Daily Cyber Brief
Bandai Namco was hit by BlackCat ransomware, hackers stole $540M from Axie Infinity, and GitHub Actions and Azure VMs are being leveraged for cryptocurrency mining...
Cybersecurity
Lithuania's state-owned energy group Ignitis said it was hit by "the biggest cyber attack in a decade" on Saturday. Ignitis said it had experienced DDoS attacks, affecting the operation of its websites and digital services. However, the attacks were taken under control by noon the…
Bandai Namco, the Japanese publisher behind the Ace Combat, Dragon Ball Z, and Dark Souls games, appears to be the latest major gaming company to suffer a major hack. The ransomware group BlackCat added the Elden Ring publisher to its list of victims earlier today…
Two ransomware gangs and a data extortion group have adopted a new strategy to force victim companies to pay threat actors to not leak stolen data. The new tactic consists in adding a search function on the leak site to make it easier to find victims or even specific…
Twice in the past month KrebsOnSecurity has heard from readers who had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn’t theirs. In both cases the readers used password managers to select strong, unique passwords…
A recent wave of social media phishing schemes doubles down on aggressive scare tactics with phony account-abuse accusations to coerce victims into handing over their login details. Last week alone, Malwarebytes Labs uncovered two phishing scams, targeting Twitter and Discord…
Microsoft said its decision to roll back a popular change that blocked Visual Basic for Applications (VBA) macros by default in a variety of Office apps will be “temporary.” The company faced significant backlash since it announced on Friday that it would be restoring…
GitHub Actions and Azure virtual machines (VMs) are being leveraged for cloud-based cryptocurrency mining, indicating sustained attempts on the part of malicious actors to target cloud resources for illicit purposes. "Attackers can abuse the runners or servers provided by…
French telecoms operator La Poste Mobile has alerted customers that their data may have been compromised in a ransomware attack that targeted the company’s administrative and management systems on July 4. The attack, believed to have been carried out by the LockBit…
The $540 million hack of Axie Infinity's Ronin Bridge in late March 2022 was the consequence of one of its former employees getting tricked by a fraudulent job offer on LinkedIn, it has emerged. According to a report from The Block published last week citing…
Montana-based Associated Eye Care Partners (AEC) has started informing patients that their personal data might have been compromised during an old ransomware attack targeting Netgain. In November 2020, Netgain, a provider of managed IT services to several industries…