Security News

The Federal Bureau of Investigation said on Friday that distributed denial-of-service attacks coordinated by hacktivist groups have a minor impact on the services they target. "Coinciding with the Russian invasion of Ukraine, the FBI is aware of Pro-Russian hacktivist groups employing DDoS attacks to target critical infrastructure companies with limited success," the agency said.

' It's a quotation which could easily be applied to the rapid growth of cloud application and service provision, and the accompanying threats to cyber security which have expanded in parallel. If this incurs a sense of anxiety, fear not! Once identified, any cyber threat can be prevented from causing too much damage.

A business email compromise group named 'Crimson Kingsnake' has emerged, impersonating well-known international law firms to trick recipients into approving overdue invoice payments. This approach creates a solid basis for the BEC attack, as recipients may be intimidated when receiving emails from large law firms like the ones impersonated in the scams.

The LockBit ransomware gang has claimed responsibility for a cyberattack against the German multinational automotive group Continental.Since LockBit says that it will publish "All available" data, this indicates that Continental is yet to negotiate with the ransomware operation or it has already refused to comply with the demands.

The US Treasury Department has thwarted a distributed denial of service attack that officials attributed to Russian hacktivist group Killnet. According to Reuters, which first reported on the US Treasury incident, the Killnet DDoS flood didn't have any operational impact on the agency and it happened a couple days before the Russians turned their attention to JPMorgan Chase.

Threat actors are using the compromised infrastructure of an undisclosed media company to deploy the SocGholish JavaScript malware framework on the websites of hundreds of newspapers across the U.S. "The media company in question is a firm that provides both video content and advertising to major news outlets. [It] serves many different companies in different markets across the United States," Sherrod DeGrippo, VP of threat research and detection at Proofpoint, told BleepingComputer. The threat actor behind this supply-chain attack has injected malicious code into a benign JavaScript file that gets loaded by the news outlets' websites.

Threat actors are using the compromised infrastructure of an undisclosed media company to deploy the SocGholish JavaScript malware framework on the websites of hundreds of newspapers across the U.S. The threat actor behind this supply-chain attack has injected malicious code into a benign JavaScript file that gets loaded by the news outlets' websites. "Proofpoint Threat Research has observed intermittent injections on a media company that serves many major news outlets. This media company serves content via Javascript to its partners," Proofpoint's Threat Insight team revealed today in a Twitter thread. "By modifying the codebase of this otherwise benign JS, it is now used to deploy SocGholish."

According to a new report, almost half of Android-based mobile phones used by U.S. state and local government employees are running outdated versions of the operating system, exposing them to hundreds of vulnerabilities that can be leveraged for attacks. The report additionally warns of a rise in all threat metrics, including attempted phishing attacks against government employees, reliance on unmanaged mobile devices, and liability points in mission-critical networks.

Dropbox has suffered a data breach, but users needn't worry because the attackers did not gain access to anyone's Dropbox account, password, or payment information. The compromised repositories contain "Copies of third-party libraries slightly modified for use by Dropbox, internal prototypes, and some tools and configuration files used by the security team" - but not code for Dropbox core apps or infrastructure.

Dropbox has said it was successfully phished, resulting in someone copying 130 of its private GitHub code repositories and swiping some of its secret API credentials. GitHub let Dropbox know the next day, and the cloud storage outfit investigated.