Cybersecurity

Germany orders an arrest of GRU hacker over attack on NATO

Nikolaj Kozachek, affiliated with Russia's state intelligence, is accused of penetrating the systems of a NATO think tank in Germany. German authorities accused Kozachek, an officer in Russia's Main Intelligence Directorate of the General Staff (GRU), of hacking into…

New ToddyCat Hacker Group on Experts' Radar After Targeting MS Exchange Servers

An advanced persistent threat (APT) actor codenamed ToddyCat has been linked to a string of attacks aimed at high-profile entities in Europe and Asia since at least December 2020. The relatively new adversarial collective is said to have commenced its operations by…

$2 million in one haul: CS:GO hacker allegedly steals from ‘most expensive inventory’ of all time

A hacker allegedly stole more than $2 million in CS:GO skins and items from skin collector ohnePixel’s inventory, which he claims is the “most expensive” of all time. Ohnepixel said his inventory contained seven souvenir AWP Dragon Lore, which is one of the most expensive…

Yodel parcel company confirms cyberattack is disrupting delivery

Services for the U.K.-based Yodel delivery service company have been disrupted due to a cyberattack that caused delays in parcel distribution and tracking orders online. The company has not published any details about the incident, such as when it occurred or its nature but…

56 Vulnerabilities Discovered in OT Products From 10 Different Vendors

A new analysis of data from multiple sources has uncovered a total of 56 vulnerabilities in OT products from 10 vendors, including notable ones such as Honeywell, Siemens, and Emerson. Many of the vulnerabilities are the result of device vendors not including basic security…

Russian govt hackers hit Ukraine with Cobalt Strike, CredoMap malware

The Ukrainian Computer Emergency Response Team (CERT) is warning that Russian hacking groups are exploiting the Follina code execution vulnerability in new phishing campaigns to install the CredoMap malware and Cobalt Strike beacons. The APT28 hacking group is…

Voicemail Scam Steals Microsoft Credentials

Attackers are targeting a number of key vertical markets in the U.S. with the active campaign, which impersonates the organization and Microsoft to lift Office365 and Outlook log-in details. Attackers are using an oft-used and still effective lure to steal credentials to key…

Microsoft 365, Cloudflare say service restored after outages

Microsoft said a day-long service outage affecting the Exchange Online service has ended following hours of complaints from users about connection issues. On Monday evening, Microsoft explained that it was investigating problems with the service after users said they…

Kazakh Govt. Used Spyware Against Protesters

Researchers have discovered that a Kazakhstan government entity deployed sophisticated Italian spyware within its borders. An agent of the Kazakhstan government has been using enterprise-grade spyware against domestic targets, according to Lookout research published…

Former Amazon Employee Found Guilty in 2019 Capital One Data Breach

A 36-year-old former Amazon employee was convicted of wire fraud and computer intrusions in the U.S. for her role in the theft of personal data of no fewer than 100 million people in the 2019 Capital One breach. Paige Thompson, who operated under the online alias "erratic"…