City of London Police have charged two teenagers in relation to the ongoing investigation into the LAPSUS$ hacking group. The teenagers, aged 16 and 17, were scheduled to appear at Highbury Corner Magistrates Court in Islington this morning. The pair have been charged with three counts of unauthorised access to a computer with intent to impair the reliability of data, one count of fraud by false representation, and one count of unauthorised access to a computer with intent to hinder access to data. READ MORE...
Okta's outsourced provider of support services, Sitel (Sykes) has shared more information this week in response to the leaked documents that detailed the various incident response tasks carried out by Sitel after the Lapsus$ hack. The documents, leaked by a researcher online, perpetuated the myth that Sitel stored its domain admin passwords extracted from LastPass in an Excel spreadsheet-a claim now dispelled by Sitel. READ MORE...
A Russian cybercrime gang has lately sent credential-phishing emails to the military of Eastern European countries and a NATO Center of Excellence, according to a Google threat report this week. The web giant calls the Russia-based group Coldriver, and notes it's also known as Calisto. The cyber-gang used newly created Gmail accounts in its attempts to phish non-Gmail accounts, so Google can't verify the success rate of the campaigns. READ MORE...
Apple rushed out patches for two zero-days affecting macOS and iOS Thursday, both of which are likely under active exploitation and could allow a threat actor to disrupt or access kernel activity. Apple released separate security updates for the bugs - a vulnerability affecting both macOS and iOS tracked as CVE-2022-22675 and a macOS flaw tracked as CVE-2022-22674. Their discovery was attributed to an anonymous researcher. READ MORE...
The malware used Feb. 24 to hobble thousands of modems as an effort to disrupt Ukrainian communications networks might be a wiper delivered via a supply-chain attack, according to threat intelligence researchers with SentinelOne. The findings Thursday - based on an analysis of malware dubbed "AcidRain" the researchers think could have been involved in the Viasat hack - at least partially contradict the statement issued Wednesday by Viasat. READ MORE...
A new information-stealing malware named BlackGuard is winning the attention of the cybercrime community, now sold on numerous darknet markets and forums for a lifetime price of $700 or a subscription of $200 per month. The stealer can snatch sensitive information from a broad range of applications, pack everything in a ZIP archive and send it to the C2 of the malware-as-a-service (MaaS) operation. READ MORE...
Independent researchers and the United States military have become increasingly focused on orbiting satellites' potential security vulnerabilities in recent years. These devices, which are built primarily with durability, reliability, and longevity in mind, were largely never intended to be ultra-secure. But at the ShmooCon security conference in Washington, DC, on Friday, embedded device security researcher Karl Koscher raised questions about a different phase of a satellite's life cycle. READ MORE...
A security vendor's recent analysis of Rockwell Automation's programmable logic controller (PLC) platform has uncovered two serious vulnerabilities that give attackers a way to modify automation processes and potentially disrupt industrial operations, cause physical damage to factories, or take other malicious actions. Researchers from Claroty Team82 discovered the vulnerabilities and this week described them as being Stuxnet-like in nature because of how they allow attackers to run malicious code. READ MORE...