Just ahead of the holiday season, U.S. companies and critical infrastructure providers are once again bracing for the potential risk of cyberattack, as threat groups look to exploit distracted IT security teams for maximum leverage. The vast majority of organizations - nearly 9 in 10 - hit by ransomware over the past 12 months were targeted at night or over a weekend period, when IT security staffing was low, a November report from Semperis shows. READ MORE...
A ransomware attack on supply chain management software provider Blue Yonder has impacted global operations at various companies in the United States and United Kingdom, affecting major retailers such as Starbucks and several UK-based supermarket chains. Starbucks has reported difficulties in processing payroll and managing employee schedules due to the incident, telling the Wall Street Journal that locations have resorted to manual calculations for employee pay. READ MORE...
Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect - a prolific hacker known as Kiberphant0m - remains at large and continues to publicly extort victims. However, this person's identity may not remain a secret for long: A careful review of Kiberphant0m's daily chats across multiple cybercrime personas suggests they are a U.S. Army soldier recently stationed in South Korea. READ MORE...
An international law enforcement operation has ensnared more than 1,000 cybercrime suspects in a crackdown that spanned 19 African countries over two months, Interpol and Afripol announced Tuesday. Dubbed Operation Serengeti, it targeted a wide range of cybercrime activity, with the law enforcement agencies saying it linked the criminals to 35,000 victims and $193 million worth of losses. The crimes ranged from ransomware to business email compromise. READ MORE...
A Russian script kiddie using little more than publicly available malware tools and exploits targeting weak credentials and configurations has assembled a distributed denial-of-service (DDoS) botnet capable of disruption on a global scale. In assembling the botnet, the attacker has targeted not just vulnerable Internet-of-Things devices, as is the common practice these days, but also enterprise development and production servers, significantly increasing its potential for widespread disruption. READ MORE...
The cybercriminals behind Banshee Stealer have reportedly shut down their operation after someone leaked the macOS malware's source code. Threat intelligence and research project Vx-Underground reported this week that the Banshee Stealer source code was leaked online. The project said the malware operation has been shut down as a result of the leak. It's unclear who leaked the code and why. READ MORE...
A 59 year-old Florida telco engineer was sentenced to 48 months in prison after he served as a spy for China, according to the US Department of Justice. According to the DoJ, Ping Li, a US citizen and Chinese immigrant, admitted to being a "cooperative contact" for China's Ministry of State Security since as early as 2012 - meaning he assisted in activities like conducting research and obtaining information on behalf of the Ministry. READ MORE...
Researchers have discovered vulnerabilities in the update process of Palo Alto Networks (CVE-2024-5921) and SonicWall (CVE-2024-29014) corporate VPN clients that could be exploited to remotely execute code on users' devices. CVE-2024-5921 affects various versions of Palo Alto's GlobalProtect App on Windows, macOS and Linux, and stems from insufficient certification validation. READ MORE...
A security researcher has blamed misconfigured implementations of Microsoft Power Pages for a slew of data breaches from web portals - including the leak of 1.1 million NHS employee records. It's the latest discovery by Dublin-based security researcher Aaron Costello, who previously discovered the health and personal details of over a million citizens had been accidentally exposed by Ireland's HSE Covid vaccination portal. READ MORE...