Security News

FBI disrupts Chinese botnet used for targeting US critical infrastructure
2024-02-01 13:10

The FBI has disrupted the KV botnet, used by People's Republic of China state-sponsored hackers to target US-based critical infrastructure organizations. A botnet for probing critical infrastructure organizations.

Congress told how Chinese goons plan to incite 'societal chaos' in the US
2024-02-01 01:30

Chinese attackers are preparing to "Wreak havoc" on American infrastructure and "Cause societal chaos" in the US, infosec, and law enforcement bosses told a US House committee on Wednesday. The hearing coincided with the FBI's confirmation that it obtained search warrants and issued a remote kill command to wipe Volt Typhoon's botnet after the Chinese crew infected hundreds of end-of-life routers and attempted to break into American critical infrastructure targets.

US charges two more suspects with DraftKing account hacks
2024-01-30 21:28

The U.S. Department of Justice arrested and charged two more suspects for their involvement in the hacking of almost 68,000 DraftKings accounts in a November 2022 credential stuffing attack. One month later, DraftKings said it had refunded hundreds of thousands of dollars stolen from 67,995 customers whose accounts were hijacked in the incident.

US shorts China's Volt Typhoon crew targeting America's criticals
2024-01-30 18:15

The US Justice Department and FBI may have scored a win over Chinese state-sponsored snoops trying to break into American critical infrastructure. Law enforcement obtained a court order granting them permission to "Remotely disable aspects of the Chinese hacking campaign."

US judge rejects spyware slinger NSO's attempt to bin Apple lawsuit
2024-01-24 23:31

A US court has rejected spyware vendor NSO Group's motion to dismiss a lawsuit filed by Apple that alleges the developer violated computer fraud and other laws by infecting customers' iDevices with its surveillance software. Apple sued NSO, developer of the notorious Pegasus spyware, back in November 2021 and asked the court to permanently ban NSO from using any Apple software, services, or devices.

US, UK, Australia sanction REvil hacker behind Medibank data breach
2024-01-23 13:40

The Australian, US, and UK governments have announced sanctions for Aleksandr Gennadievich Ermakov, a Russian national considered responsible for the 2022 Medibank hack and a member of the REvil ransomware group. Medibank is a large health insurance provider in Australia that suffered a ransomware attack in October 2022, causing operational and business disruption.

US agencies warn made-in-China drones might help Beijing snoop on the world
2024-01-19 02:45

Two US government agencies, the Cybersecurity and Infrastructure Security Agency and Federal Bureau of Investigation, warned on Wednesday that drones made in China could be used to gather information on critical infrastructure. How Wi-Fi spy drones snooped on financial firm FCC suggests licensing 5GHz spectrum to drone operators Wing, Alphabet's drone delivery unit, designs bigger bird to deliver pasta, faster US lawmakers have Chinese LiDAR on their threat-detection radar.

US govt wants BreachForums admin sentenced to 15 years in prison
2024-01-18 16:08

The United States government has recommended that Conor Brian Fitzpatrick, the creator and lead administrator of the now-defunct BreachForums hacking forums, receive a sentence of 15 years in prison. "The defendant's administration of BreachForums played an instrumental role in bringing together more than 300,000 members to solicit, distribute, and access thousands of breached databases containing the stolen data of hundreds of companies, organizations, and governmental organizations of varying size and the PII of millions of U.S. persons," reads the sentencing proposal.

US court docs expose fake antivirus renewal phishing tactics
2024-01-15 21:16

In a seizure warrant application, the U.S. Secret Service sheds light on how threat actors stole $34,000 using fake antivirus renewal subscription emails. The now-executed seizure warrant was submitted by Special Agent Jollif of the United States Secret Service to recover funds stolen in a fake Norton subscription renewal email that led to the threat actor gaining access to a victim's PC and bank account.

There is a Ransomware Armageddon Coming for Us All
2024-01-11 11:43

Generative AI will enable anyone to launch sophisticated phishing attacks that only Next-generation MFA devices can stop The least surprising headline from 2023 is that ransomware again set new...