A ransomware attack is being blamed for halting pipeline activities for the Colonial Pipeline Company, which supplies the East Coast with roughly 45 percent of it liquid fuels. In a statement released Saturday, the Colonial Pipeline Company said it temporarily halted pipeline operations in response to a cyberattack impacting the company on Friday. As a precaution the company proactively took key systems offline to avoid further infections. READ MORE...
The cyberextortion attempt that has forced the shutdown of a vital U.S. pipeline was carried out by a criminal gang known as DarkSide that cultivates a Robin Hood image of stealing from corporations and giving a cut to charity, two people close to the investigation said Sunday. The shutdown, meanwhile, stretched into its third day, with the Biden administration loosening regulations for the transport of petroleum products on highways as part of an "all-hands-on-deck" effort to avoid disruptions in the fuel supply. READ MORE...
Texas-based IT management company SolarWinds on Friday shared more information on the impact of the significant breach disclosed late last year, and claimed that less than 100 of its customers were actually hacked. The hackers, which have officially been linked by the United States and others to Russia's Foreign Intelligence Service (SVR), breached SolarWinds systems in 2019 or possibly even earlier. READ MORE...
Microsoft detected a large-scale business email compromise (BEC) campaign that targeted more than 120 organizations using typo-squatted domains registered a few days before the attacks started. BEC scammers use various tactics (including social engineering, phishing, or hacking) to compromise business email accounts, later used to redirect payments to bank accounts under their control or target employees in gift card scams. READ MORE...
North Korean APT group Kimsuky is adopting new tactics, techniques, and procedures in global attacks, report researchers whose findings indicate the group's operations have sufficient differences to warrant splitting it into two smaller subgroups: CloudDragon and KimDragon. Kimsuky is not a new group but has adopted new methods to support its mission of collecting intelligence. A US government alert issued in October 2020 reported the group had been operating since 2012. READ MORE...
Four individuals from Eastern Europe face 20 years in prison for Racketeer Influenced Corrupt Organization (RICO) charges after pleading guilty to running a bulletproof hosting service as a safe haven for cybercrime operations targeting US entities. The bulletproof hosting service was founded by Russian citizens Aleksandr Grichishkin and Andrei Skvortsov, who hired Lithuanian Aleksandr Skorodumov and Estonian Pavel Stassi as the organization's system admin and administrator, respectively. READ MORE...
In September 2015, Apple managers had a dilemma on their hands: should, or should they not notify 128 million iPhone users of what remains the worst mass iOS compromise on record? Ultimately, all evidence shows, they chose to keep quiet. The mass hack first came to light when researchers uncovered 40 malicious App Store apps, a number that mushroomed to 4,000 as more researchers poked around. The apps contained code that made iPhones and iPads part of a botnet that stole potentially sensitive user information. READ MORE...
Since the first stay-at-home measures were imposed by governments to keep everyone safe from the worsening COVID-19 pandemic, we at Malwarebytes have been making sure that you, dear reader, are as cyber-secure as possible in your home network, while you try to work and while your children attend online classes. There has been much discussion of antivirus protection, patching your software, and using VPNs. But what if the security flaws aren't in your phones or laptops, but the router your ISP gave you? READ MORE...
Foxit Software, the company behind the highly popular Foxit Reader, has published security updates to fix a high severity remote code execution (RCE) vulnerability affecting the PDF reader. This security flaw could allow attackers to run malicious code on users' Windows computers and, potentially, take over control. Foxit claims to have more than 650 million users from 200 countries, with its software currently being used by over 100,000 customers. READ MORE...