#CyberThreats

ALPHV blackmails Canadian pipeline over claims it stole 190GB of vital info

by

February 13, 2024 at 02:29PM Canada’s Trans-Northern Pipelines was allegedly targeted by the ALPHV/BlackCat ransomware group, claiming to have stolen 190GB of data, including vital information. This intrusion draws comparisons to the 2021 Colonial Pipeline attack. ALPHV has also targeted other critical infrastructure organizations, prompting calls for improved cybersecurity measures to prevent catastrophic attacks on … Read more

Korean eggheads crack Rhysida ransomware and release free decryptor tool

by

February 12, 2024 at 08:55PM Researchers have developed a recovery tool for victims of the Rhysida ransomware, offering a solution to unlock encrypted documents. The ransomware targets various sectors and uses a flawed random number generator, making it possible for the tool to decrypt the data. This tool is distributed by the Korea Internet and … Read more

Raspberry Robin Jumps on 1-Day Bugs to Nest Deep in Windows Networks

by

February 12, 2024 at 05:21PM Summary: Raspberry Robin worm rapidly incorporates one-day exploits, enhancing privilege escalation capabilities. Check Point researchers suspect its developers contract with Dark Web exploit traffickers, allowing quick integration of new exploits, making it a prevalent initial access cyber threat. The worm’s popularity and effectiveness continue to grow, posing significant risks to … Read more

Jet engine dealer to major airlines discloses ‘unauthorized activity’

by

February 12, 2024 at 12:24PM Willis Lease Finance Corporation disclosed a cybersecurity incident to US regulators after data was reportedly stolen and posted by the Black Basta ransomware group. The company took swift action, engaging third-party experts and informing law enforcement. While the extent of the breach is still being investigated, the group claimed to … Read more

Ongoing Azure Compromises Target Senior Execs, Microsoft 365 Apps

by

February 12, 2024 at 05:05AM An ongoing campaign targeting Microsoft Azure corporate clouds has compromised dozens of environments and hundreds of user accounts. The attacks involve data exfiltration, financial fraud, and impersonation across various industries and geographic regions. The threat actors show sophistication and adaptability, using tailor-made phishing and diverse toolkits. To defend against this, … Read more

A Deepfake Scammed a Bank out of $25M — Now What?

by

February 9, 2024 at 11:58AM Finance worker in Hong Kong was scammed out of $25 million by deepfake video conference impersonating company’s CFO. Trend Micro previously warned about this type of fraud. Increasing accessibility to deepfake technology and AI-powered fraud is heightening the risk. Organizations need to strengthen processes, collaborations, and defense technology to defend … Read more

Kenya Detected Over 1B Cyber Threats in Q4

by

February 9, 2024 at 11:10AM Kenyan officials reported over 1 billion cyber threats in the final quarter of last year, a significant increase from the previous quarter’s 123 million. The surge is attributed to enhanced monitoring capabilities and attackers exploiting vulnerabilities in the nation’s increased internet devices. Efforts to upgrade threat detection systems and staff … Read more

New RustDoor macOS malware impersonates Visual Studio update

by

February 9, 2024 at 11:00AM A new Rust-based macOS malware, known as RustDoor, has been spreading as a Visual Studio update, providing backdoor access to compromised systems. Linked to the ALPHV/BlackCat ransomware gang’s infrastructure, it communicates with command and control servers potentially associated with ransomware operations. The malware has advanced capabilities and is distributed under … Read more

US offers $10 million for tips on Hive ransomware leadership

by

February 8, 2024 at 01:04PM The U.S. State Department is offering rewards of up to $10 million for information on the Hive ransomware gang, known for extorting $100 million from companies globally. The FBI infiltrated Hive’s network, providing decryption keys to victims and preventing $130 million in ransom payments. The rewards total over $135 million … Read more

Pakistan Invests $36M in National Cybersecurity

by

February 8, 2024 at 10:06AM Pakistan’s Economic Coordination Committee has approved Rs10 billion (US $36 million) cybersecurity funding for enhancing technical capabilities and defending against cyber threats, in response to repeated cyberattacks on the country’s networks. This follows a prior decision to allocate Rs5bn (US $18 million) from information technology to cybersecurity research, amidst reports … Read more