This week, French police arrested an alleged Hive "banker," Amazon cracked down on a refund fraud ring, Ukraine military intelligence said it hacked the Russian tax system, the U.K. Ministry of Defense was fined and Kraft Heinz said it is doing fine after an alleged ransomware attack.
A recently spotted hacking group with a penchant for using open-source tools has been using a less-than-novel tactic: exploiting SQL injection flaws. So warn researchers who recently detected attacks by the group, which has the codename GambleForce and appears to focus on gambling and retail firms.
Ukraine's domestic security agency on Wednesday fingered Russian military hackers as being responsible for hacking Kyivstar, in a statement acknowledging damage to the telecom operator's digital infrastructure. Ukraine's top telecom operator was the target of a Tuesday cyberattack.
The Cybersecurity and Infrastructure Security Agency released an advisory Wednesday warning that a Russian military intelligence unit has been actively exploiting a widely used software product since September as part of an effort to gain long-term access to compromised systems.
Hackers are exploiting OAuth applications to compromise user accounts, manipulate and confer elevated privileges, and set up cryptomining operations, which has cost some organizations up to $1.5 million in losses, according to Microsoft's Threat Intelligence team.
Russia and China are expert at picking the "most difficult nexuses" in society - such as free speech protections in the United States - and using them against us, said Jeff Moss, creator of the Black Hat conference, as he outlined near-term geopolitical challenges facing cybersecurity defenders.
Major government agencies in the United States intend to apply artificial intelligence, but the majority of planned use cases are still at the planning stage, a congressional watchdog said. Missing from those efforts is governmentwide guidance on the acquisition and use of AI technologies.
Check fraud, scams and account takeovers dominated the fraud landscape in 2023. Banks and other financial institutions are expected to continue to struggle with account takeovers as fraudsters have changed their modus operandi, making it difficult to track fraudulent proceeds.
Seeking to maximize profits no matter the cost, ransomware groups have been bolstering their technical prowess and psychological shakedowns with a fresh strategy: attempting to control the narrative. Experts are warning security researchers and journalists to beware being co-opted.
A U.K. parliamentary committee investigating ransomware threats recommended a more aggressive stance against threat actors and said the government should consider making incident reporting mandatory and provide government support for public sector victims "to the point of full recovery."
North Korean hacking group Lazarus Group is exploiting Log4Shell to target manufacturing, agriculture and physical security sectors, resulting in the deployment of a tailored implant on compromised systems. The attack campaign targeted publicly accessible VMware Horizon servers.
Ukrainian telecom operator Kyivstar was the target of a cyberattack that knocked internet access and mobile communications offline on the same day Ukrainian President Volodymyr Zelenskyy is in Washington to boost the case for additional military aid.
The U.K. government has sanctioned 14 individuals and groups that illegally employed human trafficking victims in online crypto and investment scams. Sanctioned individuals include a Chinese national previously targeted by the U.S. Treasury for running a gambling and trafficking business in Laos.
Spanish national police on Sunday arrested an alleged key money laundering figure of the profit-seeking Kelvin Security hacking operation. They detained a Venezuelan national who reportedly entered the country as a tourist. Police said the man is the head of the group's money laundering operation.
A Kentucky-based hospital chain is notifying millions of individuals that their information was potentially exfiltrated in a May attack. Russian-speaking ransomware-as-a-service group Alphv/BlackCat - which is currently reportedly undergoing its own disruptions - took credit for the data theft.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.