September 5, 2024 at 02:15AM Earth Lusca, a Chinese-speaking threat actor, has been observed deploying a new backdoor named KTLVdoor in a cyber attack targeting an unnamed trading company in China. The malware is written in Golang and masquerades as system utilities, with over 50 command-and-control servers identified. Its use by other Chinese threat actors … Read more
September 5, 2024 at 01:36AM Planned Parenthood experienced a cyberattack, prompting the organization to shut down parts of its IT systems to mitigate the impact. Based on the meeting notes, it appears that Planned Parenthood experienced a cyberattack that impacted its IT systems, leading to the need to take certain parts of its infrastructure offline … Read more
September 3, 2024 at 04:06PM Halliburton confirmed data theft from its systems in a ransomware cyberattack, causing significant disruptions. It’s evaluating the extent of information accessed and is collaborating with law enforcement. The US government attributed the attack to a ransomware gang, and Halliburton activated its cyber response plan. The oil and gas industry has … Read more
September 3, 2024 at 12:24PM Halliburton confirms data theft in Aug. 21 cyberattack on its networks. The energy services company, a major player in oil and fracking, believes an unauthorized third party accessed and extracted information. Details of the incident remain undisclosed, but the company is working on restoring systems and doesn’t expect a significant … Read more
September 2, 2024 at 02:20PM Transport for London (TfL) is actively investigating an ongoing cyberattack with no current impact on its services. The agency assured customers that there is no evidence of compromised customer data and promptly reported the attack to government authorities. Measures have been implemented to prevent further system access, as TfL works … Read more
August 30, 2024 at 02:11PM A campaign launched on August 5, 2024, is disseminating a new malware called “Voldemort” to global organizations by posing as tax agencies from the U.S., Europe, and Asia. Based on the meeting notes, it appears that a campaign was launched on August 5, 2024, spreading a new malware called “Voldemort” … Read more
August 29, 2024 at 05:13PM The RansomHub ransomware gang orchestrated a cyberattack on oil and gas services company Halliburton, resulting in significant disruption to its IT systems and business operations. Based on the meeting notes, it’s clear that the RansomHub ransomware gang was responsible for the cyberattack on Halliburton. This attack disrupted the company’s IT … Read more
August 29, 2024 at 08:43AM Brain Cipher ransomware group claims responsibility for a cyberattack on French national museums during the Olympic Games. They threaten to leak 300 GB of data and have a history of targeting institutions. The group’s ransomware appears more advanced, utilizing code obfuscation techniques. Despite this, experts believe robust defenses may detect … Read more
August 29, 2024 at 06:07AM The Play ransomware group has leaked gigabytes of data allegedly stolen from semiconductor supplier Microchip Technology. The cyberattack disrupted manufacturing operations, impacting order fulfillment. The leaked data includes personal information, financial documents, and the group threatens to release more unless a ransom is paid. The group has targeted other organizations … Read more
August 28, 2024 at 12:27PM Dick’s Sporting Goods, the largest outdoor retail chain in the US, confirmed a cyberattack on its servers. The nature and extent of the stolen information are unknown. Business operations were not disrupted, indicating ransomware was not used. The company has engaged law enforcement and an external security firm to investigate … Read more