China's Silk Typhoon, tied to US Treasury break-in, now hammers IT and govt targets
Silk Typhoon, the Chinese government crew believed to be behind the December US Treasury intrusions, has been abusing stolen API keys and cloud credentials in ongoing attacks targeting IT companies and state and local government agencies since late 2024, according to Microsoft Threat Intelligence. The timing of this campaign coincides with that break-in at the US Treasury Department, during which Beijing's cyberspies stole data from workstations belonging to the Office of Foreign Assets Control. READ MORE...
US indicts 12 Chinese nationals for vast espionage attack spree
The Justice Department on Wednesday indicted 12 Chinese nationals for their alleged involvement in an extensive nation-state-backed espionage campaign that included a spree of attacks on U.S. federal and state agencies. Officials accused the Chinese individuals, including two officers of China's Ministry of Public Security, eight i-Soon employees and two members of Silk Typhoon, of breaching numerous networks globally to steal and sell data to China's intelligence and security services. READ MORE...
Deepfake Videos of YouTube CEO Phish Creators
Threat actors - or, more specifically, phishers - have been sharing false, artificial intelligence (AI)-generated videos of YouTube CEO Neal Mohan, sent as private videos to the platform's content creators in an attempt to scam them, install malware, and steal credentials. At least one of the videos shows Mohan purportedly announcing changes in monetization for content creators. YouTube has since reminded its users that it will never attempt to contact or share information through a private video. READ MORE...
Espionage Actor 'Lotus Blossom' Targets Southeast Asia
An espionage-focused threat actor dubbed "Lotus Blossom" is targeting areas around the South China Sea with a proprietary backdoor malware known as "Sagerunex." The threat actor, which targets governments, manufacturing, media, and telecommunications organizations across the region, gains access to a target and then unfolds a multistage attack chain, according to recent research from Cisco Talos threat intelligence researcher Joey Chen. READ MORE...
Malicious Chrome extensions can spoof password managers in new attack
A newly devised "polymorphic" attack allows malicious Chrome extensions to morph into browser extensions, including password managers, crypto wallets, and banking apps, to steal sensitive information. The attack was devised by SquareX Labs, which warns of its practicality and feasibility on the latest version of Chrome. The researchers have responsibly disclosed the attack to Google. The attack begins with the submission of the malicious polymorphic extension on Chrome's Web Store. READ MORE...
Massive botnet that appeared overnight is delivering record-size DDoSes
A newly discovered network botnet comprising an estimated 30,000 webcams and video recorders has been delivering what is likely to be the biggest denial-of-service attack ever seen, a security researcher inside Nokia said. The botnet, tracked under the name Eleven11bot, first came to light in late February when researchers inside Nokia's Deepfield Emergency Response Team observed large numbers of geographically dispersed IP addresses delivering "hyper-volumetric attacks." READ MORE...
Cactus Ransomware: What You Need To Know
What is the Cactus ransomware? Cactus is a ransomware-as-a-service (RaaS) group that encrypts victim's data and demands a ransom for a decryption key. Hundreds of organisations have found themselves the victim of Cactus since it was first discovered in March 2023, with their stolen data published on the dark web as an "incentive" to give in to the extortionists' demands. Cactus made a name for itself by exploiting vulnerabilities in VPN appliances to gain access to corporate networks. READ MORE...
BadBox Botnet Powered by 1 Million Android Devices Disrupted
A second iteration of the BadBox botnet has been partially disrupted after impacting over one million Android devices worldwide, bot and fraud protection firm Human Security reports. First discovered in 2023, the BadBox botnet consisted of low-cost Android devices that came to the shelves with backdoored firmware. These devices, including smartphones, CTV boxes, and tablets, were made by at least one Chinese manufacturer, and some of them were used in public schools in the US. READ MORE...
- ...In 1896, Charles King tested his automobile on the streets of Detroit, becoming the first person to drive a car in the Motor City.
- ...in 1899, German company Bayer registers a trademark for its first major product: "Aspirin."
- ...in 1917, cartoonist and graphic novelist Will Eisner ("The Spirit", "A Contract With God") is born in Brooklyn, NYC.
- ...in 1972, basketball great (and former movie genie) Shaquille O'Neal is born in Newark, NJ.
