The Swiss government has issued a warning after a third-party service provider suffered a ransomware attack, which saw sensitive information stolen from its systems and leaked onto the dark web. Radix a non-profit health foundation, works with various federal administrations across Switzerland in areas such as promoting good nutrition, healthy exercise, and helping individuals deal with addiction, and mental and sexual health issues. READ MORE...
Young Consulting's cybersecurity woes continue after the number of affected individuals from last year's suspected ransomware raid passed the 1 million mark. The software vendor to stop-loss insurance carriers, now trading as Connexure, said the attack took place sometime between April 10 and 13, 2024, in a data breach notice that remains on its website homepage today. The BlackSuit group took credit for the attack, which was also widely reported as a ransomware incident. READ MORE...
The Spanish police have arrested two individuals in the province of Las Palmas for their alleged involvement in cybercriminal activity, including data theft from the country's government. The duo has been described as a "serious threat to national security" and focused their attacks on high-ranking state officials as well as journalists. They leaked samples of the stolen data online to build notoriety and inflate the selling price. READ MORE...
The Russia-aligned APT known as Gamaredon is using sophisticated spear-phishing attacks to target Ukrainian government entities, after previously expanding its targeting to NATO countries. That's according to research published today by ESET's Zoltán Rusnák, who said that the nation-state actor has now returned to exclusively targeting Ukrainian government institutions. It is doing this through spear-phishing campaigns as well as attacks involving weaponized network drives and USB devices. READ MORE...
80% of AI tools used by employees go unmanaged by IT or security teams, according to Zluri's The State of AI in the Workplace 2025 report. AI is popping up all over the workplace, often without anyone noticing. If you're a CISO, if you want to avoid blind spots and data risks, you need to know where AI is showing up and what it's doing across the entire organization. Organizations are using dozens, sometimes hundreds, of AI tools across different teams. READ MORE...
Popular AI chatbots powered by large language models (LLMs) often fail to provide accurate information on any topic, but researchers expect threat actors to ramp up their efforts to get them to spew out information that may benefit them, such as phishing URLs and fake download pages. SEO poisoning and malvertising has made searching for login pages and software via Google or other search engines a minefield. READ MORE...
If an app markets itself as being for "child monitoring", a customer might expect that their data and those of the person you're monitoring is handled with the utmost care and respect. However, as we've seen many times before, stalkerware (which is what monitoring software is known as) apps have a tendency to be low quality and lack security. READ MORE...
North Korean hackers are luring employees at web3 and crypto-related organizations into installing Nim-compiled macOS malware via fake Zoom software updates, SentinelOne reports. The observed attacks follow an infection chain recently attributed to Pyongyang APT BlueNoroff: hackers impersonate a victim's trusted contact to invite them over Telegram to schedule a meeting via the popular Calendly scheduling platform. READ MORE...
Ransomware gang Hunters International has shut up shop and offered decryption keys to all victims as a parting favor. Announcing the news on Thursday morning, the gang deleted all victim data from its dark web leak site and issued a statement confirming its closure. "We, at Hunters International, wish to inform you of a significant decision regarding our operations," it said. Back in April, the group's leadership said ransomware had become "unpromising, low-converting, and extremely risky." READ MORE...
The Chinese hackers behind the massive telecommunications sector breach are "largely contained" and "dormant" in the networks, "locked into the location they're in" and "not actively infiltrating information," the top FBI cyber official told CyberScoop. But Brett Leatherman, new leader of the FBI Cyber division, said in a recent interview that doesn't mean the hackers, known as Salt Typhoon, no longer pose a threat. READ MORE...
Hackers are impersonating Microsoft, PayPal, Docusign, and other familiar brands in callback phishing scams aimed at stealing confidential information or delivering malware. These attacks trade the use of typical fake websites or links used in traditional phishing campaigns for a vector in which the victim calls the attacker on the phone themselves, believing they must handle an important transaction. READ MORE...