Security News

Microsoft on Monday revealed it took steps to disrupt phishing operations undertaken by a "Highly persistent threat actor" whose objectives align closely with Russian state interests. "SEABORGIUM intrusions have also been linked to hack-and-leak campaigns, where stolen and leaked data is used to shape narratives in targeted countries," Microsoft's threat hunting teams said.

Response-based attacks targeting corporate inboxes have climbed to their highest volume since 2020, representing 41 percent of all email-based scams targeting employees, during Q2 of this year. According to the report, advance-fee scams represented 54 percent of all response-based email threats in Q2. This threat type has seen a 3.4 percent increase in share of reports so far in 2022, and routinely occupies the majority of response-based attacks.

Security researchers have uncovered multiple vulnerabilities impacting UWB RTLS, enabling threat actors to conduct man-in-the-middle attacks and manipulate tag geo-location data. Nozomi analysts focused on the Sewio Indoor Tracking RTLS UWB Wi-Fi kit and Avalue Renity Artemis Enterprise kit, two widely used RTLS solutions that support the safety functionalities described above.

AdvIntel has released a new publication about several threat actors now using BazarCall in an effort to raise awareness of this threat. Once done, the threat actor has a functional backdoor to the victim's computer, which can later be used for further exploitation.

A Minnesota computer store suing its crime insurance provider has had its case dismissed, with the courts saying it was a clear instance of social engineering, a crime for which the insurer was only liable to cover a fraction of total losses. Travelers, which filed a motion to dismiss, said SJ's policy clearly delineated between computer fraud and social engineering fraud.

With the Evil PLC attack, the controller acts as a means to an end, permitting the threat actor to breach a workstation, access to all the other PLCs on the network, and even tamper with the controller logic. Put differently, the idea is to "Use the PLC as a pivot point to attack the engineers who program and diagnose it and gain deeper access to the OT network," the researchers said.

A U.K. water supplier suffered a disruption in its corporate IT systems Monday as a result of a cyber-attack but claims that its water supply was not affected. The alleged attack perpetrator-the Clop ransomware group-claimed the attack was on another, larger water utility, which for its part indignantly called the claim a "Cyber hoax."

A company supplying 330 million liters of drinking water to 1.6 consumers daily, has issued a statement confirming IT disruption from a cyberattack. As the announcement explains, the safety and water distribution systems are still operational, so the disruption of the IT systems doesn't impact the supply of safe water to its customers or those of its subsidiaries, Cambridge Water and South Staffs Water.

As the announcement explains, the safety and water distribution systems are still operational, so the disruption of the IT systems doesn't impact the supply of safe water to its customers or those of its subsidiaries, Cambridge Water and South Staffs Water. The Clop ransomware gang claimed Thames Water as their victim via an announcement on their onion site today, alleging to have accessed SCADA systems they could manipulate to cause harm to 15 million customers.

A company supplying 330 million liters of drinking water to 1.6 consumers daily, has issued a statement confirming IT disruption from a cyberattack. As the announcement explains, the safety and water distribution systems are still operational, so the disruption of the IT systems doesn't impact the supply of safe water to its customers or those of its subsidiaries, Cambridge Water and South Staffs Water.