DOJ seizes $7.7M from crypto funds linked to North Korea's IT worker scheme
Federal authorities on Thursday said they seized $7.74 million from North Korean nationals as they attempted to launder cryptocurrency obtained by IT workers who gained illegal employment and funneled the wages to the North Korean regime. The allegedly illegally obtained funds were linked to Sim Hyon Sop, a representative of North Korean Foreign Trade Bank, and Kim Sang Man, CEO of Chinyong, an outfit associated with North Korea's Ministry of Defense, the Justice Department said. READ MORE...
Marks & Spencer's ransomware nightmare - more details emerge
Over Easter, retail giant Marks & Spencer (M&S) discovered that it had suffered a highly damaging ransomware attack that left some shop shelves empty, shut down online ordering, some staff unable to clock in and out, and caused some of its major suppliers to resort to pen and paper. In a gloating abuse-filled email to M&S CEO Stuart Machin, the DragonForce hacker group claimed responsibility for the attack. In a desperate attempt to contain the attack, M&S switched off the VPN used by staff to work remotely. READ MORE...
Chinese spy crew appears to be preparing for conflict by backdooring 75+ critical orgs
An IT services company, a European media group, and a South Asian government entity are among the more than 75 companies where China-linked groups have planted malware to access strategic networks should a conflict break out. SentinelLABS, the threat intel and research arm of security shop SentinelOne, uncovered these new clusters of malicious activity when the suspected Chinese spies tried to break into SentinelOne's own servers in October. READ MORE...
Booking.com reservation abused as cybercriminals steal from travelers
Robert Woodford, a recruitment marketing specialist, recently shared on LinkedIn how he fell victim to a highly sophisticated scam while booking a hotel in Verona through Booking.com, providing a striking example of how attacks on the hospitality industry affect travelers. After completing a legitimate booking-and trading some communications with the hotel-Woodford received a separate message that he believed came from the official Booking.com messaging system. READ MORE...
FBI, CISA warn Play ransomware targeting critical infrastructure with evolving techniques
The FBI and the Cybersecurity and Infrastructure Security Agency on Wednesday warned that the Play ransomware gang has been targeting U.S. critical infrastructure and other organizations using evolving techniques. The ransomware group was among the most active in 2024 and has targeted a wide range of businesses and infrastructure providers in North America, South America and Europe, the agencies said in a joint advisory. READ MORE...
BADBOX 2.0 Targets Home Networks in Botnet Campaign, FBI Warns
The Federal Bureau of Investigation (FBI) warned that cybercriminals are compromising Internet of Things (IoT) devices connected to home networks through the BADBOX 2.0 botnet. The BADBOX 2.0 botnet was discovered several months ago after the original BADBOX campaign was disrupted in 2024. Human Security's Satori Threat Intelligence and Research team, alongside Google, Trend Micro, the Shadowserver Foundation, and others, were able to partially disrupt the BADBOX 2.0 operation. READ MORE...
Proxy Services Feast on Ukraine's IP Address Exodus
Ukraine has seen nearly one-fifth of its Internet space come under Russian control or sold to Internet address brokers since February 2022, a new study finds. The analysis indicates large chunks of Ukrainian Internet address space are now in the hands of shadowy proxy and anonymity services that are nested at some of America's largest Internet service providers (ISPs). The findings come in a report examining how the Russian invasion has affected Ukraine's domestic supply of IPv4 addresses. READ MORE...
Unverified code is the next national security threat
American infrastructure is powered by open-source software and no one knows who wrote it. That's not hyperbole. It's a structural vulnerability. Every day, government agencies, contractors, and Fortune 500 companies deploy software built by anonymous developers and downloaded from public repositories into critical systems - sometimes with no scrutiny of who created it or whether it's been compromised. This issue is no longer just a tech problem. It's a matter of national security. READ MORE...
Misconfigured HMIs Expose US Water Systems to Anyone With a Browser
A stray artifact in a TLS certificate led security researchers to an unnerving discovery: hundreds of control-room dashboards for US water utilities were sitting a click away from the public internet, and dozens of them offered full, no-password control over pumps, valves and chemical feeds. The trail started last October, when the research team at Censys ran a routine scan of industrial-control hosts and noticed certificates with the word "SCADA" embedded. READ MORE...
- ...in 1915, Lester Polsfuss AKA Les Paul, the pioneering guitarist and engineer who designed one of the earliest solid-body electric guitars, is born in Waukesha, WI.
- ...in 1934, Donald Duck makes his onscreen debut in the Disney short "The Wise Little Hen".
- ...in 1964, the Central Intelligence Agency (CIA) submits a memo that effectively challenges the "domino theory" backbone of the Johnson administration policies
- ...in 1973, Secretariat wins the coveted Triple Crown.
