Security News
The IBM report noted that ransomware declined 4 percentage points between 2021 and 2022, and defenders were more successful at detecting and preventing those attacks. Cyberattackers have gotten much faster at infiltrating perimeters, with the average time to complete a ransomware attack dropping from two months to less than four days.
Cryptocurrency exchange Coinbase has fended off a cyberattack that might have been mounted by the same attackers that targeted Twillio, Cloudflare and many other companies last year. Leveraging smishing and vishing, the attackers tried to trick Coinbase employees into sharing login credentials and installing remote desktop applications, and were only partly successful: the company's incident response team quickly reacted to "Unusual activity" alerts and, in the end, the attackers were unable to access customer information or steal funds.
Coinbase cryptocurrency exchange platform has disclosed that an unknown threat actor stole the login credentials of one of its employees in an attempt to gain remote access to the company's systems. As a result of the intrusion the attacker obtained some contact information belonging to multiple Coinbase employees, the company said, adding that customer funds and data remained unaffected.
Scandinavian Airlines has posted a notice warning passengers that a recent multi-hour outage of its website and mobile app was caused by a cyberattack that also exposed customer data. The cyberattack caused some form of a malfunction on the airline's online system, causing passenger data to become visible to other passengers.
Indigo Books & Music, the largest bookstore chain in Canada, has been struck by a cyberattack yesterday, causing the company to make the website unavailable to customers and to only accept cash payments.The exact nature of the incident remains unclear but Indigo is not ruling out that hackers may have stolen customer data.
The participants were asked about attacks targeting the financial and accounting data of their organizations. Looking ahead, almost half of the executives polled expect both the volume and size of cyberattacks targeting this type of data to increase in the coming year.
The LockBit ransomware operation has claimed the cyberattack on UK's leading mail delivery service Royal Mail that forced the company to halt its international shipping services due to "Severe service disruption." This comes after LockBitSupport, the ransomware gang public-facing representative, previously told BleepingComputer that the LockBit cybercrime group did not attack Royal Mail.
Tallahassee Memorial HealthCare has taken its IT systems offline and suspended non-emergency procedures following a late Thursday cyberattack. TMH is a private and not-for-profit healthcare system that serves a 21-county region in North Florida and South Georgia through acute care and psychiatric hospitals, multiple specialty care centers, and 38 affiliated physician practices.
A new attack campaign has targeted the gaming and gambling sectors since at least September 2022, just months prior to the ICE London 2023 gaming industry trade fair event that's scheduled next week. The attack sequence proceeds as follows: The threat actor poses as a customer while initiating a conversation with a support agent of a gaming website and urges the individual on the other end to open a screenshot image hosted on Dropbox.
A North Korean nation-state group notorious for crypto heists has been attributed to a new wave of malicious email attacks as part of a "Sprawling" credential harvesting activity targeting a number of industry verticals, marking a significant shift in its strategy. The state-aligned threat actor is being tracked by Proofpoint under the name TA444, and by the larger cybersecurity community as APT38, BlueNoroff, Copernicium, and Stardust Chollima.