An Iranian hacking group accused of attempting to interfere in the 2020 presidential election, and attacking an unnamed U.S. organization in early 2022, could once again be looking to infiltrate American targets, the FBI warned in a notice late Thursday. The group identified as Emennet Pasargad has been using "false-flag campaigns under the guise of multiple personas" to target Israeli organizations in recent years and carry out hack-and-leak operations, the bureau said. READ MORE...
The US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) have issued a joint alert on a new cybercrime group targeting organizations in the healthcare sector. Called Daixin Team, the threat actor has been active since at least June 2022, targeting organizations in the US with ransomware based on leaked Babuk source code, and also engaging in data theft and extortion. READ MORE...
Cybercriminals used a pair of point-of-sale malware variants to steal more than 167,000 payment records from 212 infected devices mostly in the U.S., according to researchers with Group-IB. It's not clear who is behind the attack or whether they sold or used the pilfered card data. But researchers estimate the information could be worth more than $3.3 million, highlighting how malware designed to steal information from credit card payment terminals remains a troubling concern. READ MORE...
Major connected device manufacturers, retailers and industry groups back efforts to boost cyber awareness. The White House confirmed plans to launch a cybersecurity consumer labeling program for Internet of Things devices by the spring of 2023, following a Wednesday summit with some of the nation's top device makers, retailers and industry associations. READ MORE...
Abode Systems has resolved multiple severe vulnerabilities in its home security kit, including critical issues that could allow attackers to execute commands with root privileges. An American company, Abode Systems sells smart DIY home security systems and cameras that include motion sensors to detect intrusions or unwanted movements. Users can arm or disarm the system using an app or a keyfob. READ MORE...
Half of a million passwords from the RockYou2021 list account for 99.997% of all credential attacks against a variety of honeypots, suggesting attackers are just taking the easy road. Tens of millions of credential-based attacks targeting two common types of servers boiled down to a small fraction of the passwords that formed a list of leaked credentials, known as the RockYou2021 list. s. READ MORE...