A group of hackers claims to have stolen more than 60 gigabytes of data after breaching servers belonging to Taiwanese tech giant Acer. In a post on a publicly accessible hacker forum, a group calling itself "Desorden" claimed to have stolen databases and other files from breached Acer India servers. The hackers shared a link to a sample of the stolen data and they promised to leak more once they have analyzed it. They also published a video showing the files they allegedly stole from Acer. READ MORE...
An Israeli hospital was targeted Wednesday by a ransomware attack, officials said, with the state's cyber directorate calling it the first such attack on a hospital in the country. The Hillel Yaffe Medical Center is "currently using alternative systems to treat its patients", it said in a statement, describing the attack as "totally unexpected". "Medical treatment is continuing as usual, aside from non-urgent elective procedures," Hillel Yaffe said. READ MORE...
Fraudsters are using the promise of love to lure victims into downloading fake cryptocurrency trading apps and then stealing their funds, researchers at Sophos report. The ongoing campaign, which researchers have dubbed "CryptoRom," has targeted victims across Europe, the U.S. and Asia. In these scams, scammers use dating apps like Bumble, Tinder, and Grindr to build trust with a victim. They then move the conversation to a messaging app, where they ask victims to install a fake trading app. READ MORE...
Suspected government-backed hackers from Iran have used an array of techniques, from password theft to uploading a fake app to a prominent app marketplace, to try gathering intelligence from targets over the past year, Google said in a bulletin published Thursday. The espionage group APT35, also known as Charming Kitten, last year successfully uploaded to Google's Play Store an app that masqueraded as a virtual private network service, claiming the tool would safeguard user data. READ MORE...
The MyKings botnet (aka Smominru or DarkCloud) is still actively spreading, making massive amounts of money in crypto, five years after it first appeared in the wild. Being one of the most analyzed botnets in recent history, MyKings is particularly interesting to researchers thanks to its vast infrastructure and versatile features, including bootkits, miners, droppers, clipboard stealers, and more. READ MORE...
Threat group FreakOut's Necro botnet has developed a new trick: infecting Visual Tools DVRs with a Monero miner. Juniper Threat Labs researchers have issued a report detailing new activities from FreakOut, also known as Necro Python and Python.IRCBot. In late September, the team noticed that the botnets started to target Visual Tools DVR VX16 4.2.28.0 models with cryptomining attacks. The devices are typically deployed as part of a professional-quality surveillance system. READ MORE...
Users of OpenSea, the world's largest digital-collectible marketplace, have found their cryptocurrency wallets ripped off thanks to cyberattackers weaponizing security bugs that allowed them to highjack user accounts. The attacks revolved around boobytrapped art files, which circulated in the form of "free gifts." That's according to Check Point Research, whose researchers looked into a series of claims that cryptocurrency balances were going poof for both market shoppers and merchants. READ MORE...
Russia's online disinformation efforts are vast and growing. While most of the US media's attention to date has focused on Moscow's efforts in the US elections, this overlooks an even more robust campaign that has been underway in Europe for quite some time. Known as "Ghostwriter," this espionage and disinformation operation has targeted several European countries, including Germany, Poland, Ukraine, and the Baltics (Estonia, Latvia, and Lithuania). READ MORE...
Microsoft has confirmed new Windows 11 known issues which cause printers installation fails on systems commonly found in enterprise environments. As Redmond explains, printer installation might fail when attempted over the network on devices that access printers via print server using HTTP connections. Installing printers might also not complete successfully via the Internet Printing Protocol (IPP) in organizations sharing an IPP printer using printer connections. READ MORE...