Stay Ahead of Cyber Threats – Daily Security Insights, Powered by AI
A new variant of StopCrypt ransomware (aka STOP) was spotted in the wild, employing a multi-stage execution process that involves shellcodes to evade security tools.
StopCrypt, also known as STOP Djvu, is the most widely distributed ransomware in existence that you rarely hear about.
While you constantly hear how big some ransomware operations are, such as LockBit, BlackCat, and Clop, you rarely hear security researchers discussing STOP.…
A new variant of StopCrypt ransomware (aka STOP) was spotted in the wild, employing a multi-stage execution process that involves shellcodes to evade security tools.
StopCrypt, also known as STOP Djvu, is the most widely distributed ransomware in existence that you rarely hear about.
While you constantly hear how big some ransomware operations are, such as LockBit, BlackCat, and Clop, you rarely hear security researchers discussing STOP.…
In a recent cyber incident, the Handala team has purportedly infiltrated the servers of Viber Messenger, a popular messaging platform. According to their claims, the group successfully extracted a comprehensive array of sensitive data and the source code of Viber Messenger.
The volume of data compromised in the attack is staggering, totaling over 740 gigabytes.…
A purported threat actor has purportedly disclosed the database of Banregio Grupo Financiero, a financial group in Mexico, with a size of 340MB and file types including doc, xlsx, csv, sql, and html. According to the actor, access to the control panel was gained due to system malfunctions and errors, facilitating the export of all project attachments, including data in HTML format accompanied by screenshots.…
Nissan Oceania, the regional division of the multinational carmaker, announced in December 2023 that it had suffered a cyber attack and launched an investigation into the incident. Nissan immediately notified the Australian Cyber Security Centre and the New Zealand National Cyber Security Centre.…
Web traffic management firm BotGuard OU on Wednesday announced raising €12 million (~$13.1 million) in a Series A funding round that brings the total investment to approximately $13.7 million.
The new funding round was led by MMC Ventures, with additional investment from Tera Ventures, Expeditions Fund, and angel investors.…
Mar 14, 2024NewsroomRansomware / Cyber Crime
A 34-year-old Russian-Canadian national has been sentenced to nearly four years in jail in Canada for his participation in the LockBit global ransomware operation.
Mikhail Vasiliev, an Ontario resident, was originally arrested in November 2022 and charged by the U.S.…
France Travail, formerly known as Pôle Emploi, is warning that hackers breached its systems and may leak or exploit personal details of an estimated 43 million individuals.
France Travail is the French governmental agency responsible for registering unemployed individuals, providing financial aid, and assisting them in finding jobs.…
Nissan Oceania is warning of a data breach impacting 100,000 people after suffering a cyberattack in December 2023 that was claimed by the Akira ransomware operation.
In early December, the Japanese automaker’s regional division covering distribution, marketing, sales, and services in Australia and New Zealand announced it was investigating a cyberattack on its systems.…
Since OpenAI’s release of ChatGPT in November 2022, the number of products using Generative AI has skyrocketed. Right now there are some 12,000 AI tools available promising to help with over 16,000 job tasks and we’re seeing this number grow at around 1,000 every month.
The growth of these tools is fast outpacing the capability of employers to control them.…
The US Department of Health and Human Services’ Office for Civil Rights (OCR) is launching an investigation to determine whether protected health information was compromised in the recent Change Healthcare data breach.
The incident occurred on February 21, when Change Healthcare’s claims and payment infrastructure was disrupted as result of a ransomware attack, impacting the ability of over 7,000 pharmacies and hospitals to process prescriptions.…
A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers.
SmartScreen is a Windows security feature that displays a warning when users attempt to run unrecognized or suspicious files downloaded from the internet. …
The U.S. Department of Health and Human Services is investigating whether protected health information was stolen in a ransomware attack that hit UnitedHealthcare Group (UHG) subsidiary Optum, which operates the Change Healthcare platform, in late February.
This investigation is coordinated by HHS’ Office for Civil Rights (OCR), which enforces the Health Insurance Portability and Accountability Act (HIPAA) rules that protect patients’ health information from being disclosed without their knowledge or consent.…
A possible ransomware attack at Nissan has exposed personal information belonging to around 100,000 people in Australia and New Zealand.
The Japanese vehicle manufacturer has a troubled history with cyberattacks, dating back well over a decade. It has variously suffered a source code leak, a proof-of-concept exploit affecting its electric vehicles (EVs), and a data breach affecting more than 1 million customers.…
Mar 13, 2024The Hacker NewsApp Security / Cyber Security
One of the most common misconceptions in file upload cybersecurity is that certain tools are “enough” on their own—this is simply not the case. In our latest whitepaper OPSWAT CEO and Founder, Benny Czarny, takes a comprehensive look at what it takes to prevent malware threats in today’s ever-evolving file upload security landscape, and a big part of that is understanding where the pitfalls are, and how to avoid them.…
Healthcare has long been a primary target for ransomware attacks. This is not changing and is not likely to change. Claroty/Team82’s State of CPS Security – Healthcare 2023 discusses the reasons.
Healthcare comprises a critical industry combining a large-scale use of converged IT and OT with a huge quantity of disparate OT devices dependent on IT control delivered over WiFi – and a very low tolerance for disruption.…
Aaron Bushnell, a hacking collective, has purportedly infiltrated NATO’s military infrastructure, citing solidarity with Palestinians. According to their claims, the group has exfiltrated a substantial cache of data, totaling over 5GB, which includes approximately 4000 sensitive documents. These documents reportedly contain intricate military maps, detailed personnel information concerning NATO employees and service members, as well as undisclosed contracts and agreements.…
Anonymous Sudan purportedly orchestrated a substantial cyber-assault targeting critical infrastructure within the State of Alabama, United States, impacting entities including the Alabama Law Enforcement Agency, the State of Alabama Office of Information Technology, and the Alabama Supercomputer Authority.
Alabama Law Enforcement Agency (ALEA): Established in 2015 through the merger of 12 state law enforcement agencies, ALEA serves as the coordinating body for public safety in Alabama, operating within the state’s Executive Branch.…
Stanford University has started notifying 27,000 individuals that their personal information was stolen in a ransomware attack on its Department of Public Safety (DPS).
The incident was discovered on September 27, 2023, but the attackers had access to the Stanford DPS network beginning May 12. The hackers were evicted from the environment and the network was secured shortly after the attack was discovered, the university says.…