Security

Russian government spies targeted Ukraine using tools developed by cybercriminals

Security /

A Russian-government backed hacking group targeted Ukraine’s military using tools and infrastructure developed by cybercriminals, according to new research. On Wednesday, Microsoft published a report detailing a hacking campaign carried out by a group it calls Secret Blizzard, which the U.S. Cybersecurity and Infrastructure Security Agency (CISA) previously said “is almost certainly subordinate to the […]

Russian government spies targeted Ukraine using tools developed by cybercriminals Read More »

Krispy Kreme discloses cyberattack that is disrupting online orders

Security /

International doughnut chain Krispy Kreme disclosed a security incident on Wednesday, which the company said has caused  “certain operational disruptions, including with online ordering in parts of the United States.” Krispy Kreme disclosed the cyberattack in an 8-K filing with the SEC. The company said it was “notified regarding unauthorized activity on a portion of

Krispy Kreme discloses cyberattack that is disrupting online orders Read More »

Researchers uncover Chinese spyware used to target Android devices

Security /

Security researchers have uncovered a new surveillance tool that they say has been used by Chinese law enforcement to collect sensitive information from Android devices in China. The tool, named “EagleMsgSpy,” was discovered by researchers at U.S. cybersecurity firm Lookout. The company said at the Black Hat Europe conference on Wednesday that it had acquired

Researchers uncover Chinese spyware used to target Android devices Read More »

US sanctions Chinese cybersecurity firm for firewall hacks targeting critical infrastructure

Security /

The U.S. sanctioned a Chinese cybersecurity company and one of its employees for exploiting a zero-day vulnerability in Sophos firewalls to target U.S. organizations. On Tuesday, the U.S. Treasury Department said Guan Tianfeng, an employee of Sichuan Silence, used the vulnerability to compromise approximately 81,000 firewalls in April 2020. The hacking campaign, detailed by Sophos

US sanctions Chinese cybersecurity firm for firewall hacks targeting critical infrastructure Read More »

US Senator announces new bill to secure telecom companies in wake of Chinese hacks

Security /

U.S. Democratic Senator Ron Wyden announced a new draft bill with the goal of securing American telephone networks and Americans’ communications in response to the massive hack of telecom providers allegedly done by Chinese government hackers.  In a press release on Tuesday, Wyden announced the Secure American Communications Act. The bill would order the Federal

US Senator announces new bill to secure telecom companies in wake of Chinese hacks Read More »

Cohesity completes its merger with Veritas; here’s how they’ll integrate

Security /

Data protection startup Cohesity completed its merger with Veritas’ enterprise data protection business, creating one entity with 12,000 customers that is valued at $7 billion. The deal was originally announced in February 2024. Cohesity valued Carlyle-owned Veritas’ data protection business at $3 billion at the time, according to CRN reporting. Cohesity declined to comment on

Cohesity completes its merger with Veritas; here’s how they’ll integrate Read More »

Hackers are exploiting a flaw in popular file-transfer tools to launch mass hacks, again

Security /

Security researchers are warning that hackers are actively exploiting another high-risk vulnerability in a popular file transfer technology to launch mass hacks.  The vulnerability, tracked as CVE-2024-50623, affects software developed by Illinois-based enterprise software company Cleo, according to researchers at cybersecurity company Huntress.  The flaw was first disclosed by Cleo in a security advisory on

Hackers are exploiting a flaw in popular file-transfer tools to launch mass hacks, again Read More »

Ukraine says Russian hackers are targeting country’s defense contractors

Security /

Ukraine’s Computer Emergency Response Team (CERT-UA) said in a report published over the weekend that a hacking group has been targeting the country’s defense and military companies with phishing attacks.  The CERT identified the hacking group as UAC-0185 — also known as UNC4221 — without saying who was behind the group. Earlier this year, however,

Ukraine says Russian hackers are targeting country’s defense contractors Read More »

US medical device giant Artivion says hackers stole files during cybersecurity incident

Security /

Artivion, a medical device company that manufactures implantable tissues for cardiac and vascular transplant applications, says its services have been “disrupted” due to a cybersecurity incident.  In an 8-K filing with the SEC on Monday, Georgia-based Artivion, formerly CryoLife, said it became aware of a “cybersecurity incident” that involved the “acquisition and encryption” of data

US medical device giant Artivion says hackers stole files during cybersecurity incident Read More »

WhatsApp fixes bug that let users bypass ‘View Once’ privacy feature

Security /

WhatsApp fixed a bug that allowed malicious users to save pictures and videos that were supposed to be viewed only once and then vanish.  In September, TechCrunch reported that a bug in the implementation of the “View Once” privacy  feature allowed people using WhatsApp’s browser-based web app to display and then keep the picture or

WhatsApp fixes bug that let users bypass ‘View Once’ privacy feature Read More »