Court systems across Washington state have been down since Sunday when officials said "unauthorized activity" was detected on their networks. This ongoing data system outage affects all state courts' judicial information systems, websites, and associated services. According to statements from affected state courts, the Administrative Office of the Courts (AOC) acted quickly after discovering the incident to secure critical court systems and is currently working to restore impacted services. READ MORE...
Nokia is investigating an alleged cyberattack in which threat actors claim to have stolen sensitive internal data. However, the company says that so far there is no evidence that either its data or systems were affected by a breach. Known threat actor IntelBroker on Tuesday posted what it claimed is Nokia's online internal data - including SSH keys, source code, and internal credentials - putting it up for sale on the BreachForums cybercrime site for $20,000. READ MORE...
Tech support scammers are targeting eBay customers in the U.S. via fraudulent Google ads. In a few separate searches, we were able to identify multiple Sponsored results that were created from at least four different advertiser accounts. While most of those ads clearly looked fake, they appeared consistently and prominently enough to trick the inattentive user into a scam. Victims who clicked the ad were redirected to bogus websites prompting them to call for assistance. READ MORE...
North Korean hackers are targeting crypto-related businesses with phishing emails and novel macOS-specific malware. Since July 2024, phishing emails seemingly containing helpful information on risks related to the rise of the price of Bitcoin have been sent to intended victims in cryptocurrency-related industries, SentinelLabs researchers have found. The email urges the recipient to click on the "Open" button to download a PDF, but doing that will trigger the download of a malicious application. READ MORE...
Cisco on Wednesday announced patches for dozens of vulnerabilities in its enterprise products, including a critical-severity flaw in Unified Industrial Wireless software. The critical bug, tracked as CVE-2024-20418 (CVSS score of 10/10), allows a remote, unauthenticated attacker to inject commands on the underlying operating system, with root privileges. The issue exists because the web-based management interface of the industrial networking solution does not properly validate input. READ MORE...
The Cleafy threat intelligence team recently came across an Android banking trojan that has been observed targeting users in Europe and elsewhere. The cybersecurity firm noticed in late October that there had been a significant increase in what initially appeared to be a campaign involving TgToxic, a China-linked piece of malware that has been used since at least mid-2022 to target Android users in Southeast Asia in an effort to steal cryptocurrency and funds from banking and other finance apps. READ MORE...
A recent spear-phishing campaign targeting industrial and engineering companies in Europe was aimed at saddling victims with the popular GuLoader downloader and, ultimately, a remote access trojan that would permit attackers to steal information from and access compromised computers whenever they wish. "The emails are sent from various email addresses including from fake companies and compromised accounts," Tara Gould, Threat Research Lead at Cado Security, has warned. READ MORE...
Hundreds of companies worldwide have been targeted with spear-phishing emails claiming copyright infringement that actually deliver an infostealer. Starting in July, Check Point Research began to track the emails as they spread across the Americas, Europe, and Southeast Asia, coming from a new domain each time. Hundreds of its customers have been targeted, indicating that the real reach of the campaign may be far greater still. READ MORE...