Tag: computer
-
Iranian Man pleaded guilty to role in Robbinhood Ransomware attacks
Iranian man pleads guilty to role in Baltimore ransomware attack tied to Robbinhood, admitting to computer and wire fraud conspiracy. Iranian national Sina Gholinejad pleaded guilty to his role in a Robbinhood ransomware scheme that hit U.S. cities, including Baltimore and Greenville. The attacks caused major disruptions and over $19 million in damages to Baltimore…
-
US authorities charge 16 in operation to disrupt DanaBot malware
Authorities said malware linked to Russia-based cybercrime group infected more than 300,000 computers around the world with the malicious code. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/us-authorities-disrupt-danabot-malware/748991/
-
Velvet Chollima APTHackers Target Government Officials Using Weaponized PDFs
The DPRK-linked Velvet Chollima Advanced Persistent Threat (APT) group has launched a sophisticated cyberattack campaign targeting South Korean government officials, as well as NGOs, government agencies, and media organizations across North America, South America, Europe, and East Asia. Initiated in January 2025, this attack, detailed by Microsoft’s Threat Intelligence team and reported by Bleeping Computer,…
-
Leader of Qakbot cybercrime network indicted in U.S. crackdown
The U.S. indicted Russian Rustam Gallyamov for leading the Qakbot botnet, which infected 700K+ devices and was used in ransomware attacks. The U.S. authorities have indicted Russian national Rustam Gallyamov, the leader of the Qakbot operation, which infected over 700,000 computers and facilitated ransomware attacks. Qakbot, also known as QBot, QuackBot and Pinkslipbot, is an…
-
TikTok videos + ClickFix tactic = Malware infection
Malware peddlers are using TikTok videos and the ClickFix tactic to trick users into installing infostealer malware on their computers, Trend Micro researchers have warned. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/23/tiktok-videos-clickfix-tactic-infostealer-malware-infection/
-
Suspected creeps behind DanaBot malware that hit 300K+ computers revealed
And the associated fraud’n’spy botnet is about to be shut down First seen on theregister.com Jump to article: www.theregister.com/2025/05/23/300000_machine_danabot_endgame/
-
US Takes Down DanaBot Malware, Indicts Developers
DanaBot Used to Steal and to Spy. A top figure in the Russian cybercrime gang behind DanaBot infected his own computer with the malware, allowing an FBI agent to search an image of his system, U.S. federal prosecutors disclosed Thursday in indictments and an announced disruption of the malware’s infrastructure. First seen on govinfosecurity.com Jump…
-
Russian APT28 compromised Western logistics and IT firms to track aid to Ukraine
Tags: access, advisory, api, authentication, cctv, cloud, computer, container, credentials, cve, cybersecurity, data, detection, email, exploit, flaw, government, hacker, identity, infrastructure, Internet, login, malicious, malware, mfa, military, network, ntlm, office, open-source, password, phishing, powershell, russia, service, software, threat, tool, ukraine, vulnerabilityCredential guessing and spearphishing: The attackers used brute-force credential guessing techniques, also known as password spraying, to gain initial access to accounts. This was complemented with targeted phishing emails that directed recipients to fake login pages for government entities or Western cloud email providers. These phishing pages were stored on free web hosting services or…
-
Feds finger Russian ‘behind Qakbot malware’ that hit 700K computers
Agents thought they shut this all down in 2023, but the duck quacked again First seen on theregister.com Jump to article: www.theregister.com/2025/05/22/qakbot_criminal_mastermind_charged/
-
Feds finger Russian behind Qakbot malware that hit 700,000 computers
The FBI thought they shut this all down in 2023, but the duck quacked again First seen on theregister.com Jump to article: www.theregister.com/2025/05/22/qakbot_criminal_mastermind_charged/
-
US indicts leader of Qakbot botnet linked to ransomware attacks
The U.S. government has indicted Russian national Rustam Rafailevich Gallyamov, the leader of the Qakbot botnet malware operation that compromised over 700,000 computers and enabled ransomware attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-indicts-leader-of-qakbot-botnet-linked-to-ransomware-attacks/
-
How Identity Plays a Part in 5 Stages of a Cyber Attack
Tags: access, attack, authentication, breach, cloud, computer, container, control, credentials, cyber, data, data-breach, detection, endpoint, exploit, group, iam, identity, intelligence, malicious, malware, mfa, microsoft, monitoring, password, powershell, ransomware, risk, technology, threat, tool, vulnerabilityWhile credential abuse is a primary initial access vector, identity compromise plays a key role in most stages of a cyber attack. Here’s what you need to know, and how Tenable can help. Identity compromise plays a pivotal role in how attackers move laterally through an organization. Credential abuse is the top initial access vector,…
-
Microsoft Expert Reveals the Hidden Dangers of Bad Code on Your PC’s Performance
Microsoft support engineer has identified a subtle but significant memory leak in .NET applications that can gradually consume system resources until computers slow to a crawl or crash completely. The issue, which primarily affects Windows systems running .NET applications, stems from a seemingly innocent configuration parameter that developers might inadvertently misuse. This technical revelation sheds…
-
BadSuccessor: Unpatched Microsoft Active Directory attack enables domain takeover
Tags: access, attack, authentication, computer, container, control, credentials, group, microsoft, network, password, powershell, service, updatemsDS-DelegatedMSAState, which indicates whether the migration process is unknown, in progress, or completed; msDS-ManagedAccountPrecededByLink, which indicates the superseded account; and msDS-GroupMSAMembership, which indicates which principals (users, groups, and computers) can authenticate as the account.Once migration to a dMSA account is complete, any machine that authenticates as the superseded service account will receive from Domain Controller…
-
Upgrade to Microsoft Windows 11 Home for Just $15
You can now upgrade up to five computers to Microsoft Windows 11 Home for one low price and get a new sleek interface, advanced tools and enhanced security. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/microsoft-windows-11-home/
-
Judge Lets Delta Lawsuit Over CrowdStrike Outage Proceed
Georgia Court Allows Claims of Fraud, Trespass Over Falcon Software Update. Delta can proceed with its lawsuit against CrowdStrike over a July 2024 update that allegedly bypassed Microsoft safeguards and crashed thousands of systems. The judge found that Delta sufficiently alleged fraud, computer trespass and gross negligence, allowing key claims to move forward. First seen…
-
Peter Green Chilled Cyberattack Disrupts Supermarket Supply Chain Across the UK
The logistics firm Peter Green Chilled, a key supplier to major UK supermarkets including Tesco, Sainsbury’s, and Aldi, fell victim to a cyberattack. The company confirmed that its computer systems were compromised in the Peter Green Chilled cyberattack. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/peter-green-chilled-cyberattack/
-
Dutch government passes law to criminalize cyber-espionage
The Netherlands has updated its digital security laws to criminalize cyber-espionage and increase penalties for computer-related offenses. First seen on therecord.media Jump to article: therecord.media/netherlands-law-criminalizes-cyber-espionage
-
Fileless PowerShell Loader Deploys Remcos RAT
Attack Chain Uses LNK Files, MSHTA and Memory Injection. PowerShell is becoming hackers’ new favorite tool since they can load code directly into computer memory and evade traditional file-based detection methods, warn security researchers. A combination of LNK-MSHTA-PowerShell offers a stealthy and effective path to execution. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/fileless-powershell-loader-deploys-remcos-rat-a-28420
-
Cybercriminal Andrei Tarasov Escapes US Extradition, Returns to Russia
Andrei Vladimirovich Tarasov, a 33-year-old Russian cybercrime figure known online as >>Aels,
-
Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks
Researchers at ETH Zürich have discovered yet another security flaw that they say impacts all modern Intel CPUs and causes them to leak sensitive data from memory, showing that the vulnerability known as Spectre continues to haunt computer systems after more than seven years.The vulnerability, referred to as Branch Privilege Injection (BPI), “can be exploited…
-
Windows 10 KB5058379 update triggers BitLocker recovery on some devices
The Windows 10 KB5058379 cumulative update is triggering unexpected BitLocker recovery prompts on some devices afters it’s installed and the computer restarted. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-10-kb5058379-update-triggering-bitlocker-recovery-after-install/
-
Windows 10 KB5058379 update triggering BitLocker Recovery after install
The Windows 10 KB5058379 cumulative update is triggering unexpected BitLocker recovery prompts on some devices afters it’s installed and the computer restarted. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-10-kb5058379-update-triggering-bitlocker-recovery-after-install/
-
Why we must reform the Computer Misuse Act: A cyber pro speaks out
Britain’s outdated hacking laws are leaving the UK’s cyber practitioners hamstrung and afraid. Security professional Simon Whittaker reveals how he nearly ran afoul of the Computer Misuse Act, and why he’s speaking out for reform First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366623789/Why-we-must-reform-the-Computer-Misuse-Act-A-cyber-pro-speaks-out
-
ENISA Launches European Vulnerability Database to Bolster EU Cyber Resilience
The European Union Agency for Cybersecurity (ENISA) has unveiled the European Vulnerability Database (EUVD), a strategic move designed to enhance digital security across the bloc and reduce reliance on U.S.-centric cybersecurity infrastructure. The EUVD, now live for consultation, aggregates vulnerability data from a wide range of sources, including national Computer Security Incident Response Teams (CSIRTs),…
-
Marks & Spencer räumt Datendiebstahl ein
Der britische Retail-Riese Marks & Spencer wurde von Cyberkriminellen heimgesucht und kämpft nun mit den Folgen.Wie Marks & Spencer (M&S) im Rahmen eines “Cyber Incident Update” vom 22. April mitteilte, hat die Unternehmensgruppe mit einem “Cybervorfall” zu kämpfen. Das Einzelhandelsunternehmen gehört zu den größten seiner Art in Großbritannien und betreibt knapp 400 Filialen allein auf…
-
12 AI terms you (and your flirty chatbot) should know by now
1. Artificial general intelligence (AGI) The ultimate manifestation of AI has already played a featured role in dozens of apocalyptic movies. AGI is the point at which machines become capable of original thought and either a) save us from our worst impulses or b) decide they’ve had enough of us puny humans. While some AI…