Cybersecurity researchers say a Chinese for-profit threat group tracked as 8220 Gang is targeting cloud providers and poorly secured applications with a custom-built crypto miner and IRC bot. The malware can slow system performance, drive up costs and expose systems to security risks.
Contractors for the Federal Aviation Administration who attempted to correct a database synchronization issue ended up causing an hourslong outage to a key flight safety system, says the agency. No evidence exists that hackers caused the Jan. 11 airspace snafu.
Researchers have linked Chinese advanced persistent threat group Playful Taurus, also known as Vixen Panda and Nickel, to a series of attacks against Iranian organizations between July and December 2022. The group recently updated its toolkit to include a new variant of the Turian backdoor.
The U.S. Department of Defense is looking for a few good hackers to penetrate a facilities network underpinning the Pentagon's basement, mezzanine, and the command and communications center used by the president and the secretary of defense. Defense has hosted white hat hacking sessions since 2016.
A maker of software used to manage shipping vessel operations says it has shut down its servers after detecting a ransomware attack. Norwegian classification society DNV, maker of ShipManager software, says onboard software functionally continues to operate.
Meta says it is taking legal action against scraping-for-hire service provider Voyager Labs for allegedly using fake accounts to copy accessible data about users when logged into Facebook, Instagram and other websites. The social media firms says it closed 60,000 fake accounts.
Trend Micro spotted operators of the Gootkit malware loader targeting the Australian healthcare sector. Trend Micro doesn't assert the Gootkit campaign is behind a ransomware attack against the country's largest private health insurer but says the "recent campaign might remind us of this incident."
Microsoft fixed an actively exploited zero-day vulnerability in 2023's first Patch Tuesday dump. The Redmond giant also issued fixes for 98 other vulnerabilities, including 11 classified as critical and 87 as important. The zero-day vulnerability could be used as part of a ransomware attack.
Researchers have found that Kinsing malware gained access to Kubernetes servers by exploiting misconfigured and exposed PostgreSQL servers. The threat actors gained access by exploiting weakly configured PostgreSQL containers and vulnerable container images.
Low-level hackers are probing the capacity of ChatGPT to generate scripts that could be used toward criminal ends, such as for stealing files or malicious encryption. One poster on a hacking forum described the process as writing pseudo-code. More sophisticated cases are likely a matter of time.
U.S. authorities in New York arrested a 24-year-old French national residing in the United Arab Emirates and charged him with defrauding buyers of Mutant Ape Planet NFTs, a type of digital asset, saying he defrauded investors out of more than $2.9 million.
Pennsylvania-based nonprofit Maternal and Family Health Services this week revealed a ransomware attack in April 2022 that compromised patient medical and financial data. Information accessed in the breach includes names, addresses and Social Security numbers.
Software vulnerabilities installed by luxury car manufacturers including Ferrari, BMW, Rolls Royce and Porsche that could allow remote attackers to control vehicles and steal owners' personal details have been fixed. Cybersecurity researchers uncovered the vulnerabilities while vacationing.
Rail and locomotive company Wabtec Corp. notified customers about a data breach that exposed some individuals' personal and sensitive information. Ransomware-as-a-service group LockBit posted the data on its leak site after the company refused to pay a $30 million ransom.
Poland is warning that Russian hackers have intensified activities in national cyberspace with the aim of "destabilization, intimidation and sowing chaos." Poland is a staging ground for military aid to Kyiv and a destination for more than 1.4 million refugees who fled Moscow's war of conquest.