Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Chinese Hackers Allegedly Target U.S. Treasury Department Offices Related to Economic Sanctions By Chris Riotta (@chrisriotta) • January 2, 2025 Chinese nation-state hackers infiltrated several U.S. Treasury Department offices. (Image: Shutterstock) A recent cyber intrusion linked to Chinese hackers has successfully breached…
US Court Finds NSO Group Breached Hacking Laws with Pegasus Spyware In a significant legal decision, a U.S. federal judge ruled that the Israeli spyware manufacturer, NSO Group, violated American hacking laws by exploiting vulnerabilities in WhatsApp’s software. This ruling emerged from a lawsuit initiated by WhatsApp, a subsidiary of…
As 2024 draws to a close, cybersecurity firms are reporting significant upheaval in the cybercrime landscape, particularly relating to phishing-as-a-service operations. Recent assessments by Sophos indicate that the once-prominent phish-tool Rockstar 2FA, notorious for its sophisticated phishing campaigns, has reportedly ceased operations. Following this disruption, many of its users have…
Attack Surface Management, Governance & Risk Management, Patch Management Over 200 Vulnerable Servers Targeted by Ransomware Group Amid Growing Exploits Mathew J. Schwartz (euroinfosec) • December 18, 2024 Recent reports indicate over 200 Cleo managed file-transfer servers remain publicly accessible and without necessary updates, posing significant risks in light of…
Black Hat, Events Exploring Automotive Vulnerabilities, Bootloader Flaws, and Cyber Threats at Black Hat Europe 2024 Mathew J. Schwartz (euroinfosec) • December 9, 2024 Image: Shutterstock The Black Hat Europe conference is once again convening in London, promising a diverse agenda that delves into the myriad challenges facing cybersecurity today.…
Krispy Kreme Faces Cyber Attack During Holiday Season In a significant cybersecurity incident, Krispy Kreme, the prominent American doughnut and coffee chain, experienced a sophisticated attack that disrupted its sales operations amidst the crucial Christmas season. The breach occurred in November 2024 and primarily affected the company’s online ordering system,…
The United States has issued sanctions against Sichuan Silence Information Technology, a Chinese cybersecurity firm, alongside its employee Guan Tianfeng, for their involvement in a significant global cyberattack. This action follows the company’s exploitation of a critical vulnerability in popular firewall systems, leading to widespread compromise. The cyber incident, which…
Researchers have identified a concerning trend in digital advertising, where malicious ads masquerade as genuine promotions from legitimate businesses and organizations. From local government entities to large corporations, users frequently rely on search engines to access official websites. This reliance creates an opportunity for fraudsters to exploit paid search placements,…
The recent uptick in malicious cyber activity has highlighted critical sectors at risk, particularly in the realm of Critical Infrastructure Security, Cyberwarfare and Nation-State Attacks, and Fraud Management & Cybercrime. National Security Officials Share Intelligence on a Cyberespionage Campaign Mathew J. Schwartz (euroinfosec) • November 25, 2024 Chinese hackers are…
