Vyacheslav "Tank" Penchukov, the accused 40-year-old Ukrainian leader of a prolific cybercriminal group that stole tens of millions of dollars from small to mid-sized businesses in the United States and Europe, has been arrested in Switzerland, according to multiple sources. Penchukov was named in a 2014 indictment by the U.S. Department of Justice as a top figure in the JabberZeus Crew, a small but potent cybercriminal collective from Ukraine and Russia. READ MORE...
A Chinese state-sponsored cyberespionage group tracked as Billbug has been observed targeting a certificate authority in Asia, along with other entities, Symantec reports. Also tracked as Lotus Blossom and Thrip, Billbug is an advanced persistent threat (APT) actor mainly targeting entities in Southeast Asia and the United States. It's believed to have been active since at least 2009. Starting March 2022, the group has been targeting multiple entities in Asia. READ MORE...
North Korean hackers are using a new version of the DTrack backdoor to attack organizations in Europe and Latin America. DTrack is a modular backdoor featuring a keylogger, a screenshot snapper, a browser history retriever, a running processes snooper, an IP address and network connection information snatcher, and more. Apart from spying, it can also run commands to perform file operations, fetch additional payloads, steal files and data, and execute processes on the compromised device. READ MORE...
Destructive wiper malware has evolved very little since the "Shamoon" virus crippled some 30,000 client and server systems at Saudi Aramco more than 10 years ago. Yet it remains as potent a threat as ever to enterprise organizations, according to a new study. Max Kersten, a malware analyst at Trellix, recently analyzed more than 20 wiper families that threat actors deployed in various attacks since the beginning of this year, i.e., malware that makes files irrecoverable or destroys whole computer systems. READ MORE...
Among the vast majority of applications or systems, 95% have vulnerabilities, according to a report from the Synopsys Software Integrity Group. Across systems, one-fifth had high risk vulnerabilities and just under 5% were considered critical. Researchers conducted 4,400 tests on 2,700 software targets, including web applications, mobile applications, source code files or network systems. READ MORE...
Healthcare organisations in the United States are being warned to be on their guard once again, this time against a family of ransomware known as Venus. An advisory from the United States Department of Health and Human Services (HHS) has warned that the cybercriminals behind the Venus ransomware have targeted at least one healthcare entity in the United States, and are known to be targeting publicly-exposed Remote Desktop Servers. READ MORE...
Wednesday's scheduled launch by NASA of the Artemis I mission will be the first integrated test of the agency's SLS rocket and Orion spacecraft, which have been in development for 16 years and are expected to usher in a new era of space exploration. The uncrewed mission will also be only the second time a network standard known as time-triggered Ethernet has been taken into space, with the first being Orion's orbital test flight in 2014. READ MORE...
Multiple security vulnerabilities in Zendesk's Web-based customer relationship management (CRM) platform could have allowed attackers to access sensitive information from potentially any customer account - a discovery that showcases application programming interface (API) endpoint weaknesses in enterprise software-as-a-solution (SaaS) applications. Researchers from Varonis Threat Labs discovered the issues in Zendesk Explore, a component of Zendesk's platform, they said in a blog post published Nov. 15. READ MORE...