Microsoft Seizes 42 Domains Used by Chinese Hacking Group Nickel

The cyber-espionage group focuses on intelligence gathering using hard-to-detect malware. Microsoft has successfully seized control of 42 domains which were being used by a Chinese hacking group to carry out intelligence gathering across 29 countries using malware. As The Record reports, Microsoft refers to the cyber-espionage group as Nickel, with the group’s focus being to […]

Recently uncovered software flaw ‘most critical vulnerability of the last decade’

Log4Shell grants easy access to internal networks, making them susceptible to data loot and loss and malware attacks A critical vulnerability in a widely used software tool – one quickly exploited in the online game Minecraft – is rapidly emerging as a major threat to organizations around the world. “The internet’s on fire right now,” […]

Bulletproof hosting founder imprisoned for helping cybercrime gangs

34-year-old Russian Aleksandr Grichishkin, the founder of a bulletproof hosting service, was sentenced to 60 months in prison for allowing cybercrime gangs to use the platform in attacks targeting US financial institutions between 2008 to 2015. Grichishkin, who was also the organization’s leader, provided multiple cybercrime operations with the infrastructure (IP addresses, servers, and domains) […]

Really stupid “smart contract” bug let hackers steal $31 million in digital coin

Company says it has contacted the hacker in an attempt to recover the funds. Good luck. Blockchain startup MonoX Finance said on Wednesday that a hacker stole $31 million by exploiting a bug in software the service uses to draft smart contracts. The company uses a decentralized finance protocol known as MonoX that lets users […]

Panasonic confirms cyberattack and data breach

Tech manufacturing giant Panasonic has confirmed that its network was accessed illegally this month during a cyberattack. In a statement released on Friday, the Japanese company said it was attacked on November 11 and determined that “some data on a file server had been accessed during the intrusion.” “After detecting the unauthorized access, the company […]

Hackers Targeting Biomanufacturing Facilities With Tardigrade Malware

An advanced persistent threat (APT) has been linked to cyberattacks on two biomanufacturing companies that occurred this year with the help of a custom malware loader called “Tardigrade.” That’s according to an advisory published by Bioeconomy Information Sharing and Analysis Center (BIO-ISAC) this week, which noted that the malware is actively spreading across the sector […]

Leaked Credentials Leads Are Candy for Dark Web Actors

Nobody loves cheap and easy things more than cybercriminals. And few things are as abundant and easy to use as stolen emails and passwords (or password hashes). Over the last 5 years, 11.7 billion credentials have been leaked across the Internet, 61% of breaches involve leaked credentials. and the effects of credential theft spill well […]

Why Critical Infrastructure is a Massive Target for Nation-State Attackers

Many cybersecurity attacks go after critical national infrastructure like pipelines, communications, transportation, and utilities.  And many of these cyberattacks come from other nation-states, such as Russia, North Korea, China, or Iran. According to the 2019 Data Breach Investigations Report , 23 percent of attacks have come from nation-states.  However, in the last three years, nation-state attacks have […]

SS7 Exploit Service Providers on The Dark Web are Fake

In Signalling System No. 7 or SS7 back in 2016, the cybersecurity researchers warned of vulnerabilities in it, and as a result, just a year later, the SS7 attacks turned real ones from theoretical. To track individuals abroad the government-sponsored hackers exploited vulnerabilities in SS7 in the subsequent years. And not only that even the […]

The newer cybercrime triad: TrickBot-Emotet-Conti

Advanced Intelligence researchers argue that the restarting of the Emotet botnet was driven by Conti ransomware gang. Early this year, law enforcement and judicial authorities worldwide conducted a joint operation, named Operation Ladybird, which disrupted the EMOTET botnet. At the time the investigators have taken control of its infrastructure in an international coordinated action. This operation was […]