What's going on? A cybercriminal group calling itself BlackSuit has claimed responsibility for a series of ransomware attacks, including breaches at schools in central Georgia . And earlier in the year, a zoo in Tampa Bay was targeted by the same hacking gang. Meanwhile, liberal arts college DePauw University in Indiana says that it was recently targeted, and a "limited amount of data on specific...

Over sixty credit unions across the United States have been taken offline following a ransomware attack at one of their technology providers - demonstrating once again the damage that can be caused by a supply-chain attack . There are a few moving parts here, so here’s a quick summary: Trellance - A provider of solutions and services used by credit unions, and the parent company of FedComp...

Once again, companies are being warned to be wary of past employees who may turn rogue. 28-year-old Andrew Mahn, of Derry, New Hampshire, has pleaded guilty to charges that he illegally hacked the network of his former company, telecoms firm Motorola after he successfully tricked current staff into handing over their login credentials Mahn, who had previously worked for Motorola as an RF Network...

US authorities have seized almost $9 million worth of cryptocurrency linked to a gang engaged in cryptocurrency investment fraud and romance scams. The US Department of Justice has announced that the seized funds are connected to cryptocurrency wallet addresses alleged to be associated with a " pig butchering " gang that has claimed over 70 victims around the world. "Pig butchering" is one of the...

What's the deal with CherryBlos? CherryBlos is a rather interesting family of Android malware that can plunder your cryptocurrency accounts - with a little help from your photos. Wait. I've heard of hackers stealing photos before, but what do you mean by malware stealing cryptocurrency via my photos? How does it do that? Well, imagine you have sensitive information - such as details related to...

It doesn't matter if you have a smartphone, a tablet, a laptop, or a desktop computer. Whatever your computing device of choice, you don't want it impacted by malware. And although many of us are familiar with the concept of protecting our PCs and laptops with security software that aims to identify attacks in real-time, it's not a defence that is as widely adopted on mobile devices. However, the...

Job hunters should be on their guard. Researchers at security firm WithSecure have described how fake job opportunities are being posted on LinkedIn with the intent of spreading malware. A Vietnamese cybercrime gang is being blamed for a malware campaign that has seen bogus adverts posted on LinkedIn, pretending to be related to jobs at computer memory and gaming accessories firm Corsair. The...

A former US Navy IT manager has been sentenced to five years and five months in prison after illegally hacking a database containing personally identifiable information (PII) and selling it on the dark web. 32-year-old Marquis Cooper, of Selma, California, was a chief petty officer in the US Navy's Seventh Fleet when he opened an account in August 2018 with a company that maintains a PII database...

Plastic surgeries across the United States have been issued a warning that they are being targeted by cybercriminals in plots designed to steal sensitive data including patients' medical records and photographs that will be later used for extortion. The warning , which was issued by the FBI yesterday and is directed towards plastic surgery offices and patients, advises that extortionists have been...

A joint cybersecurity advisory from the United States's National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) has shone a light on the top ten most common cybersecurity misconfigurations found in large private and public organisations. The report aims to detail the weaknesses found in many large organisations, and the need for software makers to properly...

It's nothing new for cybercriminals to use sneaky HTML tricks in their attempt to infect computers or dupe unsuspecting recipients into clicking on phishing links. Spammers have been using a wide variety of tricks for years in an attempt to get their marketing messages past anti-spam filters and in front of human eyeballs. It's enough to make you wish that email clients didn't support HTML at all...

What's happened? The FBI and US Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint advisory warning organisations about a ransomware-as-a-service operation called "Snatch." Snatch? As in the movie from twenty odd years ago? I'm not sure I've heard of Snatch before... Maybe you haven't. They don't have as high a profile as some of the other more notorious ransomware...

What's happened? CISA, the United States's Cybersecurity and Infrastructure Security Agency, has ordered federal agencies to patch their iPhones against vulnerabilities that can be used as part of a zero-click attack to install spyware from the notorious NSO Group. A "zero-click attack"? That's an attack that doesn't require any interaction from the user. Often times a malicious hacker requires a...

A Texas court has heard how last month a gang of men used a Raspberry Pi device to steal thousands of dollars from ATMs. According to local media reports , three men were arrested in Lubbock, Texas, after attempting to steal "large sums of US currency" from ATMs. The men - 38-year-old Abel Valdes, 41-year-old Yordanesz Sanchez, and 33-year-old Carlos Jordano Herrera-Ruiz - were arrested on August...

After a series of high-profile cryptocurrency heists, a state-sponsored North Korean malicious hacking group is poised to cash out millions of dollars. That's the opinion of the FBI, which this week has warned cryptocurrency companies about recent blockchain activity it has observed connected to the theft of hundreds of millions of cryptocurrency in recent months. The FBI says that the notorious...

In an era of escalating financial crimes, the spotlight shines brightly on the rising concerns in the realm of cybersecurity. According to a recent survey , a staggering 68% of UK risk experts anticipate a surge in financial crime risks over the next year. These apprehensions echo globally, with 69% of executives and risk professionals worldwide foreseeing an upswing in financial crime risks...

Security researchers have identified that a widespread LinkedIn malicious hacking campaign has seen many users locked out of their accounts worldwide. Some users who have had their access to their LinkedIn accounts blocked by the cybercriminals changing their passwords have been pressured into paying a ransom, according to a report from Cyberint , and threatened with permanent account deletion. In...

What is Rhysida? Rhysida is a Windows-based ransomware operation that has come to prominence since May 2023, after being linked to a series of high profile cyber attacks in Western Europe, North and South America, and Australia. The group appears to have links to the notorious Vice Society ransomware gang . What kind of organisations has Rhysida been hitting with ransomware? The US Department of...

Newly-released research reveals the eye-watering costs that the manufacturing sector has suffered in recent years at the hands of ransomware. The analysis , by Comparitech, looked at 478 confirmed ransomware attacks on manufacturing companies between 2018 and July 2023, in an attempt to determine their true cost. Whereas many of the headlines connected with ransomware have focused on the ransoms...

New rules requiring publicly-listed firms to disclose serious cybersecurity incidents within four days have been adopted by the US Securities and Exchange Commission (SEC). The tough new rules , although undoubtedly well-intentioned, are likely to leave some firms angry that they are being "micromanaged" and - it is argued - could even assist attackers. From December 2023, listed firms are...