Security News

Government entities in Ukraine have been breached as part of a new campaign that leveraged trojanized versions of Windows 10 installer files to conduct post-exploitation activities. Mandiant, which discovered the supply chain attack around mid-July 2022, said the malicious ISO files were distributed via Ukrainian- and Russian-language Torrent websites.

FuboTV has confirmed that a streaming outage preventing subscribers from watching the World Cup Qatar 2022 semifinal match between France and Morocco was caused by a cyberattack. Subscribers could not contact support to report the problem, as it requires a user to first log in to the FuboTV site, which could no longer be done.

Microsoft says it has suspended several third-party developer accounts that submitted malicious Windows drivers for the IT giant to digitally sign so that the code could be used in cyberattacks. These moves come after eggheads at Google-owned Mandiant, SentinelOne, and Sophos told Microsoft in October that multiple cybercrime gangs were using malicious third-party-developed Microsoft-signed kernel-mode hardware drivers to help spread ransomware.

Cryptocurrency investment companies are the target of a developing threat cluster that uses Telegram groups to seek out potential victims. "DEV-0139 joined Telegram groups used to facilitate communication between VIP clients and cryptocurrency exchange platforms and identified their target from among the members," the tech giant said.

Despite fears of a looming recession, SMBs in the U.S. are spending more on software in 2023, according to Capterra's 2023 SMB Software Buying Trends Survey. 75% of U.S. SMBs estimate they'll spend more on software in 2023 compared to 2022.

Microsoft has warned of Russian-sponsored cyberattacks continuing to target Ukrainian infrastructure and NATO allies in Europe throughout the winter. Redmond said in a report published over the weekend that it observed a pattern of targeted attacks on infrastructure in Ukraine by the Russian military intelligence threat group Sandworm in association with missile strikes.

Cashing stolen credit cards: Carding groups sell stolen credit card details to carry out illegal and unauthorized transactions. Selling fake Hayya cards: Due to the importance of Hayya cards during the World Cup, threat actors are selling fake Hayya Cards to unsuspecting fans, who are willing to pay any amount to get one.

The US Government Accountability Office has warned that the time to act on securing the US's offshore oil and natural gas installations is now because they are under "Increasing" and "Significant risk" of cyberattack. A report to Congress looked at a network of "More than 1,600 offshore oil and gas facilities," which the federal watchdog pointed out produce a "Significant" amount of America's domestic oil and gas - and the operational technology tech that looks after and controls the physical equipment.

Maple Leaf Foods confirmed on Sunday that it experienced a cybersecurity incident causing a system outage and disruption of operations.Maple Leaf Foods is Canada's largest prepared meats and poultry food producer, operating 21 manufacturing facilities, employing 14,000 people, and contracting over 700 barns.

The Atacama Large Millimeter Array Observatory in Chile has suspended all astronomical observation operations and taken its public website offline following a cyberattack on Saturday, October 29, 2022. The observatory also clarified that the attack did not compromise the ALMA antennas or any scientific data, indicating that there are no signs of unauthorized data access or exfiltration.