AP Sources: Chinese Hackers Targeted Phones of Trump, Vance, People Associated With Harris Campaign
Chinese hackers engaged in a broader espionage operation targeted cellphones used by Republican presidential nominee Donald Trump, his running mate, JD Vance, and people associated with the Democratic campaign of Kamala Harris, people familiar with the matter said Friday. An FBI statement did not confirm the identities of any of the potential targets but said it was investigating "unauthorized access to commercial telecommunications infrastructure by actors affiliated with the People's Republic of China." READ MORE...
How to Block Attacks 'Before' the Inbox
On Wednesday, October 23, 2024, we hosted a webinar with Check Point Software to discuss how organizations can block attacks before they hit the inbox. Based on Cloudflare's 2023 Phishing Threats Report, a staggering 90% of successful cyberattacks start with email phishing. t's all happening fast, too. The median time to click on a malicious link after the email is opened is 21 seconds, and then only another 28 seconds for the person caught in the phishing scheme to enter their data. READ MORE...
100 million US citizens officially impacted by Change Healthcare data breach
In April, we reported that a "substantial proportion" of Americans may have had their health and personal data stolen in the Change Healthcare breach. That was based on a report provided by the UnitedHealth Group after the February cyberattack on its subsidiary Change Healthcare. The attack on Change Healthcare, which processes about 50% of US medical claims, was one of the worst ransomware attacks against American healthcare and caused widespread disruption in payments. READ MORE...
Suspected Russian hacking, influence operations take aim at Ukrainian military recruiting
A suspected Russian group is targeting potential Ukrainian military recruits in an espionage campaign that's running concurrently with an influence operation designed to undermine Ukraine's broader military mobilization, according to research published Monday. The hybrid campaign apparently looks to capitalize on fears about a Ukrainian mobilization law that went into effect this year that lowered the minimum conscription age to 25. READ MORE...
Russia's APT29 Mimics AWS Domains to Steal Windows Credentials
Russia's premiere advanced persistent threat group has been phishing thousands of targets in militaries, public authorities, and enterprises. APT29 (aka Midnight Blizzard, Nobelium, Cozy Bear) is arguably the world's most notorious threat actor. An arm of the Russian Federation's Foreign Intelligence Service (SVR), it's best known for the historic breaches of SolarWinds and the Democratic National Committee (DNC). READ MORE...
Black Basta ransomware poses as IT support on Microsoft Teams to breach networks
The BlackBasta ransomware operation has moved its social engineering attacks to Microsoft Teams, posing as corporate help desks contacting employees to assist them with an ongoing spam attack. Black Basta is a ransomware operation active since April 2022 and responsible for hundreds of attacks against corporations worldwide. After the Conti cybercrime syndicate shut down in June 2022 following a series of embarrassing data breaches, the operation split into multiple groups. READ MORE...
Fog ransomware targets SonicWall VPNs to breach corporate networks
Fog and Akira ransomware operators are increasingly breaching corporate networks through SonicWall VPN accounts, with the threat actors believed to be exploiting CVE-2024-40766, a critical SSL VPN access control flaw. SonicWall fixed the SonicOS flaw in late August 2024, and roughly a week later, it warned that it was already under active exploitation. At the same time, Arctic Wolf security researchers reported seeing Akira ransomware affiliates leveraging the flaw. READ MORE...
Fraudsters revive old tactics mixed with modern technology
Threat actors continue to probe the payments ecosystem for vulnerabilities and were successful in conducting fraud schemes affecting multiple financial institutions, technologies, and processes, according to Visa. Scammers are going back to basics with an increase of physical theft over the past six months, capitalizing on the window between the theft and the victim's awareness. READ MORE...
LinkedIn Hit With $335M Fine for Data Privacy Violations
LinkedIn earned itself a €310 million ($335 million) fine by European Union regulators on Oct. 24 for its violations of the General Data Protection Regulation (GDPR) data privacy rules. Ireland's Data Protection Commission (DPC) cited concerns regarding the lawfulness, fairness, and transparency of personal data processing for the professional networking site's advertising purposes. The DPC reported that LinkedIn did not have lawful basis to be compiling data to target its users with ads. READ MORE...
- ...in 1726, Jonathan Swift's satirical fantasy novel "Gulliver's Travels" is published.
- ...in 1886, The Statue of Liberty (originally named "Liberty Enlightening the World") is dedicated at Liberty Island, NY by President Grover Cleveland.
- ...in 1942, computer scientist and academic Gillian Lovegrove, an early pioneer and vocal advocate of women in IT-oriented professions, is born in Yorkshire, UK.
- ...in 1962, Soviet Premier Nikita Khrushchev orders Soviet missiles removed from Cuba, ending the Cuban Missile Crisis.
