The Lazarus Group, an infamous hacking unit allegedly sponsored by the North Korean regime, has intensified its malware campaigns, now specifically targeting software developers and freelancers. The group employs deceptive tactics to gain access to victims’ corporate networks. For freelancers, the risk is heightened; according to reports, Lazarus hackers utilize…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Geo Focus: Asia Hackers Exploit Malicious Macros in Diplomatic Documents to Target Asian Nations Prajeet Nair (@prajeetspeaks) • January 15, 2025 The Nur-Sultan Astana Government Building of the Republic of Kazakhstan (Image: Shutterstock) Recent developments indicate that hackers, potentially affiliated with the…
Cybersecurity Alert: Data Breach at PowerSchool Affects Students and Educators Recently, several school districts have reported a significant data breach involving PowerSchool, an educational technology provider that serves over 50 million students. In this cyberattack, hackers may potentially have gained access to the personal information of students and teachers, raising…
Cyberattack Mimics Black Basta Tactics, Compromises Client Email Security In a recent cybersecurity incident, a wave of malicious emails, closely resembling the strategies employed by the infamous Black Basta ransomware group, targeted a client of SlashNext. Spanning a rapid 90-minute period, over 1,165 nefarious emails inundated the inboxes of 22…
Fortinet, a notable player in the American cybersecurity landscape, is currently in the spotlight due to alarming reports suggesting that it may have inadvertently exposed its customers to a serious cyber risk. This situation escalated when Arctic Wolf, a competing firm, publicly disclosed the details of the threat, igniting a…
Critical Infrastructure Security, Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime US Cyber Defense Agency Was Not Initially Aware of Hackers Involved in Salt Typhoon Chris Riotta (@chrisriotta) • January 15, 2025 Director of the Cybersecurity and Infrastructure Security Agency, Jen Easterly, remarked that the Chinese “Salt Typhoon” breach of…
On December 24, 2024, Governor Kathy Hochul of New York enacted significant amendments to both the state’s private-sector and government agency data breach notification laws. These revisions to the General Business Law § 899-aa and New York State Technology Law § 208 introduce strict new timelines and a broadened scope…
Ransomware incidences have recently surged, drawing attention to an emerging player in the cybercrime landscape. A group identifying itself as FunkSec has captured headlines by asserting responsibility for over 80 cyberattacks throughout December 2024, a claim underscored by a report from Check Point Software Technologies. FunkSec differentiates itself from other…
Endpoint Security, Hardware / Chip-level Security, Internet of Things Security CFP Board Members Discuss AI, Hardware Access and Emerging Trends for Nullcon 2025 Rahul Neel Mani (@rneelmani) • January 15, 2025 Neelu Tripathi, principal AppSec consultant and security researcher at Thoughtworks; and Anant Shrivastava, founder of Cyfinoid Research As cybersecurity…
