Dual Russian-Israeli national arrested in August An alleged LockBit ransomware developer is in custody in Israel and awaiting extradition to the United States.... [...]

Recent campaign targeted 20,000 folk across UK and Europe with this tactic, Unit 42 warns Unknown criminals went on a phishing expedition that targeted about 20,000 users across the automotive, chemical and industrial compound manufacturing sectors in Europe, and tried to steal account credentials and then hijack …

It could end up like Huawei -Trump's gonna get ya, get ya, get ya updated The Feds may ban the sale of TP-Link routers in the US over ongoing national security concerns about Chinese-made devices being used in cyberattacks.... [...]

Not that you needed another reason to enable the 'known senders' setting Criminals are spoofing Google Calendar emails in a financially motivated phishing expedition that has already affected about 300 organizations with more than 4,000 emails sent over four weeks, according to Check Point researchers.... [...]

You applied the patch that could stop possible RCE attacks last week, right? A critical security hole in Apache Struts 2 – patched last week – is currently being exploited using publicly available proof-of-concept (PoC) code.... [...]

But can you really take crims at their word? Supply chain integration vendor Cleo has urged its customers to upgrade three of its products after an October security update was circumvented, leading to widespread ransomware attacks that Russia-linked gang Cl0p has claimed are its evil work.... [...]

IOCONTROL targets IoT and OT devices from a ton of makers, apparently An Iranian government-linked cybercriminal crew used custom malware called IOCONTROL to attack and remotely control US and Israel-based water and fuel management systems, according to security researchers.... [...]

Sen. Wyden blasts FCC's 'failure' amid Salt Typhoon hacks US telecoms carriers would be required to implement minimum cyber security standards and ensure their systems are not susceptible to hacks by nation-state attackers – like Salt Typhoon – under legislation proposed by senator Ron Wyden (D-OR).... [...]

No word yet on who was snooped on. Any bets? Chinese cyberspies recorded "very senior" US political figures' calls, according to White House security boss Anne Neuberger.... [...]

ShinyHunters-linked heist thought to have been ongoing since March Exclusive A massive online heist targeting AWS customers during which digital crooks abused misconfigurations in public websites and stole source code, thousands of credentials, and other secrets remains "ongoing to this day," according to security researchers.... [...]

Outsmart an AI, win a little Christmas cash Microsoft and friends have challenged AI hackers to break a simulated LLM-integrated email client with a prompt injection attack – and the winning teams will share a $10,000 prize pool.... [...]

'It's a double-edged sword,' security researchers tell The Reg Feature Chinese tech company employees and government workers are siphoning off user data and selling it online - and even high-ranking Chinese Communist Party officials and FBI-wanted hackers' sensitive information is being peddled by the Middle Kingdom's thriving illegal data ecosystem …

Still unpatched 100+ days later, watchTowr says updated A zero-day arbitrary file read vulnerability in Mitel MiCollab can be chained with a now-patched critical bug in the same platform to give attackers access to sensitive files on vulnerable instances.... [...]

Redmond threat intel maven talks explains this persistent pain to The Reg A Chinese government-linked group that Microsoft tracks as Storm-2077 has been actively targeting critical organizations and US government agencies as of yesterday, according to Redmond's threat intel team.... [...]

Security chief talks to El Reg as Feds urge everyone to use encrypted chat interview While Chinese-government-backed spies maintained access to US telecommunications providers' networks for months – and in some cases still haven't been booted out – T-Mobile US thwarted successful attacks on its systems "within a single-digit number of …

ENGlobal customers include the Pentagon as well as major oil and gas producers American energy contractor ENGlobal disclosed that access to its IT systems remains limited following a ransomware infection in late November.... [...]

Yet another result of the MOVEit mess Hundreds of thousands of employees from major corporations including Xerox, Nokia, Koch, Bank of America, Morgan Stanley and others appear to be the latest victims in a massive data breach linked to last year's attacks on file transfer tool MOVEit.... [...]

Tap into the infinite scalability... of pricing Re:Invent Amazon Web Services has a new incident response service that combines automation and people to protect customers' AWS accounts - at a hefty price.... [...]

Scumbags play on victims' worst fears in phishing campaign referencing UK Employment Tribunal A current phishing campaign scares recipients into believing they've been sacked, when in reality they've been hacked – and infected with infostealers and other malware that means a payday for the crooks behind the scam.... [...]

Plus, a brand-new backdoor, GhostSpider, is linked to the cyber spy crew's operations The reach of the China-linked Salt Typhoon gang extends beyond telecommunications giants in the United States, and its arsenal includes several backdoors – including a brand-new malware dubbed GhostSpider – according to Trend Micro researchers.... [...]

Funny what putting more effort and resources into IT security can do Attackers - possibly China's Salt Typhoon cyber-espionage crew - compromised an unnamed wireline provider's network and used this access to try to break into T-Mobile US systems multiple times over the past few weeks, according to its Chief Security …

Researcher spotted open database before criminals... we hope Exclusive More than 600,000 sensitive files containing thousands of people's criminal histories, background checks, vehicle and property records were exposed to the internet in a non-password protected database belonging to data brokerage SL Data Services, according to a security researcher …

In case anyone forgot about Change Healthcare American hospitals and healthcare organizations would be required to adopt multi-factor authentication (MFA) and other minimum cybersecurity standards under new legislation proposed by a bipartisan group of US senators.... [...]

Meanwhile, CISA chief Jen Easterly will step down prior to inauguration Analysis President-elect Donald Trump has announced several unorthodox nominations for his cabinet over the last two weeks, including South Dakota Governor Kristi Noem, whom he tapped to serve as Homeland Security Secretary.... [...]

PAN-PAN! Intruders inject web shell backdoors, crypto-coin miners, more Updated Thousands of Palo Alto Networks firewalls were compromised by attackers exploiting two recently patched security bugs. The intruders were able to deploy web-accessible backdoors to remotely control the equipment as well as cryptocurrency miners and other malware.... [...]