Daily Cyber Brief

Poland and Ukraine team up against Russian cyberattacks, Iran is downloading email inboxes for espionage, and the Donut Leaks gang is linked to recent ransomware attacks...

Cybersecurity

Whistleblower accuses Twitter of cybersecurity negligence

A former head of security at Twitter alleged that the company misled regulators about its poor cybersecurity defenses and its negligence in attempting to root out fake accounts that spread disinformation, according to a whistleblower complaint filed with U.S. officials…

French hospital hit by $10M ransomware attack, sends patients elsewhere

The Center Hospitalier Sud Francilien (CHSF), a 1000-bed hospital located 28km from the center of Paris, suffered a cyberattack on Sunday, which has resulted in the medical center referring patients to other establishments and postponing appointments for surgeries…

New 'Donut Leaks' extortion gang linked to recent ransomware attacks

A new data extortion group named 'Donut Leaks' is linked to recent cyberattacks, including those on Greek natural gas company DESFA, UK architectural firm Sheppard Robson, and multinational construction company Sando. Two victims disclosed these attacks without…

An inside look into states’ efforts to ban gov’t ransomware payments

North Carolina and Florida broke new ground earlier this year when both states banned government entities from paying ransoms connected to ransomware attacks. But lawmakers across the U.S. are having trouble replicating that legislative success as experts decry the bans…

XCSSET Malware Updates with Python 3 to Target macOS Monterey Users

The operators of the XCSSET macOS malware have upped the stakes by making iterative improvements that add support for macOS Monterey by upgrading its source code components to Python 3. "The malware authors have changed from hiding the primary executable in a…

Google says Iranian group using tool to download Gmail, Yahoo!, Outlook inboxes

An alleged government-backed hacking group from Iran is being accused of using a novel tool to download Gmail, Yahoo!, and Microsoft Outlook inboxes. Google Threat Analysis Group’s Ajax Bash said in a blog on Tuesday that in December, the company found a tool called…

The Rise of Data Exfiltration and Why It Is a Greater Risk Than Ransomware

Ransomware is the de facto threat organizations have faced over the past few years. Threat actors were making easy money by exploiting the high valuation of cryptocurrencies and their victims' lack of adequate preparation. Think about bad security policies…

Ukraine and Poland agree to jointly counter Russian cyberattacks

Ukraine and Poland signed an agreement on Monday to strengthen cybersecurity collaboration as officials warn of potential cyberattacks from Kremlin-linked hackers. The countries decided to jointly fight cybercrime and share their experience in combating cyber…

Air-Gap Attack Exploits Gyroscope Ultrasonic Covert Channel to Leak Data

A new data exfiltration technique has been discovered, which uses a covert ultrasonic channel to leak sensitive information from air-gapped computers to a nearby smartphone device. The adversarial model is called “Gairoscope” and was designed by Dr. Mordechai Guri, head of…

Daily Cyber Brief

Poland and Ukraine team up against Russian cyberattacks, Iran is downloading email inboxes for espionage, and the Donut Leaks gang is linked to recent ransomware attacks...

Cybersecurity

Join the conversation

Overt Operator