Daily Cyber Brief
The NSA claims Chinese hackers are exploiting a flaw in a common networking device, two Swedish municipalities are hit by cyberattacks, and Cloud Atlas focuses its sights on Russian targets...
Cybersecurity
InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an…
The National Security Agency said on Tuesday that Chinese state-backed hackers are exploiting a flaw in a widely used networking device that allows an attacker to carry out remote code execution. In its advisory, the NSA said it believes a Chinese hacking crew…
An active malware campaign is targeting the Python Package Index (PyPI) and npm repositories for Python and JavaScript with typosquatted and fake modules that deploy a ransomware strain, marking the latest security issue to affect software supply chains…
A type of cryptomining malware targeting Linux-based systems has added capabilities by incorporating an open source remote access trojan called Chaos RAT with several advanced functions that bad guys can use to control remote operating systems. Trend Micro security…
A ‘crisis situation’ has been declared across the Swedish municipalities of Borgholm and Mörbylånga after a cyberattack was discovered late on Monday. An intrusion has been confirmed into the joint IT system used by the two municipalities, which together make up…
A critical security flaw has been disclosed in Amazon Elastic Container Registry (ECR) Public Gallery that could have been potentially exploited to stage a multitude of attacks, according to cloud security firm Lightspin. "By exploiting this vulnerability, a malicious actor could…
The cyber-espionage group Cloud Atlas has ramped up activities targeting Russia, Belarus and disputed parts of Ukraine and Moldova since Russia’s invasion this year, according to a new report. The group has been active since 2014, according to research published by…
A hospital in California’s Riverside County has reported a data breach to its patients including sensitive information like Social Security numbers and the details of medical care following an incident in the fall. According to the notice, beginning on October 29 an…
Uber, which has suffered a few data thefts in its time, is this week dealing with the fallout from yet another – this time from one of its technology suppliers. A cyber criminal calling themselves "UberLeaks" over the weekend leaked data pertaining to Uber workers on…
LockBit claims it was behind a cyber-attack on the California Department of Finance, bragging it stole data during the intrusion. The notorious ransomware gang boasted it exfiltrated 76GB from the state agency, which apparently included databases, confidential…