The Ukrainian Cyber Police dismantled yet another large-scale bot farm spreading Russian propaganda over social media. Cyber police seized nearly 150,000 SIM cards of different mobile operators used in the campaign to create fake social media profiles.
The Russian Turla hacker group has targeted the Ukrainian defense sector and other Eastern European entities with a novel backdoor, dubbed DeliveryCheck, to deploy secondary payloads likely used for espionage, according to security researchers at Microsoft.
The U.S. government has added two more commercial spyware vendors - Cytrox and Intellexa - to its list of organizations that face restrictions if they attempt to procure American goods or services, owing to the firms' "threatening the privacy and security of individuals and organizations worldwide."
President Xi Jinping directed state agencies to strengthen the government’s control over the internet and information technology sector, potentially discouraging investment in the country. Among the obstacles is a new Counter-Espionage Law focused on investigating foreign companies.
Suspected Chinese hackers gained access to senior U.S. officials' emails by exploiting a zero-day vulnerability in Microsoft's cloud environment. While Microsoft said customers couldn't have prevented the attack, the U.S. government says logging was key to spotting it.
Belarus state-linked hackers are targeting government and military entities in both Ukraine and Poland with spear-phishing campaigns that deliver remote access Trojans. Ukrainian authorities say the adversary is focusing on information stealing and remote control of targeted systems.
Researchers are warning of an uptick in attacks using a series of malicious Microsoft Office documents designed to drop LokiBot, an information stealer capable of sweeping up credentials. LokiBot has been active since 2015 and specializes in information stealing through malicious email attachments.
Russian hacking group Armageddon has upgraded its skills to simultaneously target several thousand Ukrainian government information systems. CERT-UA said the hackers infected Microsoft Office Word to generate 80 to 120 malicious documents within a compromised system to multiply the infection.
Rockwell Automation teamed-up with CISA to find two critical flaws that require immediate attention, citing a novel exploit capability attributed to advanced persistent threat actors known for targeting industrial systems and critical infrastructure.
Russia is mulling a ban on iPhone use by government employees after a suspected American intelligence campaign exploited vulnerabilities in the device to spy on Russian staff. The ban is the latest in a slew of similar measures taken by Moscow against Western tech devices.
Security experts say China-based hackers are "leading their peers in the deployment of zero-days" in the wake of another wide-ranging attack that abused a flaw in Microsoft Outlook and used forged authentication tokens to access email accounts of governments in the United States and Western Europe.
TikTok executives were unable to answer Liberal senator and chair of the committee James Paterson when he questioned them on how many times Australian user data had been accessed by TikTok staff in China, but the executives admitted it had happened.
Diplomats in Ukraine shopping for used cars have been targeted with a listing for a "very good condition, low-fuel consumption" 2011 BMW 5 Series. In reality, the listing was designed to push Russian-built malware onto diplomats' systems, security researchers warned.
Microsoft released the largest set of patches of the year - software updates for 132 vulnerabilities, including six zero-days. Microsoft rated nine of the flaws as having critical severity, 121 as being important and eight as being linked to critical remote code execution vulnerabilities.
The threat actor behind the remote access Trojan called RomCom and other pro-Russian groups are targeting Ukrainian agencies and allies ahead of the NATO Summit this week in Vilnius, Lithuania, using weaponized Microsoft documents and typosquatting techniques to deliver the malware.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.