Cybersecurity

Russian diplomat warns against global ‘cyber confrontation’

Vassily Nebenzia, a Russian representative to the United Nations (U.N.), accused Western democracies of being one-sided and influencing the public to think negatively about his country, calling it a “Russophobic information campaign,” according to Business Insider…

Hacked Xinjiang police files show mugshots, abuse in China’s Uyghur camps

Tens of thousands of seemingly hacked files from China’s remote Xinjiang region provide fresh evidence of the abuse of mostly Muslim ethnic Uyghurs in mass detention camps there, which included a shoot-to-kill policy for escapees, according to a report from a rights group…

US, Australia, India and Japan announce cybersecurity initiatives on software, supply chains

The United States and three allies announced a partnership on Tuesday that will see the countries work together on several cybersecurity initiatives centered around fortifying software, supply chains and user data. U.S. President Joe Biden is currently making his first…

Hackers target Russian govt with fake Windows updates pushing RATs

Hackers are targeting Russian government agencies with phishing emails that pretend to be Windows security updates and other lures to install remote access malware. The attacks are being conducted by a previously undetected APT (advanced persistent threat) group believed…

Popular PyPI Package 'ctx' and PHP Library 'phpass' Hijacked to Steal AWS Keys

Two trojanized Python and PHP packages have been uncovered in what's yet another instance of a software supply chain attack targeting the open source ecosystem. One of the packages in question is "ctx," a Python module available in the PyPi repository…

'There's No Ceiling': Ransomware's Alarming Growth Signals a New Era, Verizon DBIR Finds

The past year has seen a staggering acceleration in ransomware incidents, with 25% of all breaches containing a ransomware component. That's the top-line finding in the 2022 Verizon Data Breach Investigations Report (DBIR), which found that ransomware events in…

Microsoft: Credit card stealers are getting much stealthier

Microsoft's security researchers have observed a worrying trend in credit card skimming, where threat actors employ more advanced techniques to hide their malicious info-stealing code. Skimming gangs obfuscate their code snippets, inject them into image files, and masquerade…

New Chaos Ransomware Builder Variant "Yashma" Discovered in the Wild

Cybersecurity researchers have disclosed details of the latest version of the Chaos ransomware line, dubbed Yashma. "Though Chaos ransomware builder has only been in the wild for a year, Yashma claims to be the sixth version (v6.0) of this malware," BlackBerry research…

Microsoft Warns of Web Skimmers Mimicking Google Analytics and Meta Pixel Code

Threat actors behind web skimming campaigns are leveraging malicious JavaScript code that mimics Google Analytics and Meta Pixel scripts in an attempt to sidestep detection. "It's a shift from earlier tactics where attackers conspicuously injected malicious scripts into…

Hackers can pre-hack your online accounts before you've even registered

Thanks to a few features that weren’t well thought-through, cybercriminals can break into online accounts on some of the internet’s biggest platforms, without ever knowing the passwords. All they need to know, according to researchers investigating the matter…