Scattered Spider Cybercrime Members Face Prison Time

November 21, 2024 at 01:56PM The Department of Justice has charged five members of the hacking group “Scattered Spider” with various crimes related to cyberattacks on companies like MGM Resorts and Caesar’s Palace. Allegations include phishing and stealing sensitive data, cryptocurrencies, and identity information. They face significant prison sentences if convicted. ### Meeting Takeaways: 1. … Read more

Schneider Electric confirms dev platform breach after hacker steals data

November 4, 2024 at 02:24PM Schneider Electric confirmed a breach of its developer platform, with a threat actor claiming to have stolen 40GB of data from its JIRA server, including 75,000 unique email addresses. The company’s Global Incident Response team is investigating, and its products remain unaffected. The hacker demands $125,000 in “Baguettes” not to … Read more

European govt air-gapped systems breached using custom malware

October 8, 2024 at 12:05PM GoldenJackal, an APT hacking group, breached air-gapped European government systems using custom toolsets to steal sensitive data, including emails, encryption keys, and documents. They utilized malware like GoldenDealer and GoldenAce, spreading through USB drives. Kaspersky warned of their focus on government entities for espionage. ESET reported new modular toolsets used … Read more

New Tickler malware used to backdoor US govt, defense orgs

August 29, 2024 at 11:49AM APT33, an Iranian hacking group, has deployed the Tickler malware to infiltrate the networks of government, defense, satellite, oil, and gas organizations in the US and the UAE. Based on the meeting notes, it is clear that the APT33 Iranian hacking group has utilized the new Tickler malware to infiltrate … Read more

New Tickler malware used to backdoor US govt, defense orgs

August 28, 2024 at 02:41PM The APT33 Iranian hacking group has deployed new Tickler malware to infiltrate the networks of government, defense, satellite, oil, and gas organizations in the US and the UAE. Based on the meeting notes, it appears that the APT33 Iranian hacking group has employed new Tickler malware to create backdoors in … Read more

Chinese APT40 hackers hijack SOHO routers to launch attacks

July 9, 2024 at 11:13AM The joint advisory from international cybersecurity agencies and law enforcement warns of Chinese state-sponsored APT40’s cyberespionage attacks. APT40, known by various aliases, targets government and private entities in the US and Australia. They exploit vulnerabilities in public-facing infrastructure and edge networking devices and utilize hijacked SOHO routers for launching attacks. … Read more

Two men guilty of breaching law enforcement portal in blackmail scheme

June 18, 2024 at 10:54AM Two men, Sagar Steven Singh and Nicholas Ceraolo, admitted guilt in hacking a law enforcement database through their group “ViLE”. They extorted personal information for blackmail and faced charges in March 2023. Their activities involved accessing and threatening targeted individuals, with potential imprisonment sentences of two to seven years. From … Read more

New BiBi Wiper version also destroys the disk partition table

May 20, 2024 at 12:10PM The BiBi Wiper malware’s new variants are targeting Israeli and Albanian systems, linked to an Iranian hacking group named ‘Void Manticore.’ Check Point Research uncovered newer variants and operational overlaps involving another Iranian threat group. The malware is designed to complicate data restoration efforts, significantly extending downtime for targeted victims … Read more

Ukrainian REvil Ransomware Affiliate Gets 13 Years in US Prison

May 3, 2024 at 04:15AM Ukrainian national Yaroslav Vasinskyi, 24, was sentenced to 13 years and seven months in the US for his involvement in the REvil ransomware operation, particularly in the Kaseya attack impacting 1,500 organizations. Vasinskyi admitted to launching over 2,500 attacks, demanding $700 million in ransom and laundering proceeds using crypto exchanges. … Read more

Finland confirms APT31 hackers behind 2021 parliament breach

March 26, 2024 at 05:28PM The Finnish Police confirmed APT31 hacking group, linked to the Chinese MSS, behind the breach of Finland’s parliament in March 2021. A joint investigation revealed offenses including espionage and violation of communication secrecy, identifying one suspect. The U.S. and the UK have sanctioned individuals and entities related to APT31’s operations. … Read more