Security News
The US Department of Justice on Thursday charged a North Korean national over a series of ransomware attacks on stateside hospitals and healthcare providers, US defense companies, NASA, and even a Chinese target. An indictment [PDF] named Rim Jong Hyok as a participant in "a conspiracy to hack and extort US hospitals and other health care providers, launder the ransom proceeds, and then use these proceeds to fund additional computer intrusions into defense, technology, and government entities worldwide."
The U.S. State Department is offering a reward of up to $10 million for information that could lead to the identification or location of a North Korean military hacker identified as Rim Jong Hyok. Part of the Andariel North Korean hacking group, Hyok and other Andariel operatives were linked to Maui ransomware attacks targeting critical infrastructure and healthcare organizations across the United States.
The US government has imposed sanctions on two Russian cybercriminals for cyberattacks targeting critical infrastructure. [...]
Yuliya Vladimirovna Pankratova and Denis Olegovich Degtyarenko, named by the US government as CARR's leader and attacker-in-chief respectively, were designated for their alleged roles in attacks on US critical national infrastructure. Despite much of CARR's work since its inception in 2022 revolving around what the US Department of the Treasury describes as "Low-impact, unsophisticated DDoS attacks in Ukraine," the group was blamed for various attacks on US and European water facilities earlier this year.
Stick an independent probe in our software, you won't find any Putin.DLL backdoor Kaspersky has hit back after the US government banned its products – by proposing an independent verification that...
Embattled Russian infosec shop Kaspersky is giving US customers six months of security updates for free as a parting gift as Uncle Sam kicks the antivirus maker out of the American market. In a farewell note to US users, the soon-to-be-banned biz thanked its customers for "Choosing and trusting Kaspersky throughout the years."
Kaspersky has confirmed it will shutter its American operations and cut US-based jobs following President Biden's ban on the Russian business last month. "Starting from July 20 Kaspersky will gradually wind down its US operations and eliminate US-based positions," the rep told us.
The US Cybersecurity and Infrastructure Security Agency says a red team exercise at a certain unnamed federal agency in 2023 revealed a string of security failings that exposed its most critical assets. The agency's dedicated red team picks a federal civilian executive branch agency to probe and does so without prior notice - all the while trying to simulate the maneuvers of a long term hostile nation-state threat group.
Almost a thousand Twitter accounts controlled by a large bot farm pushing Russian propaganda and domains used to register the bots were taken down in a joint international law enforcement...
Microsoft temporarily pulled and then re-released the Windows 11 preview update KB5039302, originally released on June 25th. The original preview was causing reboots on systems using virtualization, such as Azure Virtual Desktop and VMware. Per the announcement, all Kaspersky products must be removed by September 29th. Just as a reminder, last month Microsoft released the final updates for Windows 10 21H2 Education and Enterprise editions.