Russian military intelligence hackers are using an 18 month-old vulnerability in the Windows print spooler utility to deploy a custom tool that elevates privileges and steals credentials. Microsoft says it's seen post-compromise activities against Ukrainian, European and North American governments.
The U.S. federal government instigated a full court press against four alleged Iranian state hackers, unsealing a multi-count criminal indictment, slapping the men with Treasury sanctions and offering a reward of up to $10 million for their capture.
State-sponsored hackers have responded to improved network scanning by shifting their focus to edge devices characterized by patchy endpoint detection and proprietary software that hinders forensic analysis, warns Mandiant. "Attackers are focusing more on evasion," it says in a report.
Ukraine's Computer Emergency Response Team is warning in an April report that a Russian hacking group known as UAC-0184 is using open-source malware to target Ukrainian soldiers on popular messaging apps such as Signal, as concerns grow over the Kremlin’s advanced hacking capabilities.
A new banking Trojan is targeting Korean users using obfuscation techniques that target the Android manifest, exploit vulnerabilities and take advantage of weaknesses in how Android apps interpret this file. SoumniBot stands out for its approach to camouflaging its malicious intent.
Likely Russian military intelligence hackers known as Sandworm have deployed a new and highly flexible backdoor against Eastern European targets since at least mid-2022, warned security researchers. Security firm WithSecure dubbed the backdoor Kapeka.
Russia's preeminent cyber sabotage unit presents "one of the widest and high severity cyber threats globally," warned Mandiant in a Wednesday report. Mandiant newly designated Sandworm as APT44 to differentiate it from another hacking unit it will still track as APT28.
North Korean hackers with an affinity for establishing rapport with targets via social engineering and email are getting smarter about bypassing anti-spam protections and using tracking pixels, say researchers. The group, codenamed Kimsuky, has been operational since 2012.
Israel Defense Forces reported the launch of rockets by Iran from Lebanon into Israel on Saturday. Hezbollah militants claim responsibility, citing retaliation for recent Israeli actions and solidarity with Palestinians in Gaza, according to reports.
Air Force Gen. Timothy Haugh told the Senate Armed Services Committee the U.S. Cyber Command carried out nearly two dozen defensive cyber operations across the globe in 2023, expanding in size and scope since the "hunt forward" teams were first launched in 2014.
The U.S. Cybersecurity and Infrastructure Security Agency publicly released an emergency directive Thursday requiring impacted federal agencies to take immediate remediation measures amid continued fallout from the Russian state-sponsored hacking of Microsoft that began in late November.
A new study published by researchers from the universities of Oxford and New South Wales ranks Russia at the top of a global list of cybercrime hot spots and says Ukraine, China, the United States, Nigeria and Romania are home to a majority of global cybercriminal activity.
Unit 8200 is the Israeli Intelligence Corps unit of the Israel Defense Forces responsible for - among other tasks - counterintelligence and cyberwarfare. Chen Shmilo heads the 8200 Alumni Association and sees it as a hotbed for cybersecurity innovation and leadership.
A Filipino hacktivist group broke into servers owned and operated by the government's Department of Science and Technology and stole up to 25 terabytes of confidential data and backups. The hacking incident followed a series of successful cyberattacks against government agencies.
The independent Cyber Safety Review Board published a scathing report that recommends an overhaul of Microsoft's security infrastructure and says the tech giant's operational and strategic decisions led to the successful Chinese hacking campaign that targeted top U.S. government officials.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.