News

An unidentified hacker group has stolen more than $100million from Californian cryptocurrency firm Harmony. Last Thursday, the company made the announcement via Twitter. They said that they had identified a theft occurring on the Horizon bridge amounting to approximately $100m. The first Tweet reads, “we have begun working with national authorities and forensic specialists to identify the culprit and retrieve the stolen funds." Harmony published the cryptocurrency address of the malicious actor and reassured customers that...

The ransomware-as-a-service (RaaS) Black Basta has struck 50 victims in the U.S., Canada, the U.K., Australia, and New Zealand within two months of its emergence in the cybersecurity landscape. The speed at which it has accumulated victims in such a short time frame has made it a prominent new threat for the cybersecurity of governments and a range of different industries. "Black Basta has been observed targeting a range of industries, including manufacturing, construction, transportation,...

Police from South America and Europe have teamed up to take action against an organised crime group involved in human trafficking for sexual exploitation. Between the 20th and 23rd June, the police swooped on 14 locations, arrested 10 and interviewed eight victims. Among the items seized in the searches were vehicles, hard drives, electronic equipment, over 40 mobile phones, SIM cards, payment cards, and documents. Europol supported the French Border Police, the Portuguese Judicial Police,...

On Tuesday President Biden signed two pieces of legislation into law which were aimed at enhancing the cybersecurity capabilities of federal, state and local governments. The signing was preceded by an earlier law which increased the ability of the federal government to collect data about cyberattacks. These laws are a direct response to the marked increase in cybersecurity attacks following the Covid-19 pandemic and the rise in the digital marketplace as well as the infamous...

A "dangerous piece of functionality" has been discovered in Microsoft 365 suite that could be potentially abused by a malicious actor to ransom files stored on SharePoint and OneDrive and launch attacks on cloud infrastructure. The cloud ransomware attack allows file-encrypting malware to launch and "encrypt files stored on SharePoint and OneDrive in a way that makes them unrecoverable without dedicated backups or a decryption key from the attacker," according to a Proofpoint report. The...

Israeli cybersecurity company Check point said in a report that they had found a threat cluster, tied to the hacking group Tropic Trooper, which had been spotted using a previously undocumented malware coded in Nim language. Tropic Trooper, also known by the monikers Earth Centaur, KeyBoy, and Pirate Panda, has a track record of striking targets located in Taiwan, Hong Kong, and the Philippines, primarily focusing on government, healthcare, transportation, and high-tech industries. The novel malware, dubbed...

Cybersecurity officials from the Computer Emergency Response Team of Ukraine (CERT-UA) exposed two new hacking campaigns against targets there this week. One utilized a phony tax collection document purportedly sent by the national tax agency and the other using a malicious document that discussed the threat of nuclear attack from Russia. The officials warned that malicious Microsoft Word documents were being distributed by emails supposedly from the State Tax Service of Ukraine. Once opened, the...

Malwarebytes announced in a Tuesday analysis that two malware domains of the newly discovered Magecart skimming campaign, "scanalyticorg" and "js.staticounternet" , are part of a broader infrastructure used to carry out intrusions. The earliest evidence of the campaign's activity, based on the additional domains uncovered, suggests it dates back to at least May 2020. Jérôme Segura, director of Threat Intelligence at Crunchbase said: "We were able to connect these two domains with a previous campaign...

Researchers at SentinelLabs announced on June 9th that they had identified a small but potent APT (Advanced Persistent Threat) with links to the Chinese state. Researchers say one of the tactics and techniques of Aoqin Dragon include using pornographic themed malicious documents as bait to entice victims to download them. The APT, named Aoqin Dragon by researchers, has flown under the radar for nearly a decade by using evolving stealth tactics. In the first years...

Security researchers have discovered a new malicious spam campaign that delivers the 'Matanbuchus' malware to drop Cobalt Strike beacons on compromised machines. Cobalt Strike is a penetration testing suite that is frequently used by threat actors for lateral movement and to drop additional payloads. First spotted in February 2021 in advertisements on the dark web, Matanbuchus is a malware-as-a-service (MaaS) project that was promoted as a $2,500 loader that launches executables directly into system memory....