Security News > 2024 > February

Ensuring secure access to OT environments is about more than just cybersecurity. At the same time, more third-party vendors and contractors are being given remote access to OT environments.

A cyberattack on UnitedHealth Group subsidiary Optum that led to an ongoing outage impacting the Change Healthcare payment exchange platform was linked to the BlackCat ransomware group by sources familiar with the investigation. One of those involved in these calls told BleepingComputer that the attack was linked to the BlackCat ransomware gang by forensic experts involved in the incident response.

A hacking group tracked as 'UAC-0184' was observed utilizing steganographic image files to deliver the Remcos remote access trojan onto the systems of a Ukrainian entity operating in Finland. Steganography is a well-documented but rarely seen tactic that involves encoding malicious code into the pixel data of images to evade detection by solutions using signature-based rules.

If you ever wanted to play DOOM on a lawnmower, you will soon have your chance with a new software update coming to Husqvarna's robotic line of lawnmowers this spring. "The legendary 1993 video game DOOM® will be playable on Husqvarna Automower® NERA robotic lawnmower models from April this year," reads a news release on Husqvarna's site.

A law firm acting on behalf of the Nevada Attorney General Aaron Ford has asked a state court to issue a temporary restraining order denying minors access to encrypted communication in Meta's Messenger application. The legal claim cites a statement from the National Center for Missing and Exploited Children that argues Meta's provision of end-to-end encryption in Messenger "Without exceptions for child sexual abuse material placed millions of children in grave danger."

The White House Office of the National Cyber Director urged tech companies today to switch to memory-safe programming languages, such as Rust, to improve software security by reducing the number of memory safety vulnerabilities. Such vulnerabilities are coding errors or weaknesses within software that can lead to memory management issues when memory can be accessed, written, allocated, or deallocated.

The ALPHV/BlackCat ransomware gang is reportedly responsible for the massive Change Healthcare cyberattack that has disrupted pharmacies across the US since last week. The Register has not independently confirmed that ALPHV was involved in the intrusion.

LockBit ransomware could be deployed through compromised website links, phishing, credential theft or other methods. Must-read security coverage LockBit website shut down.

Threat actors are exploiting a CMS editor discontinued 14 years ago to compromise education and government entities worldwide to poison search results with malicious sites or scams. Search engine crawlers index the redirects and list them on Google Search results, making them an effective strategy for SEO poisoning campaigns, leveraging a trusted domain to rank malicious URLs higher for specific queries.

Officials have until March 2 to cough up or stolen data gets leaked LockBit claims it's back in action just days after an international law enforcement effort seized the ransomware gang's servers...