Daily Cyber Brief
2 energy companies in Luxembourg are hit by a ransomware attack, NK APTs are deploying malicious extensions, and an Austrian investigation revealed spyware targeting legal and financial sectors...
Cybersecurity
A 24-year-old Australian national has been charged for his purported role in the creation and sale of spyware for use by domestic violence perpetrators and child sex offenders. Jacob Wayne John Keen, who currently resides at Frankston, Melbourne, is said to have created the…
Two companies based in Luxembourg are grappling with an alleged ransomware attack that began last week, the latest in a string of incidents involving European energy companies. Encevo Group said its Luxembourg entities Creos – an energy network operator – and the…
The Indonesian Ministry of Communication and Information Technology, Kominfo, is now blocking access to internet service and content providers who had not registered on the country's new licensing platform by July 27th, 2022, as the country begins to restrict access…
A ransomware attack on printing and mailing services provider OneTouchPoint is having several downstream effects on its customers, prompting it to release a data breach notice last week on behalf of 34 healthcare organizations. OneTouchPoint provides its services to…
Researchers have uncovered a list of 3,207 apps, some of which can be utilized to gain unauthorized access to Twitter accounts. The takeover is made possible, thanks to a leak of legitimate Consumer Key and Consumer Secret information, respectively, Singapore-based…
Bookmark synchronization has become a standard feature in modern browsers: It gives Internet users a way to ensure that the changes they make to bookmarks on a single device take effect simultaneously across all their devices. However, it turns out that this same…
Cybersecurity firm Volexity spotted new activity from a threat actor (TA) allegedly associated with North Korea and deploying malicious extensions on Chromium-based web browsers. A recent advisory from the security researchers dubbed this new TA SharpTongue, despite it…
A LockBit ransomware operator or affiliate has been abusing Windows Defender to decrypt and load Cobalt Strike payloads during attacks, according to endpoint security firm SentinelOne. In April, SentinelOne reported that, in an attack involving LockBit…
The operators of the Gootkit access-as-a-service (AaaS) malware have resurfaced with updated techniques to compromise unsuspecting victims. "In the past, Gootkit used freeware installers to mask malicious files; now it uses legal documents to trick users into downloading…
The Austrian government said on Friday it was investigating a company based within the nation’s territory for allegedly developing spyware targeting law firms, banks, and consultancies across at least three countries. The news comes days after Microsoft’s…