Criminals Are Testing Their Ransomware Campaigns in Africa

October 4, 2024 at 08:30AM Ransomware attacks have surged, with an 81% increase from 2023 to 2024. Cybercriminals are now targeting African nations as a testing ground due to weaker cybersecurity defenses. African businesses must guard against broader targeting and adopt advanced security measures. Collaboration between nations is crucial in combating this growing global threat. … Read more

China-Backed APT Group Culling Thai Government Data

October 2, 2024 at 09:08PM CeranaKeeper, a China-aligned threat actor, has conducted large-scale data exfiltration in Southeast Asia. ESET researchers found that the group has been active since early 2022, using tools associated with Mustang Panda and exploiting file-sharing services. They breached Thai government systems and conducted extensive data harvesting, demonstrating rapid evolution and persistence. … Read more

UAE, Saudi Arabia Become Plum Cyberattack Targets

October 1, 2024 at 01:09AM Cyberattackers and hacktivists are increasingly targeting the Gulf Cooperative Council (GCC) region, with a 70% rise in DDoS attacks in the first half of the year. The UAE faces an average of 50,000 cyberattacks daily, while Saudi Arabia was targeted by a China-linked group. The increase in attacks may involve … Read more

Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks

September 30, 2024 at 08:30AM Security vulnerabilities in six different Automatic Tank Gauge (ATG) systems have been disclosed, exposing them to remote attacks. Thousands of ATGs are exposed on the internet, making them a target for malicious actors. Additional flaws were found in OpenPLC, Riello NetMan 204, and AJCloud. CISA has highlighted threats to OT … Read more

Embargo ransomware escalates attacks to cloud environments

September 27, 2024 at 11:11AM Microsoft warns that the ransomware threat actor Storm-0501 is now targeting hybrid cloud environments and has expanded its tactics to compromise all victim assets. The group has targeted various organizations in the United States and uses various methods to gain access, move laterally, steal data, and deploy the Embargo ransomware. … Read more

China’s Salt Typhoon cyber spies are deep inside US ISPs

September 25, 2024 at 05:51PM A new Beijing-linked cyber espionage group called Salt Typhoon has breached US internet service providers, possibly preparing for future cyber attacks, according to The Wall Street Journal. This follows a similar intrusion by a different Chinese group, Flax Typhoon, targeting critical infrastructure. Experts suggest these activities are part of a … Read more

China claims Taiwan, not civilian hackers, behind website vandalism

September 24, 2024 at 09:31PM Taiwan denies Chinese allegations that its military was involved in cyber attacks critical of China’s government. China’s Ministry of State Security accused a group called Anonymous64 of being part of Taiwan’s cyber warfare wing, but Taiwan’s Ministry of National Defense refuted the claims as “not true”. The ongoing tension reflects … Read more

6 Cybersecurity Headaches Sports Organizations Have to Worry About

September 24, 2024 at 07:11PM Sports franchises and event organizers face a range of security threats, including cyber-attacks, data breaches, and exploitation. Athletes’ reliance on social media poses risks, while event attendees are vulnerable due to e-ticketing and mobile devices. Partnerships and information sharing are crucial for major events, while new revenue models create additional … Read more

Kansas water plant cyberattack forces switch to manual operations

September 24, 2024 at 03:57PM Arkansas City, Kansas, faced a cyberattack on its water treatment facility, prompting manual operations while authorities investigate. City officials reassured residents that the water supply remains secure and operational. The incident coincided with a warning about Russian-linked threat actors targeting the U.S. water sector, reflecting ongoing cybersecurity challenges in the … Read more

Critical Automated Tank Gauge Bugs Threaten Critical Infrastructure

September 24, 2024 at 03:44PM Multiple critical security vulnerabilities have been found in automatic tank gauge (ATG) systems, posing threats to critical infrastructure by allowing attackers to potentially gain full control of the systems. Researchers warn of the potential for cyberattacks impacting fuel availability, environmental disruption, and physical damage. Mitigation efforts are ongoing, emphasizing the … Read more