Security News

IT giant Bitmarck shuts down customer, internal systems after cyberattack
2023-05-01 18:55

German IT services provider Bitmarck has shut down all of its customer and internal systems, including entire datacenters in some cases, following a cyberattack. The service provider doesn't yet have a timeline for when it expects to have all of its systems back up and running.

Hackers leak images to taunt Western Digital's cyberattack response
2023-05-01 12:28

The leak comes after the threat actor warned Western Digital on April 17th that they would hurt them until they "Cannot stand anymore" if a ransom was not paid. On March 26th, Western Digital suffered a cyberattack where threat actors breached its internal network and stole company data.

Chinese Hackers Spotted Using Linux Variant of PingPull in Targeted Cyberattacks
2023-04-26 15:31

The Chinese nation-state group dubbed Alloy Taurus is using a Linux variant of a backdoor called PingPull as well as a new undocumented tool codenamed Sword2033. Alloy Taurus is the constellation-themed moniker assigned to a threat actor that's known for its attacks targeting telecom companies since at least 2012.

Capita confirms hackers stole data in recent cyberattack
2023-04-20 13:48

London-based professional outsourcing giant Capita has published an update on the cyber-incident that impacted it at the start of the month, now admitting that hackers exfiltrated data from its systems.On March 31, 2023, Capita disclosed an IT issue that impacted its services.

Daggerfly Cyberattack Campaign Hits African Telecom Services Providers
2023-04-20 10:26

Telecommunication services providers in Africa are the target of a new campaign orchestrated by a China-linked threat actor at least since November 2022. The campaign makes use of "Previously unseen plugins from the MgBot malware framework," the cybersecurity company said in a report shared with The Hacker News.

Microsoft: Iranian hackers behind retaliatory cyberattacks on US orgs
2023-04-18 20:03

Microsoft has discovered that an Iranian hacking group known as 'Mint Sandstorm' is conducting cyberattacks on US critical infrastructure in what is believed to be retaliation for recent attacks on Iran's infrastructure. In a new report, researchers in Microsoft's Threat Intelligence team explain that a subgroup of Mint Sandstorm switched from performing surveillance in 2022 to performing direct attacks on US critical infrastructure.

Russia accuses NATO of launching 5,000 cyberattacks since 2022
2023-04-14 16:19

The Federal Security Service of the Russian Federation has accused the United States and other NATO countries of launching over 5,000 cyberattacks against critical infrastructure in the country since the beginning of 2022. The agency says it has taken timely measures to prevent these attacks from causing any negative consequences to Russia.

US cyber chiefs warn AI will help crooks, China develop nastier cyberattacks faster
2023-04-12 01:50

Bots like ChatGPT may not be able to pull off the next big Microsoft server worm or Colonial Pipeline ransomware super-infection but they may help criminal gangs and nation-state hackers develop some attacks against IT, according to Rob Joyce, director of the NSA's Cybersecurity Directorate. Joyce, speaking at CrowdStrike's Government Summit Tuesday, said he doesn't expect to see - at least not "In the near term" - AI used "For automated attacks that will rip through systems at speeds that are unfathomable today."

SD Worx shuts down UK payroll, HR services after cyberattack
2023-04-10 15:32

Belgian HR and payroll giant SD Worx has suffered a cyberattack causing them to shut down all IT systems for its UK and Ireland services. SD Worx is a European HR and payroll management company based out of Belgium that services 5.2 million employees for over 82,000 companies, according to its website.

MSI hit in cyberattack, warns against installing knock-off firmware
2023-04-07 23:26

Owners of MSI-brand motherboards, GPUs, notebooks, PCs, and other equipment should exercise caution when updating their device's firmware or BIOS after the manufacturer revealed it has recently suffered a cyberattack. In a statement shared on Friday, MSI urged users "To obtain firmware/BIOS updates only from its official website," and to avoid using files from other sources.