News

The details emerged via a tender document published on a government website, seemingly by accident. The document stated that cyber-security firm BAE Systems Applied Intelligence was called on for "urgent support". It is thought that anonymous hackers made their way inside the FCDO systems but were detected. It is believed that no sensitive or highly classified data was breached. It is unclear when the incident took place but the contract finished on 12 of January...

According to Russian media, 6 men have been arrested at the request of the Ministry of Internal Affairs of the Russian Federation. The men are suspected of stealing and selling credit cards online. "The Tverskoy Court of Moscow received petitions from the investigation to select a measure of restraint in the form of detention against six people suspected of committing a crime under part 2 of article 187 of the Criminal Code of the Russian...

Qbot, also known as Qakbot or QuakBot, has recently returned to lightning speed attacks, with analysts reporting that it only takes 30 minutes from infection to steal emails and credentials. A new report by DFIR suggests that Qbot was carrying out data-snatching operations in October 2021. It is now believed that the threat actors behind it have returned to similar tactics. Analysts report that it takes half an hour for hackers to steal browser data...

The Washington State Department of Licensing (DOL) has closed down their Professional Online Licensing and Regulatory Information System (POLARIS) as a precaution against suspicious activity.  The system stores information regarding license holders and applicant. The information varies but may include Social Security numbers, dates of birth, drivers licence numbers and a range of other personally identifying information (PII). In a statement posted to its website, the DOL announced the detection of suspect activity involving professional and...

DPD Groups' package tracking system has potentially been exploited to access the personally identifiable details of its clients. DPD Group, a parcel delivery service with a global presence that ships around two billion parcels annually worldwide requires customers to track their parcels by entering a parcel code and a post code. Pen Test Partners researchers explored the system, finding that they could try out parcel codes on API calls and retrieve OpenStreetMap addresses with the...

The most consistent data point in the IBM i Marketplace Survey Results over recent years has been the ever-present cybersecurity threat. This year is no exception. The study shows that 62% of organisations consider cybersecurity a number one concern as they plan their IT infrastructure. 22% cite regulations and compliance in their top five. While companies that prioritise security seem to be implementing multiple solutions, it’s still alarming that nearly half of them do not plan to...

The BlackCat ransomware operation, also known as ALPHV has confirmed their former involvement in the notorious BlackMatter/Darkside ransomware operations. BlackCat/ALPHV, launched in November 2021, is a new feature-rich ransomware operation developed, somewhat unusually, in the Rust programming language. The ransomware executable is highly customizable, with different encryption methods and options allowing for attacks on a wide range of corporate environments. The gang calls themselves ALPHV, but security researcher MalwareHunterTeam dubbed the ransomware "BlackCat" after the...

Morley Companies has announced that it was hit with a ransomware attack last year that resulted in the sensitive information of more than 500,000 people being leaked. The organisation provides business services to dozens of Fortune 500 companies. In a press release, the company said the ransomware attack began on August 1 and made their data "unavailable." The company has avoided requests for comment, not explaining why it has waited until now to notify the 521,046...

Hackers stole $4.4 million from the blockchain infrastructure company Meter in a cyberattack on Saturday. The company manages infrastructure allowing smart contracts to scale and travel through heterogonous blockchain networks. Both Meter and Moonriver networks were affected. The company said it manages an infrastructure that allows smart contracts to scale and travel through heterogeneous blockchain networks. The Meter network as well as the Moonriver network were affected by the hack. Blockchain research company PeckShield confirmed that 1391 ETH...

While vulnerability disclosures increased 21% in the second half of 2021 and increasingly sophisticated criminal attacks made regular news, organizations are fighting back with targeted remediation efforts A new OT/IoT security trends report from Nozomi Networks Labs finds cyber threats have becoming a never-ending reality for critical business operations. In a review of the threat landscape covering the second half of 2021, Nozomi Networks Labs found that while ransomware and Ransomware as a Service (RaaS)...