Ransomware-wielding attackers have been in the limelight lately - not just for hitting Acer, Dassault Falcon and celebrity law firms but also for granting tell-all interviews that describe their tactics and motivations.
A Russian national who co-founded the Infraud Organization's online cybercrime forum, which trafficked in stolen payment card data and was tied to more than $560 million in fraud losses, has been sentenced to serve 10 years in prison.
Swiss cybersecurity firm Prodaft says it has accessed several servers used by an advanced persistent threat group tied to the SolarWinds supply chain attack. These attackers continue to target large corporations and public institutions worldwide, with a focus on the U.S. and the European Union, the researchers say.
Acer, one of the world's largest PC and device makers, has been targeted by the ransomware gang REvil, aka Sodinokibi, according to news reports. The Taiwanese company has not confirmed it has been attacked, but data has been posted to the gang's darknet site.
Attackers are exploiting a critical remote code vulnerability in F5 Networks' BIG-IP server network traffic security management platform, for which the company released patches on March 10. The vulnerability is considered highly critical.
There has been a spike in web shells being detected as ransomware gangs and other attackers increasingly target vulnerable on-premises Microsoft Exchange servers following publication of proof-of-concept attack code for ProxyLogon, which is one of four zero-day flaws patched by Microsoft in early March.
Four editors at Information Security Media Group - Tom Field, Anna Delaney, Mathew Schwartz and Tony Morbin - review this week’s most important cybersecurity developments, from nation-state threats and supply chain risk, to combating ransomware and adopting a zero trust strategy.
Prevent attackers from getting a step ahead - watch on your own time this on-demand webinar where you’ll learn from the team that discovered the Golden SAML attack vector back in 2017 – an innovative technique now seen used for the first time in the SolarWinds attack.
A Swiss national who recently highlighted flaws in Verkada surveillance cameras has been charged with criminal hacking by a U.S. federal grand jury and accused of illegally accessing and leaking data from numerous organizations, apparently including Intel, Nissan and the U.S. National Reconnaissance Office.
A Russian national who conspired to extort millions from electric car manufacturer Tesla by trying to plant malware in the company's network has pleaded guilty to a single federal conspiracy charge, according to the U.S. Justice Department. The FBI thwarted the plot before it could be carried out.
Hackers used Trojanized Xcode projects to install backdoors on developers' devices as part of a supply chain attack, according to security firm Sentinel Labs. Xcode is Apple's integrated development environment for macOS.
This edition of the ISMG Security Report features an analysis of the Microsoft Exchange on-premises server hacks – from who might have leaked the vulnerability exploits to how ransomware gangs are taking advantage of the flaws. Also featured: Tackling the cybercrime business model; assessing "zero trust."
Criminals have been targeting customers of British electric vehicle charging infrastructure provider BP Pulse with malicious emails that appear to have been sent from legitimate accounts and domains tied to BP Chargemaster, which is what the service was previously called.
A hacking group used a fake Huawei careers website to lure telecommunications workers and infect the job seekers' devices with malware that could steal information, says McAfee's Advanced Threat Research Strategic Intelligence team.
A malvertising campaign that purports to offer Telegram's desktop app for Windows is persisting. A security researcher based in Switzerland, who nearly fell for the ruse, takes a deep dive into the campaign.