Cybersecurity

Google: Chinese State Hackers Target Ukraine’s Government

Google's Threat Analysis Group (TAG) says the Chinese People's Liberation Army (PLA) and other Chinese intelligence agencies are trying to get more info on the ongoing Russian war in Ukraine. Google TAG Security Engineer Billy Leonard says Google notified Ukrainian…

FBI: Avoslocker Ransomware Targets US Critical Infrastructure

The Federal Bureau of Investigation (FBI) warns of AvosLocker ransomware being used in attacks targeting multiple US critical infrastructure sectors. This was disclosed in a joint cybersecurity advisory published this week in coordination with the US Treasury Department…

Oil and Gas Industry Scrutinized for Weak Cyber Defenses

As U.S. industries gear up for possible Russian cyberattacks amid the war in Ukraine, experts say the oil and gas industry is particularly vulnerable because it is not subject to government mandated cybersecurity standards and investments. Unlike the power sector, which has…

Western Digital App Bug Gives Elevated Privileges in Windows, macOS

Western Digital's EdgeRover desktop app for both Windows and Mac are vulnerable to local privilege escalation and sandboxing escape bugs that could allow the disclosure of sensitive information or denial of service (DoS) attacks. EdgeRover is a centralized…

New Phishing Toolkit Lets Anyone Create Fake Chrome Browser Windows

A phishing kit has been released that allows red teamers and wannabe cybercriminals to create effective single sign-on phishing login forms using fake Chrome browser windows. When signing into websites, it is common to see the option to sign with Google, Microsoft…

DarkHotel APT Targets Wynn, Macao Hotels to Rip Off Guest Data

A DarkHotel phishing campaign breached luxe hotel networks, including Wynn Palace and the Grand Coloane Resort in Macao, a new report says. An advanced persistent threat (APT) group has been targeting luxury hotels in Macao, China with a spear-phishing campaign…

Sandworm APT Hunts for ASUS Routers with Cyclops Blink Botnet

The Russian-speaking APT behind the NotPetya attacks and the Ukrainian power grid takedown could be setting up for additional sinister attacks, researchers said. The modular botnet known as Cyclops Blink, linked to the same advanced persistent threat (APT) behind…

Code-Sabotage Incident in Protest of Ukraine War Exposed Open Source Risks

The maintainer of a widely used open source module for Windows, Linux, and Mac environments recently sabotaged its functionality to protest the war in Ukraine and in the process focused attention once again on the potentially serious security issues tied to code…

Hackers Target Bank Networks with New Rootkit to Steal Money from ATM Machines

A financially motivated threat actor has been observed deploying a previously unknown rootkit targeting Oracle Solaris systems with the goal of compromising Automatic Teller Machine (ATM) switching networks and carrying out unauthorized cash withdrawals at…

Experts Find Some Affiliates of BlackMatter Now Spreading BlackCat Ransomware

An analysis of two ransomware attacks has identified overlaps in the tactics, techniques, and procedures (TTPs) between BlackCat and BlackMatter, indicating a strong connection between the two groups. While it's typical of ransomware groups to rebrand their operations…