Security News

UK sports apparel chain JD Sports is warning customers of a data breach after a server was hacked that contained online order information for 10 million customers. JD Sports says it detected the unauthorized access immediately and responded quickly to secure the breached server, preventing subsequent access attempts.

In brief Russian hackers have proved yet again how quickly cyber attacks can be used to respond to global events with a series of DDoS attacks on German infrastructure and government websites in response to the country's plan to send tanks to Ukraine. Germany announced the transfer of 14 Leopard 2 A6 tanks to Ukraine on Wednesday, jointly with the US saying it would send 31 M1 Abrams tanks to the besieged nation.

Security researchers have identified a new data-wiping malware they named SwiftSlicer that aims to overwrite crucial files used by the Windows operating system. While details are scant regarding SwiftSlicer at the moment, security researchers at cybersecurity company ESET say that they found the destructive malware deployed during a cyberattack in Ukraine.

For the most part, this week has been relatively quiet regarding ransomware attacks and researcher - that is, until the FBI announced the disruption of the Hive ransomware operation. Hive ransomware launched in June 2021 and quickly became one of the most active and prominent ransomware operations.

The Ukrainian Computer Emergency Response Team found a cocktail of five different data-wiping malware strains deployed on the network of the country's national news agency on January 17th. "As of January 27, 2023, 5 samples of malicious programs were detected, the functionality of which is aimed at violating the integrity and availability of information," CERT-UA said. Their attempt to wipe out all the data on the news agency's systems failed.

The U.K. National Cyber Security Centre on Thursday warned of spear-phishing attacks mounted by Russian and Iranian state-sponsored actors for information-gathering operations. The activity is typical of spear-phishing campaigns, where the threat actors send messages tailored to the targets, while also taking enough time to research their interests and identify their social and professional circles.

Cybersecurity professionals can avoid drowning in the online data deluge by taking advantage of the host of technical, training and educational resources from the SANS Institute. Launched in 1989 as a cooperative for information security thought leadership, the organisation provides training, certifications, scholarship academies, degree programs, cyber ranges, and pretty much everything else you can think of to meet the needs of cyber professionals.

The U.K. National Cyber Security Centre has issued a warning of Russian and Iranian state-sponsored hackers increasingly targeting organizations and individuals. More specifically, the country's cybersecurity agency has identified a spike in spear-phishing attacks attributed to threat actors tracked as SEABORGIUM and TA453.

Threat actors are auctioning the alleged source code for Riot Game's League of Legends and the Packman anti-cheat software, confirmed to be stolen in a recent hack of the game company's developer environment. Last Friday, Riot Games disclosed that its development environment had been hacked, allowing threat actors to steal source code for League of Legends, Teamfight Tactics, and the company's Packman legacy anti-cheat platform.

A North Korean nation-state group notorious for crypto heists has been attributed to a new wave of malicious email attacks as part of a "Sprawling" credential harvesting activity targeting a number of industry verticals, marking a significant shift in its strategy. The state-aligned threat actor is being tracked by Proofpoint under the name TA444, and by the larger cybersecurity community as APT38, BlueNoroff, Copernicium, and Stardust Chollima.