A recent indictment issued by the U.S. Department of Justice (DOJ) highlights significant cybersecurity threats stemming from Chinese-backed contractors, revealing the breadth of their activities that span across various sectors worldwide. The DOJ official indicated that these contractors and associated companies typically engage in speculative hacking operations, primarily motivated by…
Third Party Risk Management, Endpoint Security, Governance & Risk Management Off-Brand Android Devices Infected with Trojan Malware Anviksha More (AnvikshaMore) • March 5, 2025 A snapshot from an online video game designed purely for ad revenue rather than user experience. (Image: Shutterstock) Recent investigations have revealed a botnet that has…
Arietis Health LLC Settles $2.8 Million in Data Breach Lawsuits Arietis Health LLC has agreed to pay $2.8 million to resolve a series of 11 lawsuits that accuse the health organization of failing to adequately safeguard the personal information of nearly 2 million individuals. This settlement comes in the wake…
Cybersecurity Update: Silk Typhoon Shifts Tactics in Espionage Operations Recent observations by Microsoft Threat Intelligence reveal a significant change in the operational strategies of the espionage group known as Silk Typhoon, also referred to as HAFNIUM. This Chinese-backed organization, recognized for its advanced technical capabilities, is increasingly leveraging commonly utilized…
Prosecutors Charge Yin Kecheng in 2024 Treasury Department Hack In a significant development concerning cybercrime, U.S. federal authorities have moved to seize digital infrastructure linked to two Shanghai-based hackers alleged to operate on behalf of the Chinese government, specifically under the guise of a group known as "Silk Typhoon." This…
ParkMobile Faces $32.8 Million Data Breach Settlement Amid User Concerns ParkMobile, a popular parking payment application in the United States, is currently at the center of a significant legal issue, having reached a $32.8 million settlement in response to a data breach that compromised the personal information of its users.…
Research teams from various cybersecurity firms have uncovered that a recent campaign appears to originate from a loosely organized network of fraud groups instead of a single perpetrator. Each participating group operates its own variations of the Badbox 2.0 backdoor and associated malware modules, distributing these threats through diverse methods.…
North Korea continues to be a formidable force in the realm of cybercrime, particularly targeting financial institutions and cryptocurrency platforms to sustain its military efforts, including nuclear and missile development programs. Recent analysis by security specialists from Nisos has uncovered a new tactic employed by North Korean hackers: using social…
Cloud Security, Next-Generation Technologies & Secure Development, Security Operations Vulnerabilities Facilitate Potential Hypervisor Escapes Mathew J. Schwartz (euroinfosec) • March 5, 2025 Active attacks are exploiting multiple VMware zero-day vulnerabilities that could allow cybercriminals to escape hypervisors, threatening all virtual machines in the ecosystem. (Image: Shutterstock) Broadcom has issued urgent…