cybersecurity

Russian government spies targeted Ukraine using tools developed by cybercriminals

A Russian-government backed hacking group targeted Ukraine’s military using tools and infrastructure developed by cybercriminals, according to new research. On Wednesday, Microsoft published a report detailing a hacking campaign carried out by a group it calls Secret Blizzard, which the U.S. Cybersecurity and Infrastructure Security Agency (CISA) previously said “is almost certainly subordinate to the […]

Russian government spies targeted Ukraine using tools developed by cybercriminals Read More »

Krispy Kreme discloses cyberattack that is disrupting online orders

International doughnut chain Krispy Kreme disclosed a security incident on Wednesday, which the company said has caused  “certain operational disruptions, including with online ordering in parts of the United States.” Krispy Kreme disclosed the cyberattack in an 8-K filing with the SEC. The company said it was “notified regarding unauthorized activity on a portion of

Krispy Kreme discloses cyberattack that is disrupting online orders Read More »

Researchers uncover Chinese spyware used to target Android devices

Security researchers have uncovered a new surveillance tool that they say has been used by Chinese law enforcement to collect sensitive information from Android devices in China. The tool, named “EagleMsgSpy,” was discovered by researchers at U.S. cybersecurity firm Lookout. The company said at the Black Hat Europe conference on Wednesday that it had acquired

Researchers uncover Chinese spyware used to target Android devices Read More »

US sanctions Chinese cybersecurity firm for firewall hacks targeting critical infrastructure

The U.S. sanctioned a Chinese cybersecurity company and one of its employees for exploiting a zero-day vulnerability in Sophos firewalls to target U.S. organizations. On Tuesday, the U.S. Treasury Department said Guan Tianfeng, an employee of Sichuan Silence, used the vulnerability to compromise approximately 81,000 firewalls in April 2020. The hacking campaign, detailed by Sophos

US sanctions Chinese cybersecurity firm for firewall hacks targeting critical infrastructure Read More »

US Senator announces new bill to secure telecom companies in wake of Chinese hacks

U.S. Democratic Senator Ron Wyden announced a new draft bill with the goal of securing American telephone networks and Americans’ communications in response to the massive hack of telecom providers allegedly done by Chinese government hackers.  In a press release on Tuesday, Wyden announced the Secure American Communications Act. The bill would order the Federal

US Senator announces new bill to secure telecom companies in wake of Chinese hacks Read More »

Hackers are exploiting a flaw in popular file-transfer tools to launch mass hacks, again

Security researchers are warning that hackers are actively exploiting another high-risk vulnerability in a popular file transfer technology to launch mass hacks.  The vulnerability, tracked as CVE-2024-50623, affects software developed by Illinois-based enterprise software company Cleo, according to researchers at cybersecurity company Huntress.  The flaw was first disclosed by Cleo in a security advisory on

Hackers are exploiting a flaw in popular file-transfer tools to launch mass hacks, again Read More »

Ukraine says Russian hackers are targeting country’s defense contractors

Ukraine’s Computer Emergency Response Team (CERT-UA) said in a report published over the weekend that a hacking group has been targeting the country’s defense and military companies with phishing attacks.  The CERT identified the hacking group as UAC-0185 — also known as UNC4221 — without saying who was behind the group. Earlier this year, however,

Ukraine says Russian hackers are targeting country’s defense contractors Read More »

US medical device giant Artivion says hackers stole files during cybersecurity incident

Artivion, a medical device company that manufactures implantable tissues for cardiac and vascular transplant applications, says its services have been “disrupted” due to a cybersecurity incident.  In an 8-K filing with the SEC on Monday, Georgia-based Artivion, formerly CryoLife, said it became aware of a “cybersecurity incident” that involved the “acquisition and encryption” of data

US medical device giant Artivion says hackers stole files during cybersecurity incident Read More »

Blue Yonder investigating data theft claims after ransomware gang takes credit for cyberattack

Supply chain software giant Blue Yonder says it is investigating claims of data theft after a ransomware gang threatened to publish troves of data stolen from the company.  Arizona-based Blue Yonder, which provides supply chain management software to thousands of organizations including DHL, Starbucks and Walgreens, was hit by a cyberattack on November 21. The

Blue Yonder investigating data theft claims after ransomware gang takes credit for cyberattack Read More »

Russian programmer says FSB agents planted spyware on his Android phone

A programmer said the Russian Federal Security Service (FSB) installed spyware on his Android phone after he was detained in Moscow earlier this year. Security researchers confirmed that his phone had spyware installed, likely when the authorities had physical access to his phone and had forced him to give up his passcode.  For the programmer

Russian programmer says FSB agents planted spyware on his Android phone Read More »