August 7, 2024 at 11:35AM Cynomi’s eBook “What does it take to be a full-fledged Virtual CISO?” details how service providers can expand vCISO services economically. The role of Chief Information Security Officer (CISO) is crucial in the current cyber threat landscape, but there’s a shortage of skilled CISOs, leading to the increased demand for … Read more
August 6, 2024 at 10:19AM A hacker has breached Mobile Guardian, a global digital classroom management platform, and remotely wiped data from over 13,000 students’ iPads and Chromebooks. Based on the meeting notes, it’s clear that there has been a security breach at Mobile Guardian, resulting in the remote wiping of data from thousands of … Read more
August 6, 2024 at 09:42AM Hackers targeted UK-based Mobile Guardian, remotely wiping thousands of devices. The company detected unauthorized access on August 4 and shut down servers to contain the incident. Unauthorized access to iOS and Chrome OS devices was involved, but there is no evidence that attackers gained access to user data. Singapore’s Ministry … Read more
August 5, 2024 at 03:30AM Keytronic, an electronics manufacturing services firm, suffered a ransomware attack resulting in over $17 million in additional expenses and lost revenue. The cyberattack led to $2.3 million in expenses, $15 million in revenue loss, and a two-week suspension of operations. The incident was attributed to the Black Basta ransomware group, … Read more
August 2, 2024 at 07:00AM Researchers have identified a new Windows backdoor, known as BITSLOTH, using the Background Intelligent Transfer Service for command-and-control. It’s used by threat actors for keylogging, screen capturing, and data gathering. The malware also utilizes an open-source tool called RingQ, with potential ties to Chinese speakers. The attack leverages various tactics, … Read more
August 1, 2024 at 02:04AM Germany has accused China-controlled actors of perpetrating a cyber attack on the Federal Office of Cartography and Geodesy in 2021. Minister Nancy Faeser strongly condemned the attack, warning of China’s ongoing cyber offensive. Meanwhile, the US considers further sanctions on tech exports to China, particularly related to high-bandwidth memory, citing … Read more
July 31, 2024 at 09:08AM The City of Columbus, Ohio, was targeted by a ransomware attack on July 18, prompting the shutdown of systems and impacting various services. Although the city claims to have disrupted the threat actor’s activity, an investigation is ongoing to determine the extent of potential data access. Mayor Ginther emphasized the … Read more
July 31, 2024 at 07:27AM Japanese organizations are targeted by a Chinese nation-state threat actor using malware like LODEINFO and NOOPDOOR to steal sensitive data, with Israeli cybersecurity company Cybereason tracking the campaign as Cuckoo Spear, related to APT10. The group uses spear-phishing emails and targets public-facing applications for data exfiltration, maintaining persistence for years. … Read more
July 31, 2024 at 04:36AM The UK’s Electoral Commission faced a formal reprimand for security failings that led to a cyberattack stealing personal data from 40 million voters. The attack went unnoticed for 13 months due to ineffective patching, default passwords, and weak password management. The ICO noted improvements made post-incident but emphasized the need … Read more
July 30, 2024 at 06:12AM In 2022, a new version of the Mandrake Android spyware went undetected on Google Play for two years, garnering 32,000+ downloads. The advanced spyware grants attackers full control over infected devices, enabling theft of credentials, files, and money, as well as screen recording and blackmail. Kaspersky warns that the spyware’s … Read more