SC Staff

Ongoing cyberattacks against satellite communications systems have prompted Space Systems Cybersecurity Standard working group members to call for the development of secure-by-design specifications for space system components, CyberScoop reports.

Massachusetts-based non-profit health service firm Harvard Pilgrim Health Care has confirmed that more than 2.55 million of its current and former members had their sensitive data compromised following a ransomware attack in April, BleepingComputer reports.

U.S. legal discovery tech service provider Casepoint has launched a probe into a possible cyberattack following claims by the ALPHV/BlackCat ransomware operation purporting the theft of 2TB of sensitive data from the firm, according to TechCrunch.

QBot malware, also known as QakBot and Pinkslipbot, has been leveraging an adaptable command-and-control infrastructure, with half of its servers only active for a week and a quarter only active for a day, according to The Hacker News.

BleepingComputer reports that several email accounts owned by Spanish-speaking users across Latin America have been hijacked by the newly-discovered ongoing Horabot botnet campaign, which has been delivering a banking trojan and spam tool since November 2020.

Brunei, Indonesia, and Vietnam had their education, government, and military organizations targeted by the advanced persistent threat group Dark Pink, which has been ramping up attacks this year, BleepingComputer reports.

Millions of computers have Gigabyte motherboards with a hidden firmware code, which could be exploited to facilitate malware deployment, reports Wired.

BleepingComputer reports that ongoing attacks leveraging a critical command injection vulnerability, tracked as CVE-2023-28771, impacting several Zyxel firewall and VPN devices have been confirmed by Rapid7.

Vulnerable Apache NiFi implementations are being targeted in new attacks deploying the Kinsing cryptomining malware, as indicated by the significant increase in HTTP requests for "/nifi" on May 19, according to The Hacker News.

Novel Terminator antivirus killer found to be a BYOVD attack CrowdStrike researchers have discovered that the Terminator antivirus killer peddled by the threat actor Spyboy has been used to enable Bring Your Own Vulnerable Driver attacks, reports BleepingComputer.