2024
North Korea likely behind takedown of Indian crypto exchange WazirX
Firm halts trades after seeing $230 million disappear Indian crypto exchange WazirX has revealed it lost virtual assets valued at over $230 million after a cyber attack that has since been linked to North Korea.…
Beijing’s attack gang Volt Typhoon was a false flag inside job conspiracy: China
Run by the NSA, the FBI, and Five Eyes nations, who fooled infosec researchers, apparently China has wildly claimed the Volt Typhoon gang, which Five Eyes nations accuse of being a Beijing-backed attacker that targets critical infrastructure, was in fact made up by the US intelligence community.…
Judge mostly drags SEC’s lawsuit against SolarWinds into the recycling bin
Russia-invaded software biz 'grateful for the support we have received' A judge has mostly thrown out a lawsuit brought by America's financial watchdog that accused SolarWinds and its chief infosec officer of misleading investors about its computer security practices and the backdooring of its Orion product.…
Kaspersky challenges US government to put up or shut up about Kremlin ties
Stick an independent probe in our software, you won't find any Putin.DLL backdoor Kaspersky has hit back after the US government banned its products – by proposing an independent verification that its software is above board and not backdoored by the Kremlin.…
Russia’s FIN7 is peddling its EDR-nerfing malware to ransomware gangs
Major vendors' products scuppered by novel techniques Prolific Russian cybercrime syndicate FIN7 is using various pseudonyms to sell its custom security solution-disabling malware to different ransomware gangs.…
Maximum-severity Cisco vulnerability allows attackers to change admin passwords
You’re going to want to patch this one Cisco just dropped a patch for a maximum-severity vulnerability that allows attackers to change the password of any user, including admins.…
Firms skip security reviews of major app updates about half the time
Complicated, costly, time-consuming – pick three Cyber security workers only review major updates to software applications only 54 percent of the time, according to a poll of tech managers.…
Release the hounds! Securing datacenters may soon need sniffer dogs
Nothing else can detect attackers with implants designed to foil physical security Sniffer dogs may soon become a useful means of improving physical security in datacenters, as increasing numbers of people are adopting implants like NFC chips that have the potential to enable novel attacks on access control…
Cyber-crime super-crew Scattered Spider falls in love with RansomHub and Qilin
Extortionists left hanging after rivals crawled into the woodwork The Scattered Spider cybercrime group is now using RansomHub and Qilin ransomware variants in its attacks, illustrating a possible power shift among hacking groups.…
Ransomware continues to pile on costs for critical infrastructure victims
Millions more spent without any improvement in recovery times Costs associated with ransomware attacks on critical national infrastructure (CNI) organizations skyrocketed in the past year.…