Cyber Attack News, Articles and Updates

Chinese cyberespionage campaign targets Middle Eastern public and private sectors

Symantec discovered a Chinese cyberespionage campaign targeting Middle Eastern Government and Business Organizations.

DarkHydrus using Phishery tool to harvest credentials

The DarkHydrus threat group is now using the open-source Phishery tool to harvest credentials in the Middle East against an educational institution.

Malicious Windows executable files hidden in Google Play Apps

Palo Alto Unit 42 researchers identified several Google Play apps infected with malicious Window's Executable Files.

Pence said cyberattack shut down Kansas county election system, except it didn't

Vice President Mike Pence Tuesday told the audience of a Manhattan cybersecurity conference that a malware attack forced a Kansas County to shut down its election systems.

Russian spearphishing campaign targeted nearly 800 PCs at more than 400 companies

A spearphishing campaign targeted more than 400 industrial companies by sending highly personalized emails disguised as procurement and accounting documents.

Hidden Bee miner spread via download drive-by download toolkit

The Hidden Bee cryptominer is being delivered to users via an improved drive-by download tooldkit which exploits the CVE-2018-4878 Flash Player vulnerability.

Fortnite click-fraud scammers set to earn $1 million

Imperva researchers estimate Fortnite Scammers are earning nearly $1 million annual through pay per click advertising by exploiting users eager to get free in-game currency.

Ransomware attack knocks out shipping giant COSCO's U.S. network

A ransomware attack has severely disabled the US network of COSCO (China Ocean Shipping Company), one of the world's largest shipping companies.

Singapore securities investor database breached in 2013

The Securities Investors Association (Singapore) or Sias announced it suffered a breach back in 2013.

Game of Thrones hacker and dam hacker make FBI most wanted cybercriminals list

The list is also shared with credit card scammers, digital bank robbers, and several state-backed hackers including a man wanted for stealing rocket software.

Malware author 'Anarchy' builds 18,000-strong Huawei router botnet

The threat actor exploited the CVE-2017-17215 in Huawei HG532 routers which is a well-known exploit that has already been abused by at least two versions of the Satori botnet and many of the smaller Mirai-based offshoots.

Putin says Russia targeted by nearly 25M cyberattacks during World Cup

Putin did not however, indicate who may have been behind the attacks nor gave any information on the nature or possible origins of the attacks.

Ukraine accuses Russia of VPNFilter attack targeting chlorine distillation station

Ukraine is claiming to have stopped a VPNFilter attack which targeted a chlorine distillation station last week.

Huawei Australian exec insists frim won't share intel with China

Huawei's Australian Chairman John Lord denied his firm's involvement in intelligence gathering or cyberespionage.

Crook gets 20 years for literal domain hijacking at gunpoint

A man was sentenced to 20 years in prison after giving a new meaning to the term domain-hijacking when attempting to forcibly steal a domain name from someone at gunpoint.

Reset 2018: Stuxnet - the prototype for industrial control attacks

The keynote speaker at yesterday's Reset 2018 was Kim Zetter, an investigative journalist and author of an acclaimed book on Stuxnet (Countdown to Zero Day: Stuxnet and the launch of the world's first digital weapon).

Virginia Department of Environmental Quality website hacked

The incident was reported on May 22 after the intrusion was "detected and contained quickly."

It's FIFA World Cup season, do you know where your cybersecurity pros are?

With nearly half the world watching, odds are several security professionals will be looking to sneak a peak of the game which could be bad for the security of your business.

DHS documents 'only a matter of time' until airline hack

The statement came from a Department of Energy government research laboratory focusing on the lab's findings around aviation cybersecurity and was included in government internal presentations and risk assessments.

Prowli campaign monetized 40K machines across various industries

The campaign dubbed Operation Prowli was observed targeting vulnerable platforms, including CMS servers, backup servers, DSL modems and IOT devices to mine cryptocurrency, promote fake websites and run tech support scams,

Atlanta cyberattack destroyed critical police evidence

The attack wiped out the city police department's dashcam footage archive, which could compromise DUI cases and has already left a Police Department investigator unable to produce a critical piece of evidence during testimony.

Buffalo Wild Wings apologizes after racist tirade from hacked account

Buffalo Wild Wings apologized for a series of racist and vulgar tweets sent from its Twitter account which appears to have been hacked Friday night.

State elections systems still hackable, report

Recent data breaches, vulnerable voting machines, inconsistent security practices a complex decentralized election system provide several attack vectors for attackers looking to influence elections.

'Cyber incident' leaves Eventbrite-owned Ticketfly offline, ransom demanded.

The company didn't specify whether or not user information has been compromised but did acknowledge the incident in a tweet.