Security News

Tuesday was the official publication date of A Hacker's Mind: How the Powerful Bend Society's Rules, and How to Bend them Back. It broke into the 2000s on the Amazon best-seller list.

The How to Hack from Beginner to Ethical Hacking Certification helps you pick up that essential knowhow and earn the certificates to prove it. For any business owner, these statistics are pretty terrifying.

State-backed hackers from North Korea are conducting ransomware attacks against healthcare and critical infrastructure facilities to fund illicit activities, U.S. and South Korean cybersecurity and intelligence agencies warned in a joint advisory. This includes "Cyber operations targeting the United States and South Korea governments - specific targets include Department of Defense Information Networks and Defense Industrial Base member networks," the authorities said.

Reddit suffered a cyberattack Sunday evening, allowing hackers to access internal business systems and steal internal documents and source code. The company says the hackers used a phishing lure targeting Reddit employees with a landing page impersonating its intranet site.

A campaign operated by Russian threat actors uses fake job offers to target Eastern Europeans working in the cryptocurrency industry, aiming to infect them with a modified version of the Stealerium malware named 'Enigma. The attacks start with an email pretending to be a job offer with fake cryptocurrency interviews to lure their targets.

A new threat actor tracked as TA886 targets organizations in the United States and Germany with new custom malware to perform surveillance and data theft on infected systems. The threat actor targets victims using phishing emails that include Microsoft Publisher attachments with malicious macros, URLs linking to.

In the private sector, health insurance firm Accuro reported an illegal download and dissemination of corporate data following the Mercury IT attack. Even while new forms of authentication are being developed to make passwords obsolete, passwords remain the most common and most vulnerable method of securing data.

A Russia-linked threat actor has been observed deploying a new information-stealing malware in cyber attacks targeting Ukraine. Dubbed Graphiron by Broadcom-owned Symantec, the malware is the handiwork of an espionage group known as Nodaria, which is tracked by the Computer Emergency Response Team of Ukraine as UAC-0056.

During a webinar called The Hacker Mindset, a Red Team Researcher shared how you can use some of these tools for your own detection and prevention of breaches. The hacker mindset can be characterized by three core values: a strong sense of curiosity, an adversarial attitude, and persistence.

The Russian hacking group known as 'Nodaria' is using a new information-stealing malware called 'Graphiron' to steal data from Ukrainian organizations. Symantec's threat research team discovered that Nodaria has been using Graphiron in attacks since at least October 2022 through mid-January 2023.