Cybersecurity

Russia fines Google for spreading ‘unreliable’ info defaming its army

Roskomnadzor, Russia's telecommunications watchdog, has fined Google 68 million rubles (roughly $1.2 million) for helping spread what it called "unreliable" information on the war in Ukraine and the failure to remove it from its platforms. The Russian telecommunications…

Hacker selling access to 50 vulnerable networks through Atlassian vulnerability

A hacker is selling access to 50 vulnerable networks on a cybercriminal forum after breaking into systems through the recently-discovered Atlassian Confluence zero-day. The Rapid7 Threat Intelligence team told The Record that it found an access broker on the…

LGBTQ+ community warned of extortionists abusing dating apps

The U.S. Federal Trade Commission (FTC) has warned this week of extortion scammers targeting the LGBTQ+ community by abusing online dating apps like Grindr and Feeld. According to the FTC, the criminals pose as potential romantic partners on LGBTQ+ dating…

FBI investigating $100 million theft from blockchain company Harmony

Blockchain company Harmony said $100 million in cryptocurrency was stolen from the platform on Thursday evening. The company said the FBI is now investigating the theft alongside several cybersecurity firms. A cross-chain bridge – also known as a blockchain…

Hackers Exploit Mitel VoIP Zero-Day in Likely Ransomware Attack

A suspected ransomware intrusion attempt against an unnamed target leveraged a Mitel VoIP appliance as an entry point to achieve remote code execution and gain initial access to the environment. The findings come from cybersecurity firm CrowdStrike, which traced the…

Euro Police Target Gangs Grooming Ukrainian Refugees Online

European police are trawling online platforms for evidence of human trafficking after warning that crime groups are grooming Ukrainian refugees via websites and social media. Coordinated by Dutch police, the EMPACT joint action day saw law enforcers from 14 EU…

Fake copyright infringement emails install LockBit ransomware

LockBit ransomware affiliates are using an interesting trick to get people into infecting their devices by disguising their malware as copyright claims. The recipients of these emails are warned about a copyright violation, allegedly having used media files without the creator's…

State-Backed Hackers Using Ransomware as a Decoy for Cyber Espionage Attacks

A China-based advanced persistent threat (APT) group is possibly deploying short-lived ransomware families as a decoy to cover up the true operational and tactical objectives behind its campaigns. The activity cluster, attributed to a hacking group dubbed Bronze…

House panel approves major cash infusion for CISA

House appropriators on Friday voted in favor of a $2.9 billion budget for the Cybersecurity and Infrastructure Security Agency (CISA). The House Appropriations Committee approved its homeland security funding bill, 32-25. The amount allocated for CISA is $417 million…

Multiple Backdoored Python Libraries Caught Stealing AWS Secrets and Keys

Researchers have discovered a number of malicious Python packages in the official third-party software repository that are engineered to exfiltrate AWS credentials and environment variables to a publicly exposed endpoint. The list of packages includes loglib-modules…