The New York Stock Exchange's parent company has just been hit with a $10 million fine for failing to properly inform the Securities and Exchange Commission (SEC) of a 2021 cyber intrusion. In an order published today, the SEC said that Intercontinental Exchange (ICE) will pay the penalty to settle charges it caused nine subsidiaries - the NYSE among them - to violate its Regulation Systems Compliance and Integrity (Regulation SCI) reporting rules. READ MORE...
A Chinese state-aligned threat group has been exfiltrating emails and files from high-level government and military targets across the Middle East, Africa, and Southeast Asia on a daily basis since late 2022. Operation Diplomatic Specter, a brazen espionage campaign described in a new report by Palo Alto Networks' Unit 42, targets ministries of foreign affairs, military entities, embassies, and more, in at least seven countries on three continents. READ MORE...
San Antonio-based healthcare provider El Centro Del Barrio (which operates as CentroMed) is informing 400,000 patients that their personal and protected health information was compromised in a recent cyberattack. The data breach was discovered on May 1, 2024, after a threat actor gained access to the organization's network on April 30, CentroMed said in an incident notice (PDF) on its website. READ MORE...
MITRE has published another blog post describing the recent cyberattack, focusing on how the hackers abused its VMware systems for persistence and detection evasion. MITRE, a not-for-profit company operating R&D centers on behalf of US government sponsors, revealed one month ago that state-sponsored hackers had exploited zero-day vulnerabilities in an Ivanti product to gain unauthorized access to its NERVE environment. READ MORE...
A highly successful, financially motivated crime group has been impersonating nonprofit organizations to obtain reduced rates or even free access to cloud accounts, which it then uses to operate an increasing number of gift card theft scams targeting top U.S. retailers, researchers with Microsoft said Thursday. The researchers said activity tied to the group, tracked by Microsoft as Storm-0539 or Atlas Lion and active since late 2021, has increased 30% between since March. READ MORE...
A novel malware that targets vulnerable drivers to terminate and thus evade endpoint detection and response (EDR) solutions has come to light, for now used in service of an elaborate cryptomining campaign. Researchers at Elastic Security Labs identified what they are calling an "intrusion set" dubbed "REF4578," that uses a multimodal malware called GhostEngine, it can disable EDR, they revealed in a blog post published today. READ MORE...
The United States Department of Justice has dealt a blow to dark web drug traffickers by arresting a man alleged to operate the dark web drugs marketplace Incognito Market. According to a DOJ press release, the alleged operator of a darknet platform sold over $100 million worth of narcotics worldwide. 23-year-old Rui-Siang Lin (also known as "Pharoah" or "faro") was arrested on 18 May at New York's John F Kennedy airport and appeared in Manhattan federal court on Monday. READ MORE...
The built-in safeguards found within five large language models released by "major labs" are ineffective, according to research published Monday by the U.K. AI Safety Institute. The anonymized models were assessed by measuring the compliance, correctness and completion of responses. The evaluations were developed and run using the institute's open-source model evaluation framework, Inspect, released earlier this month. READ MORE...
Academics have suggested that Apple's Wi-Fi Positioning System (WPS) can be abused to create a global privacy nightmare. In a paper titled, "Surveilling the Masses with Wi-Fi-Based Positioning Systems," Erik Rye, a PhD student at the University of Maryland (UMD) in the US, and Dave Levin, associate professor at UMD, describe how the design of Apple's WPS facilitates mass surveillance, even of those not using Apple devices. READ MORE...