Daily Cyber Brief

Chinese hackers are targeting Russian telecoms and government, the TrickBot group is pivoting to attacking Ukraine, and Disneyland is investigating compromised social media accounts...

Cybersecurity

Disneyland investigating compromised Facebook and Instagram accounts

Disneyland officials are investigating an incident that occurred on Thursday morning in which the Facebook and Instagram accounts of the theme park were hacked and used to send several offensive messages. “Disneyland Resort’s Facebook and Instagram accounts were…

Chinese hackers targeting Russian government, telecoms: report

Chinese hacking groups are targeting the Russian government and organizations in the telecommunications industry, according to a new report from cybersecurity company SentinelOne. The report found that there has been a noticeable increase in Russian targeting…

New stealthy OrBit malware steals data from Linux devices

A newly discovered Linux malware is being used to stealthily steal information from backdoored Linux systems and infect all running processes on the machine. Dubbed OrBit by Intezer Labs security researchers who first spotted it, this malware hijacks shared libraries to…

Arrested Russian hacker Pavel Sitnikov looks to start a new chapter

In December 2020, The Record published an interview between Recorded Future’s Dmitry Smilyanets and Russian hacker Pavel Sitnikov about ransomware, cybercrime, and his self-proclaimed connection with the notorious hacking group APT28, or Fancy Bear. Since then…

Fake copyright complaints push IcedID malware using Yandex Forms

Website owners are being targeted with fake copyright infringement complaints that utilize Yandex Forms to distribute the IcedID banking malware. For over a year, threat actors tracked as TA578 have been conducting these attacks where they use a website's contact page…

Over 1200 NPM Packages Found Involved in "CuteBoi" Cryptomining Campaign

Researchers have disclosed a new large-scale cryptocurrency mining campaign targeting the NPM JavaScript package repository. The malicious activity, attributed to a software supply chain threat actor dubbed CuteBoi, involves an array of 1,283 rogue modules that were…

Why the Trickbot ransomware gang pivoted to targeting Ukraine

The Trickbot group made a surprising pivot to attacking Ukraine during the Russian invasion, running at least six campaigns between mid-April and mid-June, according to a new report from IBM’s Security X-Force. The shift follows the takeover of Trickbot, which IBM tracks…

Microsoft rolls back decision to block Office macros by default

While Microsoft announced earlier this year that it would block VBA macros on downloaded documents by default, Redmond said on Thursday that it will roll back this change based on "feedback" until further notice. The company has also failed to explain the reason behind…

QNAP warns of new Checkmate ransomware targeting NAS devices

Network-attached storage (NAS) vendor QNAP warned customers to secure their devices against attacks using Checkmate ransomware to encrypt data. QNAP says the attacks are focused on Internet-exposed QNAP devices with the SMB service enabled and accounts…

Online programming IDEs can be used to launch remote cyberattacks

Security researchers are warning that hackers can abuse online programming learning platforms to remotely launch cyberattacks, steal data, and scan for vulnerable devices, simply by using a web browser. At least one such platform, known as DataCamp, allows threat…

Daily Cyber Brief

Chinese hackers are targeting Russian telecoms and government, the TrickBot group is pivoting to attacking Ukraine, and Disneyland is investigating compromised social media accounts...

Cybersecurity

Join the conversation

Overt Operator