Security News

The Ukrainian Computer Emergency Response Team found a cocktail of five different data-wiping malware strains deployed on the network of the country's national news agency on January 17th. "As of January 27, 2023, 5 samples of malicious programs were detected, the functionality of which is aimed at violating the integrity and availability of information," CERT-UA said. Their attempt to wipe out all the data on the news agency's systems failed.

The U.K. National Cyber Security Centre on Thursday warned of spear-phishing attacks mounted by Russian and Iranian state-sponsored actors for information-gathering operations. The activity is typical of spear-phishing campaigns, where the threat actors send messages tailored to the targets, while also taking enough time to research their interests and identify their social and professional circles.

Cybersecurity professionals can avoid drowning in the online data deluge by taking advantage of the host of technical, training and educational resources from the SANS Institute. Launched in 1989 as a cooperative for information security thought leadership, the organisation provides training, certifications, scholarship academies, degree programs, cyber ranges, and pretty much everything else you can think of to meet the needs of cyber professionals.

The U.K. National Cyber Security Centre has issued a warning of Russian and Iranian state-sponsored hackers increasingly targeting organizations and individuals. More specifically, the country's cybersecurity agency has identified a spike in spear-phishing attacks attributed to threat actors tracked as SEABORGIUM and TA453.

Threat actors are auctioning the alleged source code for Riot Game's League of Legends and the Packman anti-cheat software, confirmed to be stolen in a recent hack of the game company's developer environment. Last Friday, Riot Games disclosed that its development environment had been hacked, allowing threat actors to steal source code for League of Legends, Teamfight Tactics, and the company's Packman legacy anti-cheat platform.

A North Korean nation-state group notorious for crypto heists has been attributed to a new wave of malicious email attacks as part of a "Sprawling" credential harvesting activity targeting a number of industry verticals, marking a significant shift in its strategy. The state-aligned threat actor is being tracked by Proofpoint under the name TA444, and by the larger cybersecurity community as APT38, BlueNoroff, Copernicium, and Stardust Chollima.

T-Mobile and millions of its customers have been the victims of another data breach - this one apparently carried out by hackers who knew how to exploit an application programing interface used by the carrier. The API did not leak other personal data such as payment card numbers, Social Security numbers, driver's license numbers, passwords, or PINs, according to T-Mobile.

Riot Games says it will not pay the ransom demanded by the attackers responsible for the security breach the company disclosed last week. "While we hope some of these game modes and other changes eventually make it out to players, most of this content is in prototype and there's no guarantee it will ever be released," Riot Games said.

The FBI has confirmed that the North Korean state-sponsored 'Lazarus' and APT38 hacking groups were behind the theft of $100 million worth of Ethereum stolen from Harmony Horizon in June 2022. Yesterday, the FBI confirmed that two North Korean hacking groups, Lazarus and APT38, were behind the attack.

Organizations in East Asia are being targeted by a likely Chinese-speaking actor dubbed DragonSpark while employing uncommon tactics to go past security layers. "The attacks are characterized by the use of the little known open source SparkRAT and malware that attempts to evade detection through Golang source code interpretation," SentinelOne said in an analysis published today.