Swedish Prime Minister Ulf Kristersson says his country is under attack, after days of hard-hitting DDoS attacks against SVT Sweden's public TV broadcaster, government websites, and other key organisations. For a while, SVT's TV stations and news services were knocked offline as a result, in what have been the biggest DDoS attacks it has ever experienced. Sweden joined NATO in 2024, and has seen a dramatic rise in DDoS attacks ever since. READ MORE...
Late last year, security researchers made a startling discovery: Kremlin-backed disinformation campaigns were bypassing moderation on social media platforms by leveraging the same malicious advertising technology that powers a sprawling ecosystem of online hucksters and website hackers. A new report on the fallout from that investigation finds this dark ad tech industry is far more resilient and incestuous than previously known. READ MORE...
Humanitarian, social-welfare, environmental, and journalism organizations are under greater risk of cyberattack, as state actors, hacktivists, and cybercriminals target the nonprofit groups with increasingly severe offensive techniques. In fact, cyberattacks targeting at-risk humanitarian, activist, and journalism groups saw 241% more attacks in the last 12 months, with distributed denial-of-service (DDoS) attacks dominating the threat landscape. READ MORE...
Trend Micro has released security updates to address multiple critical-severity remote code execution and authentication bypass vulnerabilities that impact its Apex Central and Endpoint Encryption (TMEE) PolicyServer products. The security vendor underlines that it has seen no evidence of active exploitation in the wild for any of them. However, immediate application of the security updates is recommended to address the risks. READ MORE...
Ransomware gangs have exploited a vulnerability in the SimpleHelp remote support program to breach customers of a utility billing software vendor, the Cybersecurity and Infrastructure Security Agency (CISA) warned on Thursday. The government advisory follows an earlier warning from CISA and the FBI that hackers associated with the Play ransomware gang had been targeting critical infrastructure organizations using the flaw in SimpleHelp's remote management software. READ MORE...
Cybercriminals are exploiting the growing interest in open source AI models by disguising malware as a legitimate installer for DeepSeek. Victims are unwittingly downloading the "BrowserVenom" malware designed to steal stored credentials, session cookies, etc and gain access to cryptocurrency wallets. How are the bad guys spreading the malware? By buying Google ads… sigh… which point to a fake DeepSeek download page. READ MORE...
Recorded Future said on Thursday that it had linked Intellexa infrastructure to new locations, the latest indication that the Predator spyware maker has adapted after setbacks. The revelations from the company's Insikt Group include identification of a previously unknown customer in Mozambique, a connection to a Czech entity and a cluster linked to an Eastern European country. It also found innovations in how it was hiding its activity. READ MORE...
Google Cloud and Cloudflare are investigating ongoing outages impacting access to sites and various services across multiple regions. Cloudflare first acknowledged these issues less than 30 minutes ago when it reported Access authentication failures and Cloudflare Zero Trust WARP connectivity issues. "We are seeing a number of services suffer intermittent failures. READ MORE...
Ransomware operators are exploiting a SimpleHelp vulnerability in attacks targeting the customers of a utility billing software provider, the US cybersecurity agency CISA warns. The exploited bug, tracked as CVE-2024-57727 (CVSS score of 7.5), allows attackers to retrieve sensitive information such as credentials and API keys. The security defect was patched in January along with two other flaws, which allow attackers to upload arbitrary files and elevate their privileges to administrator. READ MORE...