Over the past eight months, at least five Russian state-sponsored or cybercriminal groups have targeted Ukrainian government agencies and private companies in dozens of operations that aimed to disrupt services or steal sensitive information. In February, state-sponsored groups such as Gamaredon, Sandworm, and Fancy Bear used wiper programs in an attempt to damage infrastructure and sabotage computer systems, researchers at Trustwave say in a new research note. READ MORE...
In June 2022, Google mitigated a Layer 7 distributed denial-of-service (DDoS) attack that peaked at 46 million requests per second (RPS). Disclosed this week, this is the third HTTPS attack this year to reach tens of millions of RPS, after two lower-volume assaults were mitigated by Cloudflare. The first of them peaked at 15.3 million RPS, Cloudflare announced in April, while the second reached 26 million RPS, the web security company announced in June. READ MORE...
A malicious round of social engineering attacks against Mailchimp and at least one of its customers, DigitalOcean, highlights a persistent trend in the information security space of threat actors targeting vulnerable organizations by abusing the digital identity supply chain. DigitalOcean migrated away from Mailchimp after the email service provider's internal tooling was compromised by an attacker and unauthorized hackers reset the passwords of a small number of DigitalOcean customers. READ MORE...
The LockBit ransomware gang has claimed responsibility for the June cyberattack on digital security giant Entrust. Last month, BleepingComputer broke the story that Entrust suffered a ransomware attack on June 18th, 2022. Starting in early June, Entrust had begun to tell customers that they suffered a cyberattack where data was stolen from internal systems. "We have determined that some files were taken from our internal systems," Entrust shared in a security notification to customers. READ MORE...
Google has patched the fifth actively exploited zero-day vulnerability discovered in Chrome this year as one in a series of fixes included in a stable channel update released Wednesday. The bug, tracked as CVE-2022-2856 and rated as high on the Common Vulnerability Scoring System (CVSS), is associated with "insufficient validation of untrusted input in Intents," according to the advisory posted by Google. READ MORE...
?The Chinese Winnti hacking group, also known as 'APT41' or 'Wicked Spider,' targeted at least 80 organizations last year and successfully breached the networks of at least thirteen. This is according to Group-IB's researchers, who have been following Wintti's activities and describe 2021 as one of the most "intense" years for the Chinese hackers. The researchers say that Wintti targeted organizations in the U.S., India, Taiwan, and even China. READ MORE...
Scammers are using invoices sent through PayPal to trick recipients into calling a number to dispute a pending charge. The missives - which come from Paypal and include a link that displays an invoice for the supposed transaction - state that the user's account is about to be charged hundreds of dollars. Recipients who call the supplied toll-free number to contest the transaction are soon asked to download software that lets the scammers assume remote control over their computer. READ MORE...
The government industry in the United States dealt with heavy hitting breaches against local, federal, and state government networks, primarily during the first quarter of 2021. Our telemetry revealed a small spike in a generic backdoor detection, known as Backdoor.Agent, during March of 2021, mainly focused in Memphis, Tennessee. This data coincides with the attack on the Azusa Police Department in California, however, it reveals even more about the attacks observed the following month. READ MORE...
Apple has left a VPN bypass vulnerability in iOS unfixed for at least two years, leaving identifying IP traffic data exposed, and there's no sign of a fix. Back in early 2020, secure mail provider ProtonMail reported a flaw in Apple's iOS version 13.3.1 that prevented VPNs from encrypting all traffic. The issue was that the operating system failed to close existing connections. READ MORE...