Security News
The government of Montenegro has provided more information about the attack on its critical infrastructure saying that ransomware is responsible for the damage and disruptions. Public Administration Minister Maras Dukaj stated on local television yesterday that behind the attack is an organized cybercrime group.
Blue badges are highly coveted as Instagram provides them to accounts it verified to be authentic, representing a public figure, celebrity, or brand. The spear emails in the recently observed phishing campaign inform recipients that they Instagram reviewed their accounts and deemed them eligible for a blue badge.
The operators of the emerging cross-platform BianLian ransomware have increased their command-and-control infrastructure this month, a development that alludes to an increase in the group's operational tempo. "BianLian has also targeted SonicWall VPN devices for exploitation, another common target for ransomware groups," [redacted] researchers Ben Armstrong, Lauren Pearce, Brad Pittack, and Danny Quist said.
The Ragnar Locker ransomware gang has claimed an attack on the flag carrier of Portugal, TAP Air Portugal, disclosed by the airline after its systems were hit on Thursday night. Even though TAP is yet to confirm if this was a ransomware attack, the Ragnar Locker ransomware gang posted a new entry on their data leak website today, claiming to be behind last week's cyberattack that hit TAP's network.
Google on Monday introduced a new bug bounty program for its open source projects, offering payouts anywhere from $100 to $31,337 to secure the ecosystem from supply chain attacks. Called the Open Source Software Vulnerability Rewards Program, the offering is one of the first open source-specific vulnerability programs.
A months-long cyber espionage campaign undertaken by a Chinese nation-state group targeted several entities with reconnaissance malware so as to glean information about its victims and meet its strategic goals. "The targets of this recent campaign spanned Australia, Malaysia, and Europe, as well as entities that operate in the South China Sea," enterprise security firm Proofpoint said in a published in partnership with PwC. Targets encompass local and federal Australian Governmental agencies, Australian news media companies, and global heavy industry manufacturers which conduct maintenance of fleets of wind turbines in the South China Sea.
In lieu of malware, attackers can use ScanBox in conjunction with watering hole attacks. Adversaries load the malicious JavaScript onto a compromised website where the ScanBox acts as a keylogger snagging all of a user's typed activity on the infected watering hole website.
In this Help Net Security video, Jon Hencinski, VP of Security Operations at Expel, talks about how their SOC team has recently observed Business Email Compromise (BEC) attacks across multiple...
After a recent dip, ransomware attacks are back on the rise. With data gathered by "Actively monitoring the leak sites used by each ransomware group and scraping victim details as they are released," researchers have determined that Lockbit was by far the most prolific ransomware gang in July, behind 62 attacks.
DoorDash has confirmed that "a small percentage" of its customers' data and employees' information, including names, email and delivery addresses, phone numbers, and order and partial credit card details, were revealed as part of a broad phishing campaign dubbed Oktapus. "We can confirm the incident is connected to a wider, sophisticated phishing campaign that has targeted several other companies," a company spokesperson told The Register.