With Tehran’s military weakened, digital retaliation likely, experts tell The Reg The current Israel–Iran military conflict is taking place in the era of hybrid war, where cyberattacks amplify and assist missiles and troops, and is being waged between two countries with very capable destructive cyber weapons.... [...]
Some trace back to an outfit under US export controls for alleged PLA links Both Apple's and Google's online stores offer free virtual private network (VPN) apps owned by Chinese companies, according to researchers at the Tech Transparency Project, and they don't make this fact readily known to people …
Good news: The vendor patched the flaw in January. Bad news: Not everyone got the memo Ransomware criminals infected a utility billing software providers' customers, and in some cases disrupted services, after exploiting unpatched versions of SimpleHelp’s remote monitoring and management (RMM) tool, according to a Thursday CISA …
'BrowserVenom' is pure poison Suspected cybercriminals have created a fake installer for Chinese AI model DeepSeek-R1 and loaded it with previously unknown malware called "BrowserVenom".... [...]
FIN6 moves from point-of-sale compromise to phishing recruiters In a scam that flips the script on fake IT worker schemes, cybercriminals posing as job seekers on LinkedIn and Indeed are targeting recruiters - a group hated only slightly less than digital crooks - with malware hosted on phony resume portfolio sites …
The botnet’s still alive and evolving Badbox 2.0, the botnet that infected millions of smart TV boxes and connected devices before private security researchers and law enforcement partially disrupted its infrastructure, is readying for a third round of fraud and digital attacks, according to one of the …
Also axes secure software mandates - optional is the new secure, apparently President Donald Trump late Friday signed a cybersecurity-focused executive order that, in the White House's words, "amends problematic elements of Obama and Biden-era Executive Orders."... [...]
United Natural Foods shut down some of its systems on June 5 after spotting network intruders North American grocery wholesaler United Natural Foods told regulators that a cyber incident temporarily disrupted operations, including its ability to fulfill customer orders.... [...]
SentinelOne discovered the campaign when they tried to hit the security vendor's own servers An IT services company, a European media group, and a South Asian government entity are among the more than 75 companies where China-linked groups have planted malware to access strategic networks should a conflict break …
OpenAI boots accounts linked to 10 malicious campaigns Fake IT workers possibly linked to North Korea, Beijing-backed cyber operatives, and Russian malware slingers are among the baddies using ChatGPT for evil, according to OpenAI's latest threat report.... [...]
Any info on Maxim Rudometov and his associates? There's $$$ in it for you The US government is offering up to $10 million for information on foreign government-backed threat actors linked to the RedLine malware, including its suspected developer, Maxim Alexandrovich Rudometov.... [...]
Re-selling info from an earlier breach? Probably. But which one? AT&T is investigating claims that millions of its customers' data are listed for sale on a cybercrime forum in what appears to be a re-release from an earlier hack.... [...]
Plus: Plankey's confirmation process 'temporarily delayed' Sean Cairncross, President Donald Trump's nominee to serve as national cyber director, doubled down on taking offensive cyber actions against foreign adversaries during a Senate homeland security committee nomination hearing on Thursday, and refused to condemn the president's proposed cuts to the main …
Recompiled binaries and phone threats used to boost the pressure Groups linked with the Play ransomware have exploited more than 900 organizations, the FBI said Wednesday, and have developed a number of new techniques in their double-extortion campaigns - including exploiting a security flaw in remote-access tool SimpleHelp if orgs …
Literally adding insult to injury Kettering Health patients who had chemotherapy sessions and pre-surgery appointments canceled due to a ransomware attack in May now have to deal with the painful prospect that their personal info may have been leaked online.... [...]
Victims include hospitality, retail and education sectors A group of financially motivated cyberscammers who specialize in Scattered-Spider-like fake IT support phone calls managed to trick employees at about 20 organizations into installing a modified version of Salesforce's Data Loader that allows the crims to steal sensitive data.... [...]
Microsoft, CrowdStrike, and pals promise clarity on cybercrew naming, deliver alias salad instead Opinion Microsoft and CrowdStrike made a lot of noise on Monday about teaming up with other threat-intel outfits to "bring clarity to threat-actor naming."... [...]
TAG team spotted the V8 bug first, so you can bet nation-states weren’t far behind Google revealed Monday that it had quietly deployed a configuration change last week to block active exploitation of a Chrome zero-day.... [...]
To stop the JINX-0132 gang behind these attacks, pay attention to HashiCorp, Docker, and Gitea security settings Up to a quarter of all cloud users are at risk of having their computing resources stolen and used to illicitly mine for cryptocurrency, after crims cooked up a campaign that targets …
'It's a high-stakes intelligence war' he told El Reg exclusive A mystery whistleblower calling himself GangExposed has exposed key figures behind the Conti and Trickbot ransomware crews, publishing a trove of internal files and naming names.... [...]
Pen tester on ScreenConnect bug: This one ‘terrifies’ me ConnectWise has brought in the big guns to investigate a "sophisticated nation state actor" that broke into its IT environment and then breached some of its customers.... [...]
Take care when downloading AI freebies, researcher tells The Register Criminals are using installers for fake AI software to distribute ransomware and other destructive malware.... [...]
House Homeland Security Committee takes a field trip to Silicon Valley Chinese government spies burrowed deep into American telecommunications systems and critical infrastructure networks for one reason, according to retired US Army Lt. Gen. H.R. McMaster.... [...]
SimpleHelp was the vector for the attack Updated DragonForce ransomware infected a managed service provider, and its customers, after attackers exploited security flaws in remote monitoring and management tool SimpleHelp.... [...]
Millions may fall for it - and end up with malware instead A group of miscreants tracked as UNC6032 is exploiting interest in AI video generators by planting malicious ads on social media platforms to steal credentials, credit card details, and other sensitive info, according to Mandiant.... [...]