News

North Korean threat actors, known as the Lazarus group have been posting fake job listings to target the cryptocurrency vertical in the US, UK, Germany, Singapore and more. Lazarus hackers, also known as HIDDEN COBRA by the United States Intelligence Community and Zinc by Microsoft, have targeted cryptocurrency organisations in the past. The North Koreans are believed by UN Security Council Experts to be behind cryptocurrency heists that led to losses of $571 million between 2017...

Following a guilty plea on January 31, Netwalker ransomware gang affiliate Sebastien Vachon-Desjardin  was sentenced to seven years in prison for his involvement with the group by an Ontario court. Vachon-Desjardins reportedly pleaded guilty to give charges regarding "theft of computer data, extortion, the payment of cryptocurrency ransoms, and participating in the activities of a criminal organization." On top of his sentence, Vachon-Desjardins agreed to partial restitution, forfeiture of assets seized, and a DNA order....

The details emerged via a tender document published on a government website, seemingly by accident. The document stated that cyber-security firm BAE Systems Applied Intelligence was called on for "urgent support". It is thought that anonymous hackers made their way inside the FCDO systems but were detected. It is believed that no sensitive or highly classified data was breached. It is unclear when the incident took place but the contract finished on 12 of January...

According to Russian media, 6 men have been arrested at the request of the Ministry of Internal Affairs of the Russian Federation. The men are suspected of stealing and selling credit cards online. "The Tverskoy Court of Moscow received petitions from the investigation to select a measure of restraint in the form of detention against six people suspected of committing a crime under part 2 of article 187 of the Criminal Code of the Russian...

Qbot, also known as Qakbot or QuakBot, has recently returned to lightning speed attacks, with analysts reporting that it only takes 30 minutes from infection to steal emails and credentials. A new report by DFIR suggests that Qbot was carrying out data-snatching operations in October 2021. It is now believed that the threat actors behind it have returned to similar tactics. Analysts report that it takes half an hour for hackers to steal browser data...

The Washington State Department of Licensing (DOL) has closed down their Professional Online Licensing and Regulatory Information System (POLARIS) as a precaution against suspicious activity.  The system stores information regarding license holders and applicant. The information varies but may include Social Security numbers, dates of birth, drivers licence numbers and a range of other personally identifying information (PII). In a statement posted to its website, the DOL announced the detection of suspect activity involving professional and...

DPD Groups' package tracking system has potentially been exploited to access the personally identifiable details of its clients. DPD Group, a parcel delivery service with a global presence that ships around two billion parcels annually worldwide requires customers to track their parcels by entering a parcel code and a post code. Pen Test Partners researchers explored the system, finding that they could try out parcel codes on API calls and retrieve OpenStreetMap addresses with the...

The most consistent data point in the IBM i Marketplace Survey Results over recent years has been the ever-present cybersecurity threat. This year is no exception. The study shows that 62% of organisations consider cybersecurity a number one concern as they plan their IT infrastructure. 22% cite regulations and compliance in their top five. While companies that prioritise security seem to be implementing multiple solutions, it’s still alarming that nearly half of them do not plan to...

The BlackCat ransomware operation, also known as ALPHV has confirmed their former involvement in the notorious BlackMatter/Darkside ransomware operations. BlackCat/ALPHV, launched in November 2021, is a new feature-rich ransomware operation developed, somewhat unusually, in the Rust programming language. The ransomware executable is highly customizable, with different encryption methods and options allowing for attacks on a wide range of corporate environments. The gang calls themselves ALPHV, but security researcher MalwareHunterTeam dubbed the ransomware "BlackCat" after the...

Morley Companies has announced that it was hit with a ransomware attack last year that resulted in the sensitive information of more than 500,000 people being leaked. The organisation provides business services to dozens of Fortune 500 companies. In a press release, the company said the ransomware attack began on August 1 and made their data "unavailable." The company has avoided requests for comment, not explaining why it has waited until now to notify the 521,046...