Cybersecurity

DOJ: Russian RSOCKS botnet disrupted in international operation

The Department of Justice announced Thursday that the U.S. and international law enforcement partners in the United Kingdom, Germany, and the Netherlands disrupted a major botnet operated by Russian cybercriminals that hijacked millions of computers, phones…

The Risk of Russian Cyber Retaliation for the United States Sending Rockets to Ukraine

For months President Biden and his administration have warned of possible Russian cyberattacks against American infrastructure. On March 21, Biden urged American business leaders to harden their companies’ cyber defenses immediately. He said Russian President…

Mixed results for Russia's aggressive Ukraine information war, experts say

A top Ukrainian cybersecurity official said this week that the Russian campaign to wrest control over internet and phone networks in occupied Ukraine continues to grow, even as Russian forces intensify their shelling of telecommunications infrastructure…

Google Chrome extensions can be fingerprinted to track you online

A researcher has created a website that uses your installed Google Chrome extensions to generate a fingerprint of your device that can be used to track you online. To track users on the web, it is possible to create fingerprints, or tracking hashes, based on various…

Atlassian Confluence Server Bug Under Active Attack to Distribute Ransomware

A recently disclosed critical remote code execution (RCE) vulnerability in Atlassian's Confluence Server collaboration platform is now under active attack, in a spate of attacks bent on deploying a variety of malware, including ransomware. Researchers from Sophos…

Over a Dozen Flaws Found in Siemens' Industrial Network Management System

Cybersecurity researchers have disclosed details about 15 security flaws in Siemens SINEC network management system (NMS), some of which could be chained by an attacker to achieve remote code execution on affected systems. "The vulnerabilities, if exploited…

Android-wiping BRATA malware is evolving into a persistent threat

The threat actor behind BRATA banking trojan has evolved their tactics and improved the malware with information-stealing capabilities. Italian mobile security company Cleafy has been tracking BRATA activity and noticed in the most recent campaigns changes that lead…

Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity

A sophisticated Chinese advanced persistent threat (APT) actor exploited a critical security vulnerability in Sophos' firewall product that came to light earlier this year to infiltrate an unnamed South Asian target as part of a highly-targeted attack. "The attacker implement[ed…

China-linked APT Flew Under Radar for Decade

Evidence suggests that a just-discovered APT has been active since 2013. Researchers have identified a small yet potent China-linked APT that has flown under the radar for nearly a decade running campaigns against government, education and telecommunication…

QNAP NAS devices targeted by surge of eCh0raix ransomware attacks

This week, ech0raix ransomware has started targeting vulnerable QNAP Network Attached Storage (NAS) devices again, according to user reports and sample submissions on the ID Ransomware platform. ech0raix (also known as QNAPCrypt) had hit QNAP customers in…