Fancy Bear, the hacking group linked to Russia's Main Intelligence Directorate (GRU), has been targeting the email accounts of high-ranking Ukrainian officials as well as executives at defense contractors located in other countries who sell weapons and equipment to Kyiv, according to new research from ESET. The campaign, ongoing since at least 2023, has taken advantage of spearphishing and cross-site scripting vulnerabilities in different webmail software products. READ MORE...
The Australian Human Rights Commission (AHRC) disclosed a data breach incident where private documents leaked online and were indexed by major search engines. Many of the hundreds of documents exposed online contained private, sensitive information, like names, contact information, health details, schooling, religion, and more. AHRC is an independent statutory body established by the Australian Government, with the primary role of promoting and protecting human rights in the country. READ MORE...
Canadian electric utility Nova Scotia Power has shared a list of the types of personal and financial information that were stolen as part of the recently disclosed cybersecurity incident. The intrusion was announced to the public by Nova Scotia Power and its parent company Emera in late April, and on May 1 it was revealed that hackers had stolen some customer information. The company highlighted that the incident did not cause any disruption to facilities. READ MORE...
Nucor Corp. on Wednesday disclosed a cyberattack involving an unauthorized third party that gained access to parts of its IT systems. In a filing with the Securities and Exchange Commission, the Charlotte, N.C.-based steelmaker said it proactively took potentially affected systems offline and implemented other containment measures. As a precautionary measure, company halted production at various locations as of Tuesday, the day the incident disclosure was filed with regulators. READ MORE...
Google warned today that hackers using Scattered Spider tactics against retail chains in the United Kingdom have also started targeting retailers in the United States. "The US retail sector is currently being targeted in ransomware and extortion operations that we suspect are linked to UNC3944, also known as Scattered Spider," John Hultquist, Chief Analyst at Google Threat Intelligence Group, told BleepingComputer. READ MORE...
A Chinese threat actor was seen disrupting the drone supply chain in multi-wave attacks against various organizations in Taiwan and South Korea, Trend Micro reports. Dubbed Earth Ammit and believed to be tied to Chinese APTs, the hacking group was seen launching two attack campaigns between 2023 and 2024, targeting organizations across multiple sectors to compromise trusted supply chains. READ MORE...
Companies running Samsung MagicINFO, a platform for managing content on Samsung commercial digital displays, should upgrade to the latest available version of its v9 branch to fix a vulnerability that's reportedly being exploited by attackers. If this advice sounds familiar, it's because it is a repeat of a call that happened ten days ago, when researchers spotted attackers attempting to compromise machines running the platform's server component by exploiting a path traversal vulnerability. READ MORE...
DragonForce, a new-ish ransomware-as-a-service operation, has given organizations another cyber threat to worry about - unless they're in Russia, which is off limits to the would-be extortionists. The gang started operations in August 2023 but its ransomware didn't gain much traction until the following year, when DragonForce operators began advertising for affiliates on dark web forums. The gang has since claimed many victims and drawn the attention of the FBI. READ MORE...
Cybercriminals aren't so different from the rest of us - they live in the real world, and their spending and investment habits, though funded through crime, can look surprisingly ordinary. Luxury cars and lavish vacations may still grab headlines, but those perks are reserved for the most elite cybercriminals. In reality, everyday businesses - like pizza delivery, construction supplies, or tattoo parlors - are supported by the fruits of the labor that comes from a life of cybercrime. READ MORE...