A North Korean threat actor was responsible for the $50 million heist that Radiant Capital fell victim to in October, the decentralized finance (DeFi) project says. The incident occurred on October 16, after three developers got infected with malware and their devices were used to sign fraudulent transactions during a routine multi-signature emissions adjustment process. READ MORE...
Chinese hackers almost breached critical European supply chain companies by disguising their malicious activities behind native Microsoft technologies. It happened during a three-week period, from late June to July, according to researchers from SentinelLabs. A threat actor tied to China's diverse and thriving cyberattack scene targeted large business-to-business (B2B) IT service providers throughout southern Europe, such as cybersecurity vendors and data and infrastructure solutions providers. READ MORE...
Microsoft has released fresh guidance to organizations on how to mitigate NTLM relay attacks by default, days after researchers reported finding a NTLM hash disclosure zero-day in all versions of Windows Workstation and Server, from Windows 7 to current Windows 11 versions. However, it was not immediately clear if the two developments are related or purely coincidental in terms of timing. In any event, the bug, which doesn't yet have a CVE or CVSS score, is not expected to be patched for months. READ MORE...
?Electrica Group, a key player in the Romanian electricity distribution and supply market, is investigating a ransomware attack that was still "in progress" earlier today. The company serves over 3.8 million users with nationwide coverage for electricity supply, maintenance, and energy services, distributing electricity to customers across Transilvania and Muntenia. READ MORE...
Anewly formed ransomware group known as Termite has claimed responsibility for a ransomware attack on Blue Yonder, which disrupted operations at several major companies, including Starbucks and leading U.K. grocery chains Morrisons and Sainsbury's. Blue Yonder, headquartered in Arizona, disclosed on Nov. 21 that it was experiencing disruptions within its managed services-hosted environment due to the attack. READ MORE...
Microsoft is offering $10,000 in prizes as part of a new hacking challenge focused on breaking the protections of a realistic simulated LLM-integrated email client. The client, LLMail, includes an assistant that uses an instruction-tuned large language model (LLM) to answer questions based on emails and perform specific actions on behalf of the user. There are four awards in total, of $4,000, $3,000, $2,000, and $1,000, and a live scoreboard will be displayed throughout the event. READ MORE...
Cisco's threat intelligence and research unit Talos has disclosed the details of several apparently unpatched vulnerabilities in an MC Technologies industrial router and the GoCast BGP tool. Talos published advisories for the vulnerabilities last month, and on Monday released a blog post announcing that they have yet to be patched, despite being responsibly disclosed to vendors roughly eight months ago. READ MORE...
Researchers at security shop Huntress are seeing mass exploitation of a vulnerability affecting three Cleo file management products, even on patched systems. Cleo issued patches for CVE-2024-50623, an unauthenticated remote code execution (RCE) bug affecting Harmony, VLTrader, and LexiCom running version 5.8.0.21 - marketed as secure file integration and transfer products - back in October. READ MORE...