Reuters reports that the U.S. Department of the Treasury was able to avert distributed denial-of-service attacks deployed by Russian hacktivist group Killnet last month.
Killnet, which admitted to having launched DDoS attacks against various U.S. states' and airports' websites last month, attempted to compromise the Treasury Department's critical infrastructure nodes days before it attacked U.S. financial services firms, according to Todd Conklin, who serves as Deputy Treasury Secretary Wally Adeyemo's cybersecurity adviser.
JPMorgan Chase & Co has been claimed by Killnet to be among its victims although the bank noted that its operations have not been affected.
"[The attack] confirmed that we're on the right track with how we're trying to actually share tactical information with the sector in real time with the mind that we are interconnected and face the same threat actors," said Conklin, who noted that IP addresses leveraged in the Killnet attack have been immediately shared with financial services entities.
Numerous fraudulent websites masquerading as legitimate software, including ChatGPT, Gimp, AstraChat, and Go To Meeting, have been used in a new RomCom malware campaign by Cuba ransomware affiliate Void Rabisu, also known as Tropical Scorpius, from December 2022 to April 2023, which was mostly targeted at Eastern Europe, according to BleepingComputer.
Scandinavian Airlines has been demanded to pay $3 million by the Anonymous Sudan threat operation to put an end to distributed denial-of-service attacks against the airline's websites that began in February, reports The Record, a news site by cybersecurity firm Recorded Future.
SiliconAngle reports that disrupted hacking site RaidForums had its member database including information from 478,870 members leaked on the new Exposed hacking forum, which is claimed to be owned and administered by the threat actor dubbed as 'Impotent.'