Security News
Big incidents will be BIG. High-visibility attacks will continue to be rare, but when they occur, they will be major news, with massive implications for customers and even wider society, depending on the organization affected. Unlike the indiscriminate "Spray-and-pray" attacks we used to be so afraid of, bad actors will shift their attention to building sophisticated campaigns to take down high-value targets that are more financially rewarding for them.
What will 2024 hold for the cybersecurity landscape? In this Help Net Security video, Steve Cobb, CISO at SecurityScorecard, offers his take on what professionals can expect next year. The post...
Please turn on your JavaScript for this page to function normally. Microsoft ICSpector is an open-source forensics framework that enables the analysis of industrial PLC metadata and project files.
"Attacks targeting external vendors and partners are a constant threat," said Joel Molinoff, BlueVoyant's global head of Supply Chain Defense. "Our data suggests that the scope of the problem is increasing, with more enterprise vendors and suppliers falling prey to cyber attacks. Enterprises recognize the issue but the standard approach to third-party risk management is proving inadequate. Companies now need to focus energies on methods that proactively illuminate and reduce supply chain risk."
Microsoft's Digital Crimes Unit seized multiple domains used by a Vietnam-based cybercrime group that registered over 750 million fraudulent accounts and raked in millions of dollars by selling them online to other cybercriminals. Storm-1152 is a major cybercrime-as-a-service provider and the number one seller of fraudulent Outlook accounts, as well as other illegal "Products," including an automatic CAPTCHA-solving service to bypass Microsoft's CAPTCHA challenges and register more fraudulent Microsoft email accounts.
Microsoft's Digital Crimes Unit seized multiple domains used by a Vietnam-based cybercrime group that registered over 750 million fraudulent accounts and raked in millions of dollars by selling them online to other cybercriminals. Storm-1152 is a major cybercrime-as-a-service provider and the number one seller of fraudulent Outlook accounts, as well as other illegal "Products," including an automatic CAPTCHA-solving service to bypass Microsoft's CAPTCHA challenges and register more fraudulent Microsoft email accounts.
The Chinese state-sponsored APT hacking group known as Volt Typhoon has been linked to a sophisticated botnet named 'KV-botnet' since at least 2022 to attack SOHO routers in high-value targets. Volt Typhoon commonly targets routers, firewalls, and VPN devices to proxy malicious traffic so it blends with legitimate traffic to remain undetected.
A new wave of BazarCall attacks uses Google Forms to generate and send payment receipts to victims, attempting to make the phishing attempt appear more legitimate. BazarCall, first documented in 2021, is a phishing attack utilizing an email resembling a payment notification or subscription confirmation to security software, computer support, streaming platforms, and other well-known brands.
French authorities arrested a Russian national in Paris for allegedly helping the Hive ransomware gang with laundering their victims' ransom payments. "New arrest in the Hive ransomware affair: after the international search in January to dismantle this network of hackers constituting a serious threat, the Judicial Police arrested in Paris an individual suspected of having laundered money from these cyber attacks," the French National Police said.
The LockBit ransomware operation is now recruiting affiliates and developers from the BlackCat/ALPHV and NoEscape after recent disruptions and exit scams. Last week, the NoEscape and the BlackCat/ALPHV ransomware operation's Tor websites suddenly became inaccessible without warning.