25 matches found
BeyondTrust Zero-Day Breach Exposed 17 SaaS Customers via Compromised API Key
BeyondTrust has revealed it completed an investigation into a recent cybersecurity incident that targeted some of the company's Remote Support SaaS instances by making use of a compromised API key. The company said the breach involved 17 Remote Support SaaS customers and that the API key was used...
U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon
The U.S. Treasury Department's Office of Foreign Assets Control OFAC has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor for their alleged links to the Salt Typhoon group and the recent compromise of the federal agency. "People's Republic of China-linked...
U.S. Sanctions North Korean IT Worker Network Supporting WMD Programs
The U.S. Treasury Department's Office of Foreign Assets Control OFAC sanctioned two individuals and four entities for their alleged involvement in illicit revenue generation schemes for the Democratic People's Republic of Korea DPRK by dispatching IT workers around the world to obtain employment...
Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents
The United States Treasury Department said it suffered a "major cybersecurity incident" that allowed suspected Chinese threat actors to remotely access some computers and unclassified documents. "On December 8, 2024, Treasury was notified by a third-party software service provider, BeyondTrust,...
U.S. Treasury Hamas Spokesperson for Cyber Influence Operations
The U.S. Treasury Department's Office of Foreign Assets Control OFAC on Friday announced sanctions against an official associated with Hamas for his involvement in cyber influence operations. Hudhayfa Samir 'Abdallah al-Kahlut, 39, also known as Abu Ubaida, has served as the public spokesperson o...
U.S. Treasury Sanctions Sinbad Cryptocurrency Mixer Used by North Korean Hackers
The U.S. Treasury Department on Wednesday imposed sanctions against Sinbad, a virtual currency mixer that has been put to use by the North Korea-linked Lazarus Group to launder ill-gotten proceeds. "Sinbad has processed millions of dollars' worth of virtual currency from Lazarus Group heists,...
N. Korean Lazarus Group Targets Microsoft IIS Servers to Deploy Espionage Malware
The infamous Lazarus Group actor has been targeting vulnerable versions of Microsoft Internet Information Services IIS servers as an initial breach route to deploy malware on targeted systems. The findings come from the AhnLab Security Emergency response Center ASEC, which detailed the advanced...
Norway Seizes $5.84 Million in Cryptocurrency Stolen by Lazarus Hackers
Norwegian police agency Økokrim has announced the seizure of 60 million NOK about $5.84 million worth of cryptocurrency stolen by the Lazarus Group in March 2022 following the Axie Infinity Ronin Bridge hack. "This case shows that we also have a great capacity to follow the money on the blockchai...
Re-Focusing Cyber Insurance with Security Validation
The rise in the costs of data breaches, ransomware, and other cyber attacks leads to rising cyber insurance premiums and more limited cyber insurance coverage. This cyber insurance situation increases risks for organizations struggling to find coverage or facing steep increases. Some Akin Gump...
U.S. Charges 3 Iranian Hackers and Sanctions Several Others Over Ransomware Attacks
The U.S. Treasury Department's Office of Foreign Assets Control OFAC on Wednesday announced sweeping sanctions against ten individuals and two entities backed by Iran's Islamic Revolutionary Guard Corps IRGC for their involvement in ransomware attacks at least since October 2020. The agency said...
U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania
The U.S. Treasury Department on Friday announced sanctions against Iran's Ministry of Intelligence and Security MOIS and its Minister of Intelligence, Esmaeil Khatib, for engaging in cyber-enabled activities against the nation and its allies. "Since at least 2007, the MOIS and its cyber actor...
Popular NFT Marketplace Phished for $540M
Axie Infinity, a popular destination for 3 million traders of in-game collectible non-fungible tokens, reportedly lost $540M in cryptocurrency in a recruiting-themed spear phishing attack. The perpetrators of the crime are believed to be an advanced persistent threat group with ties to North...
Evil Corp Cybercrime Group Shifts to LockBit Ransomware to Evade Sanctions
The threat cluster dubbed UNC2165, which shares numerous overlaps with a Russia-based cybercrime group known as Evil Corp, has been linked to multiple LockBit ransomware intrusions in what's seen as an attempt by the latter to get around sanctions imposed by the U.S. Treasury in December 2019...
Task Force Seeks to Disrupt Ransomware Payments
Some of the worlds top tech firms are backing a new industry task force focused on disrupting cybercriminal ransomware gangs by limiting their ability to get paid, and targeting the individuals and finances of the organized thieves behind these crimes. In a 81-page report delivered to the Biden...
SolarWinds Hack Could Affect 18K Customers
The still-unfolding breach at network management software firm SolarWinds may have resulted in malicious code being pushed to nearly 18,000 customers, the company said in a legal filing on Monday. Meanwhile, Microsoft should soon have some idea which and how many SolarWinds customers were affecte...
U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise
Communications at the U.S. Treasury and Commerce Departments were reportedly compromised by a supply chain attack on SolarWinds, a security vendor that helps the federal government and a range of Fortune 500 companies monitor the health of their IT networks. Given the breadth of the companys...
Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam
Companies victimized by ransomware and firms that facilitate negotiations with ransomware extortionists could face steep fines from the U.S. federal government if the crooks who profit from the attack are already under economic sanctions, the Treasury Department warned today. Image: Shutterstock ...
U.S. Treasury Sanctions Hacking Group Backed by Iranian Intelligence
The U.S. government on Thursday imposed sweeping sanctions against an Iranian threat actor backed by the country's Ministry of Intelligence and Security MOIS for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel sectors...
Threat Outbreak Alert RuleID20028: Email Messages Distributing Malicious Software on December 15, 2015
Medium Alert ID: 42676 First Published: 2015 December 15 21:34 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID20028 may contain the following files: Name |...
Threat Outbreak Alert RuleID19665: Email Messages Distributing Malicious Software on November 30, 2015
Medium Alert ID: 42284 First Published: 2015 November 25 19:36 GMT Last Updated: 2015 November 30 14:13 GMT Version: 2 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID1966...