Daily Cyber Brief
State-backed hackers used CovalentStealer and Impacket in defense hack, BlackByte is employing a new technique to disable security, and Iranian hackers are hitting targets with new RatMilad spyware...
Cybersecurity
Zimperium is warning of an Iranian hacking group using a new piece of Android spyware in a broad campaign that has also targeted enterprise users. Dubbed RatMilad, the threat can perform a variety of malicious actions once installed on a victim’s device, including…
Colombia’s National Food and Drug Surveillance Institute (INVIMA) said it is dealing with a cyberattack that has disrupted operations at the agency. The organization said in a statement on Monday it has disabled its website, as well as connections to its servers while it…
The U.S. Government today released an alert about state-backed hackers using a custom CovalentStealer malware and the Impacket framework to steal sensitive data from a U.S. organization in the Defense Industrial Base (DIB) sector. The compromise lasted for about…
Insurance giant Lloyd’s of London said on Wednesday that it is investigating a possible cyberattack. A spokesperson for the commercial insurance market told The Record that cybersecurity experts at the company “detected unusual activity on its network.”…
It's only after a user clicks a malicious link, downloads the malware, and then launches it that NullMixer is deployed. But once the dropper infects a victim's system, it deploys a whole bunch of bad malware, from spyware to Trojans. The multihyphenated malware threat lurks…
The City of Tucson, Arizona, has disclosed a data breach affecting the personal information of more than 125,000 individuals. As revealed in a notice of data breach sent to affected people, an attacker breached the city's network and exfiltrated an undisclosed number of files…
One of the largest nonprofit health care systems in the U.S. is dealing with a wide-ranging IT security issue forcing it to shut off systems at some facilities. CommonSpirit Health – which has more than 1,000 care sites and 140 hospitals in 21 states – said on Monday that it is…
The BlackByte ransomware gang is using a new technique that researchers are calling "Bring Your Own Driver," which enables bypassing protections by disabling more than 1,000 drivers used by various security solutions. Recent attacks attributed to this group involved a version…
A mysterious outage impacting Chase Bank's virtual current accounts has left UK users struggling to access their account balances or sign up for a new one. For UK customers, Chase's "Current Account" is a mobile app-only offering without physical branches or online…
Security researchers have found a new piece of malware targeting Microsoft SQL servers. Named Maggie, the backdoor has already infected hundreds of machines all over the world. Maggie is controlled through SQL queries that instruct it to run commands and interact with…