Researchers Link CryptoCore Attacks On Cryptocurrency Exchanges to North Korea

Researchers Link CryptoCore Attacks On Cryptocurrency Exchanges to North Korea

State-sponsored hackers affiliated with North Korea have been behind a slew of attacks on cryptocurrency exchanges over the past three years, new evidence has revealed. Attributing the attack with “medium-high” likelihood to the Lazarus Group (aka APT38 or Hidden Cobra), researchers from Israeli cybersecurity firm ClearSky said the campaign, dubbed “CryptoCore,” targeted crypto exchanges in…

StrRAT Masquerades as Ransomware – InfoRiskToday

StrRAT Masquerades as Ransomware – InfoRiskToday

Cybercrime , Fraud Management & Cybercrime , Social Engineering Microsoft Says Spam Campaign Uses Updated Variant Prajeet Nair (@prajeetspeaks) • May 24, 2021     If the “Outgoing Payments” PDF is clicked, it downloads the StrRAT. (Source: Microsoft) Microsoft is warning about a spam campaign that uses an updated variant of Java-based StrRAT malware that…

US insurer paid $40 million ransom after March cyber attack: report

US insurer paid $40 million ransom after March cyber attack: report

One of the largest insurance companies in the U.S. reportedly paid $40 million in ransom in March to regain control of its network following a ransomware attack. CNA Financial Corp. reportedly paid the hackers two weeks after a heap of company data was stolen, and employees of the company were locked out of their network, Bloomberg reported…

Опасная червеподобная уязвимость Windows затрагивает и WinRM-серверы

Опасная червеподобная уязвимость Windows затрагивает и WinRM-серверы

Поступили новые сведения об уязвимости CVE-2021-31166, обнаруженной в системном драйвере Windows — HTTP.sys. Напомним, что с помощью бреши не прошедший аутентификацию злоумышленник может отправить специально созданные пакеты, эксплуатирующие дыру. По словам исследователя Джима Девриза, опасная….

TPG Telecom Reveales Compromise Of TrustedCloud Platform

TPG Telecom Reveales Compromise Of TrustedCloud Platform

TPG Telecom Limited has disclosed that its legacy cloud-based hosting service, TrustedCloud, was affected in a recent cyberattack, with two clients found to have their data accessed. Only two TPG clients had their data stolen during the April cyberattack, which the enterprise observed on the same day, forcing it to take TrustedCloud offline while the…

OODA Loop – FBI identifies 16 Conti ransomware attacks striking US healthcare, first responders

OODA Loop – FBI identifies 16 Conti ransomware attacks striking US healthcare, first responders

The Federal Bureau of Investigation (FBI) has identified at least 16 attacks linked to the Conti ransomware group. The agency stated that the attacks target healthcare and first responder organizations, aiming to disrupt their operations and networks. Targets include 911 dispatch carriers, law enforcement agencies, and emergency medical services. These entities have been attacked over…

Cyber gang behind Irish health system attack also hit more than a dozen US healthcare organisations

Cyber gang behind Irish health system attack also hit more than a dozen US healthcare organisations

Cyber gang behind Irish health system attack also hit more than a dozen US healthcare organisations The Federal Bureau of Investigation (FBI) said on Thursday that the Conti ransomware operatives who recently took down Irish health system have also hit the networks of at least 16 US healthcare and first response organisations in the past…

Details Disclosed On Critical Flaws Affecting Nagios IT Monitoring Software

Details Disclosed On Critical Flaws Affecting Nagios IT Monitoring Software

Cybersecurity researchers disclosed details about 13 vulnerabilities in the Nagios network monitoring application that could be abused by an adversary to hijack the infrastructure without any operator intervention. “In a telco setting, where a telco is monitoring thousands of sites, if a customer site is fully compromised, an attacker can use the vulnerabilities to compromise…

FBI Says Conti Ransomware Gang Has Hit 16 US Health and Emergency Networks

FBI Says Conti Ransomware Gang Has Hit 16 US Health and Emergency Networks

The Federal Bureau of Investigation said that the same group of online extortionists blamed for striking the Irish health system last week have also hit at least 16 U.S. medical and first response networks in the past year. From a report: In an alert made public Thursday by the American Hospital Association, the FBI said…

TPG discloses compromise of TrustedCloud platform – Cloud – Security

TPG discloses compromise of TrustedCloud platform – Cloud – Security

TPG Telecom said that a legacy IT-as-a-service platform that was due to be decommissioned in August was breached by unknown attackers. The telco said in a financial filing [pdf] that the TrustedCloud service “was compromised in a recent cyber incident”. TrustedCloud was acquired in TPG’s 2011 buyout of on-demand services provider IntraPower. It provides IT-as-a-service “built on…