier company's ability to dispatch parcels and letters [… |
Ransomware
|
|
★★
|
|
2023-01-26 01:04:11 |
820,000 people affected by Zacks Investment Research breach from November 2021 (lien direct) |
Stock market data giant Zacks Investment Research is sending out breach notification letters to 820,000 people after discovering a breach that lasted nearly one year. In filings with the Maine Attorney General's office, the company revealed that it suffered a breach that lasted from November 2021 to August 2022. The company did not respond to [… |
|
|
★★
|
|
2023-01-26 00:01:00 |
British cyber agency issues warning over Russian and Iranian espionage campaigns (lien direct) |
Two separate but similar espionage campaigns from Russian and Iranian-linked groups have prompted a warning from Britain's National Cyber Security Centre. In a document published on Thursday local time the NCSC warned how instead of sending surprise phishing emails, the hacking groups – identified as “Russia-based” SEABORGIUM and “Iran-based” APT42, or Charming Kitten – are [… |
Conference
|
APT 35
APT 42
|
★★
|
|
2023-01-25 21:43:55 |
Exploit released for Microsoft bug allowing attacker to masquerade as legitimate entity (lien direct) |
Researchers from Akamai have released a proof-of-concept for a vulnerability affecting a Microsoft tool that allows the Windows' application programming interface to deal with cryptography. The vulnerability, CVE-2022-34689, was discovered by the United Kingdom’s National Cyber Security Centre and the National Security Agency. It affects a tool called CryptoAPI and allows an attacker to masquerade [… |
Tool
Vulnerability
|
|
★★
|
|
2023-01-25 20:44:28 |
CISA says federal agencies attacked in refund scam through remote management software (lien direct) |
At least two federal civilian agencies were exploited by cybercriminals as part of a refund scam campaign perpetrated through the use of remote monitoring and management (RMM) software. The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency, and Multi-State Information Sharing and Analysis Center (MS-ISAC) said on Wednesday they discovered the campaign in October. [… |
|
|
★★
|
|
2023-01-25 17:12:26 |
North Korean hackers use fake job offers, salary bumps as lure for crypto theft (lien direct) |
Hackers connected to the North Korean military used a variety of new phishing methods in 2022 to steal cryptocurrency, according to a new report from Proofpoint. The hackers bombarded people with emails about fake job opportunities at prestigious firms or fictitious salary increases as a way to get people to open emails carrying malware that [… |
Malware
|
|
★★
|
|
2023-01-25 17:09:47 |
FBI: North Korean hacking group Lazarus behind $100 million crypto heist (lien direct) |
The FBI accused the notorious North Korean hacker group Lazarus of stealing $100 million from a United States-based cryptocurrency firm last year. During a crypto heist at the end of June, Lazarus allegedly hacked Horizon Bridge, a service that allows people to move virtual assets between different blockchain networks and is owned by the blockchain [… |
|
APT 38
|
★★
|
|
2023-01-25 16:35:42 |
Russia suffered record number of DDoS attacks last year: report (lien direct) |
Russia's private businesses and state services faced a record number of distributed denial-of-service (DDoS) attacks last year, fueled by pro-Ukrainian hackers, according to a report published this week by Russia's largest telecom provider Rostelecom. At the beginning of the war, DDoS attacks against Russia were massive and unsophisticated, according to cybersecurity experts. But throughout 2022 [… |
|
|
★★
|
|
2023-01-25 13:54:59 |
Hilton denies hack after data from 3.7 million Honors customer offered for sale (lien direct) |
Hotel giant Hilton denied that it has been hacked after cybercriminals claimed to have breached the company's systems and stolen data related to 3.7 million customers. On Monday, hackers said they stole a database from 2017 consisting of information from customers enrolled in the Hilton Hotel Honors program. The information in the database includes names, [… |
Hack
|
|
★★★★
|
|
2023-01-24 21:27:31 |
DuoLingo investigating dark web post offering data from 2.6 million accounts (lien direct) |
Language learning platform DuoLingo said it is investigating a post on a hacking forum offering information on 2.6 million customer accounts for $1,500. A spokesperson for the company said they are aware of the post, which was created on Tuesday morning and offers emails, phone numbers, courses taken and other information on how customers use [… |
|
|
★★★★
|
|
2023-01-24 20:47:52 |
Senators slam Ticketmaster for reporting just one bot case to FTC despite Taylor Swift fiasco claims (lien direct) |
Several U.S. Senators criticized Ticketmaster during a Judiciary Committee hearing on Tuesday for only reporting one case of bot abuse to the Federal Trade Commission despite previous claims that the company was dealing with unprecedented attacks by resellers using automated tools. Companies like Ticketmaster can report bot abuse to the FTC following the passage of [… |
|
|
★★
|
|
2023-01-24 18:56:09 |
GoTo says hackers stole encrypted backups during November cyberattack (lien direct) |
Multibillion-dollar software-as-a-service provider GoTo said hackers stole an encryption key for customer-owned backups during a November cyberattack. In a statement this week, GoTo CEO Paddy Srinivasan said the November cyberattack involved the exfiltration of data from a third-party cloud storage service related to several of their products. “The affected information, which varies by product, may [… |
|
|
★★★
|
|
2023-01-24 15:57:03 |
Riot Games receives \'ransom email\' for stolen source code following social engineering attack (lien direct) |
Riot Games, the video game developer and esports organizer, said on Tuesday that it had received a ransom email following a social engineering attack last week. “Needless to say, we won't pay,” the company's official Twitter account announced. When the incident was disclosed, Riot Games said that multiple systems in its development environment had been [… |
|
|
★
|
|
2023-01-24 14:51:01 |
Ohio town working to restore municipal court systems after cyberattack (lien direct) |
An Ohio town is investigating a cyberattack that has brought down the systems used by their court and may have accessed sensitive data. Circleville Municipal Court told The Record that it recently discovered a cyberattack requiring its IT department to work with outside cybersecurity professionals. A spokesperson would not confirm whether the incident involved ransomware [… |
Ransomware
|
|
★★
|
|
2023-01-24 14:41:02 |
Pakistani authorities investigating if cyberattack caused nationwide blackout (lien direct) |
Pakistani authorities are investigating whether a nationwide blackout which left millions of people without power on Monday was caused by a cyberattack. The country's energy minister Khurram Dastgir Khan told journalists during a news conference on Tuesday morning that there was a “remote chance” the incident was caused by hackers. Cyberattacks on energy grids are [… |
|
|
★★
|
|
2023-01-24 06:33:02 |
Exclusive: Axon still wants to put Taser drones in your kid\'s school (lien direct) |
This week, Axon, the company that developed the Taser, is hosting a conference in Las Vegas called TaserCon. The event is billed as an opportunity to talk about law enforcement and public safety. Axon is expected to use the occasion to reintroduce a controversial plan: putting stun gun-equipped drones in schools to prevent mass shootings. [… |
|
|
★★
|
|
2023-01-24 02:19:28 |
Congressman \'coming for answers\' after \'no-fly list\' hack (lien direct) |
A Republican congressman on the House Committee on Homeland Security is seeking answers about last week’s hack of regional airline CommuteAir, which led to the exposure of a copy of the federal no-fly list from 2019. Alarm has grown since the researcher behind the hack, a Swiss national who goes by maia arson crimew, published [… |
Hack
|
|
★★
|
|
2023-01-23 18:03:58 |
Riot Games to pause updates after social engineering attack (lien direct) |
Video game developer and esports organizer Riot Games was affected by a social engineering cyberattack last week, the company announced on January 20. The attack, which compromised multiple systems, affects the company's ability to release content, as well as other operations at the company, including patching. A senior official at Riot Games clarified that the [… |
|
|
★★
|
|
2023-01-23 16:27:09 |
Los Angeles Unified School District confirms SSNs leaked in September ransomware attack (lien direct) |
The Los Angeles Unified School District (LAUSD) sent out breach notification letters to an unknown number of contractors in recent days notifying them that sensitive information – including Social Security numbers – was leaked during a wide-ranging cyberattack last year. The school district said an investigation revealed that from July 31 until September 3 hackers [… |
Ransomware
|
|
★★★
|
|
2023-01-23 14:14:16 |
International Counter Ransomware Task Force kicks off (lien direct) |
An international counter-ransomware task force first announced at a White House event in November officially commenced operations on Monday, according to the Australian government which is the inaugural chair of the group. The International Counter Ransomware Task Force's (ICRTF) operations are intended to drive collaboration among a coalition of 36 member states and the European [… |
Ransomware
|
|
★★
|
|
2023-01-23 14:03:32 |
PLAY ransomware group claims attack on Arnold Clark, one of Britain\'s largest car dealerships (lien direct) |
Sensitive personal data allegedly stolen from Arnold Clark, one of the United Kingdom's largest car dealerships, has been posted online by the PLAY ransomware group. The company had claimed in a Tweet on January 3 to have protected customer data after it discovered suspicious traffic on its network back in December, although it did not [… |
Ransomware
|
|
★★
|
|
2023-01-23 04:59:00 |
Jim Langevin on how Congress has come \'a long way from where we first started\' on cyber (lien direct) |
When Jim Langevin entered Congress in 2001, cybersecurity was barely on the radar for most lawmakers. But a drumbeat of hacks and escalating digital threats prompted Langevin, who this year left office after 22 years representing Rhode Island's 2nd congressional district, to help create the House Cybersecurity Caucus in 2008. As its co-chair, Langevin both […] |
|
|
★★
|
|
2023-01-21 13:37:00 |
Suspected Chinese hackers exploit vulnerability in Fortinet devices (lien direct) |
Suspected Chinese hackers have been targeting a European government entity and African managed service provider with new custom malware. According to a report released by Mandiant on Thursday, hackers exploited a recently patched vulnerability - CVE-2022-42475 - in FortiOS, an operating system developed by U.S. cybersecurity company Fortinet, as a zero-day. The exploitation occurred as [… |
Vulnerability
|
|
★★★
|
|
2023-01-20 20:56:26 |
Cyberattack on Nunavut energy supplier limits company operations (lien direct) |
A wide-ranging cyberattack on the Qulliq Energy Corporation (QEC) in Canada's Nunavut territory has crippled the company's administrative offices. Officials with the company said the attack started on January 15 and while power plants are still operating normally, computer systems at the corporation's customer care and administrative offices are unavailable. The company cannot accept bill [… |
|
|
★★
|
|
2023-01-20 20:48:37 |
Ukraine signs agreement to join NATO cyber defense center (lien direct) |
Ukraine has taken another step to deepen its cooperation with NATO in the cybersecurity field as its war with Russia - both kinetic and digital - approaches the one-year mark. On Thursday, Ukraine signed an agreement to join the Estonia-based NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE). Before it is official, all of CCDCOE's [… |
|
|
★★
|
|
2023-01-20 20:13:31 |
Electronic health record giant NextGen dealing with cyberattack (lien direct) |
Hospital technology giant NextGen Healthcare said it is responding to a cyberattack after a notorious ransomware group added the company to its list of victims. The multibillion-dollar healthcare giant produces electronic health record (EHR) software and practice management systems for hundreds of the biggest hospitals and clinics in the U.S., U.K., India and Canada. On [… |
Ransomware
|
|
★★
|
|
2023-01-20 18:28:54 |
Samsung investigating claims of hack on South Korea systems, internal employee platform (lien direct) |
Samsung is investigating a potential cyberattack and data breach on an internal employee platform and several systems in South Korea. On Tuesday, a group of hackers going by the name “Genesis Day” claimed it attacked Samsung's offices in South Korea because of the country's recent opening of a mission to the North Atlantic Treaty Organization [… |
Data Breach
Hack
|
|
★★
|
|
2023-01-20 13:09:07 |
T-Mobile confirms another data breach affecting 37 million customer accounts (lien direct) |
T-Mobile, one of the largest wireless network operators in the United States, said on Thursday that it was investigating a data breach involving 37 million customer accounts. In a disclosure notice filed to the U.S. Securities and Exchange Commission, the company explained the breach was discovered after it identified malicious activity on its networks on [… |
Data Breach
|
|
★
|
|
2023-01-20 10:30:43 |
Costa Rica\'s Ministry of Public Works and Transport crippled by ransomware attack (lien direct) |
Costa Rica's government has suffered another ransomware attack just months after several ministries were crippled in a wide-ranging attack by hackers using the Conti ransomware. On Tuesday, Costa Rica's Ministry of Public Works and Transport (MOPT) said in a statement that 12 of its servers were encrypted. Cybersecurity experts from the National Security Directorate and [… |
Ransomware
|
|
★★
|
|
2023-01-19 21:11:22 |
Hackers exploiting vulnerability affecting Zoho ManageEngine products: Rapid7 (lien direct) |
Researchers at cybersecurity firm Rapid7 have observed exploitation of a vulnerability affecting two dozen ManageEngine products from software company Zoho. The bug – CVE-2022-47966 – was patched in waves starting on October 27, with the last product receiving a patch on November 7. Discovered by a researcher from Viettel Cyber Security, the vulnerability allows an [… |
Vulnerability
|
|
★★
|
|
2023-01-19 19:35:58 |
Nearly 35,000 PayPal users had SSNs, tax info leaked during December cyberattack (lien direct) |
PayPal is sending out breach notification letters to nearly 35,000 customers after a December 6 credential stuffing attack allowed hackers to access names, addresses, Social Security Numbers, individual tax identification numbers and dates of birth. The company reported the breach, which occurred from December 6 to December 8, to Maine's Attorney General. On December 20, [… |
|
|
★★★
|
|
2023-01-19 19:17:18 |
Canada\'s largest alcohol retailer infected with card skimming malware twice since December (lien direct) |
On January 12, Canadian alcohol retail giant LCBO announced that an “unauthorized party embedded malicious code” onto its website in order to steal information from customers in the process of checking out. Over five days in January, they wrote, customers “may have had their information compromised.” In fact, the infection was one of several to […] |
Malware
|
|
★★★
|
|
2023-01-19 15:16:38 |
Irish privacy regulator to take European Union body to court over unlawful interference (lien direct) |
The Republic of Ireland's privacy regulator announced on Thursday that it would be taking the European Union's data protection board to court to challenge what it says is unlawful interference. Ireland's Data Protection Commissioner (DPC) made its complaint about the European Data Protection Board (EDPB) alongside an announcement that it had concluded a five-year investigation [… |
|
|
★★★
|
|
2023-01-19 14:08:02 |
Ransomware attack hits nearly 300 fast food restaurants in UK, including KFC and Pizza Hut (lien direct) |
A ransomware attack closed nearly 300 fast-food restaurants in the United Kingdom, according to a statement from Yum! Brands published late Wednesday evening. Yum! Brands, an American company which owns KFC, Pizza Hut and Taco Bell, stated “certain information technology systems” were impacted in the incident. Data was taken from the company's network, the statement [… |
Ransomware
|
|
★★★
|
|
2023-01-19 13:24:22 |
Royal Mail trials \'operational workarounds\' following suspected ransomware attack (lien direct) |
Royal Mail, the British postage and courier company, said on Wednesday evening it was “trialing operational workarounds” to get services moving again following a suspected ransomware attack. The company announced it had been impacted by a “cyber incident” last week, although it has not confirmed that the incident was a ransomware attack. The Record has [… |
Ransomware
|
|
★★★
|
|
2023-01-19 13:00:00 |
Ransomware revenue fell by $300 million in 2022 as more victims refuse to pay: report (lien direct) |
Revenues brought in from ransomware attacks fell from $765.6 million in 2021 to $456.8 million in 2022, according to a new report. Experts from blockchain research firm Chainalysis attributed the drop to a variety of factors, most notably that more victims are simply refusing to pay up when threatened by criminal groups. The company tracks [… |
Ransomware
|
|
★★★★
|
|
2023-01-19 12:26:38 |
Russia-linked drug marketplace Solaris hacked by its rival (lien direct) |
Solaris, one of the leading darknet drug marketplaces, has been taken over by its rival, according to research released this week. Users who tried to access Solaris after January 13 were redirected to the recently-launched Russian language drug marketplace known as Kraken, which claimed to have successfully taken over Solaris' infrastructure, GitLab repository and project [… |
Guideline
|
|
★★★★
|
|
2023-01-19 00:01:00 |
British and Ukrainian cyber officials meet in London for threat intelligence talks (lien direct) |
Senior cybersecurity officials from the United Kingdom and Ukraine met for several hours on Wednesday to discuss threat intelligence relating to Russian cyberattacks. The bilateral talks between National Cyber Security Centre (NCSC) staff and a delegation from Ukraine's State Service of Special Communications and Information Protection (SSSCIP) and its Computer Emergency Response Team (CERT-UA) covered [… |
Threat
|
|
★★★
|
|
2023-01-18 19:55:10 |
More than 100 Mailchimp accounts accessed via social engineering cyberattack (lien direct) |
A hacker accessed 133 Mailchimp accounts using a social engineering attack on company employees and contractors, the company announced on Tuesday. In a statement, first reported by TechCrunch, the email marketing firm said the attack occurred on January 11. Using employee credentials compromised in that incident, the attacker targeted the 133 accounts. “After we identified [… |
|
|
★★
|
|
2023-01-18 19:11:10 |
Law enforcement takes down crypto exchange allegedly used to launder $15 million in ransomware payments (lien direct) |
The Russian co-founder of a cryptocurrency exchange allegedly used to launder cybercrime proceeds was arrested early Wednesday morning in Miami, the Department of Justice announced. The arrest of Anatoly Legkodymov, who is charged with “unlicensed money transmitting,” is “a significant blow to the cryptocrime ecosystem,” Deputy Attorney General Lisa Monaco said. The exchange, Bitzlato, is [… |
Ransomware
|
|
★★
|
|
2023-01-18 17:55:13 |
Thousands of Nissan customers affected by data breach through third-party vendor (lien direct) |
Nissan has sent out breach notification letters to thousands of people to inform them of a leak of personal information through a third-party vendor. The car company said it was notified on June 21 that names, dates of birth, and account numbers for Nissan Motor Acceptance Corporation – an indirect lender that helps people [… |
Data Breach
|
|
★★★
|
|
2023-01-18 15:52:22 |
Ukraine says Russia is coordinating missile strikes, cyberattacks and information operations (lien direct) |
Researchers associated with the Ukrainian government on Tuesday confirmed that Russia has coordinated kinetic strikes and cyberattacks to inflict damage on government offices, public service organizations, media companies and communication centers. In a study titled “Comprehensive Analysis of Russian Warfare Dimensions,” researchers from Ukraine's Economic Security Council and the independent communication agency Truman said Russia [… |
|
|
★★★
|
|
2023-01-18 14:38:46 |
Spyware company Intellexa fined €50,000 for holding up Greek inquiry (lien direct) |
Greece's Data Protection Authority (DPA) has issued the Israeli-owned spyware consortium Intellexa a €50,000 fine (about $54,000) for failing to comply with its investigations into the use of the controversial technology. The DPA's inquiry was launched following press reports in Greece which claimed that senior public figures - including the chief of national defense staff [… |
|
|
★★★
|