November 2024
Cybercrooks are targeting Bengal cat lovers in Australia for some reason
In case today’s news cycle wasn’t shocking enough, here’s a gem from Sophos Fresh from a series of serious reports detailing its five-year battle with Chinese cyberattackers, Sophos has dropped a curious story about users of a popular infostealer-cum-RAT targeting a niche group of victims.…
Operation Synergia II sees Interpol swoop on global cyber crims
22,000 IP addresses taken down, 59 servers seized, 41 arrests in 95 countries Interpol is reporting a big win after a massive combined operation against online criminals made 41 arrests and seized hardware thought to be used for nefarious purposes.…
Cyberattackers stole Microlise staff data following DHL, Serco disruption
Experts say incident has 'all the hallmarks of ransomware' Telematics tech biz Microlise says an attack that hit its network likely did not expose customer data, although staff aren't so lucky.…
China’s Volt Typhoon reportedly breached Singtel in ‘test-run’ for US telecom attacks
Alleged intrusion spotted in June updated Chinese government cyberspies Volt Typhoon reportedly breached Singapore Telecommunications over the summer as part of their ongoing attacks against critical infrastructure operators.…
Scumbag puts ‘stolen’ Nokia source code, SSH and RSA keys, more up for sale
Data pinched from pwned outside supplier, thief claims IntelBroker, a notorious peddler of stolen data, claims to have pilfered source code, private keys, and other sensitive materials belonging to Nokia.…
Schneider Electric ransomware crew demands $125k paid in baguettes
Hellcat crew claimed to have gained access via the company's Atlassian Jira system Schneider Electric confirmed that it is investigating a breach as a ransomware group Hellcat claims to have stolen more than 40 GB of compressed data — and demanded the French multinational energy management company pay $125,000…
Ongoing typosquatting campaign impersonates hundreds of popular npm packages
Puppeteer or Pupeter? One of them will snoop around on your machine and steal your credentials An ongoing typosquatting campaign is targeting developers via hundreds of popular JavaScript libraries, whose weekly downloads number in the tens of millions, to infect systems with info-stealing and snooping malware.…
Washington courts grapple with statewide outage after ‘unauthorized activity’
Justice still being served, but many systems are down A statewide IT outage attributed to "unauthorized activity" is affecting the availability of services provided by all courts in Washington.…
Google claims Big Sleep ‘first’ AI to spot freshly committed security bug that fuzzing missed
You snooze, you lose, er, win Google claims one of its AI models is the first of its kind to spot a memory safety vulnerability in the wild – specifically an exploitable stack buffer underflow in SQLite – which was then fixed before the buggy code's official release.…
Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack
Victims were placed in serious danger following highly sensitive data dump The City of Columbus, Ohio, has confirmed half a million people's data was accessed and potentially stolen when Rhysida's ransomware raided its systems over the summer.…