Tag: group
-
ADT confirms data breach after ShinyHunters leak threat
Home security giant ADT has confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen data unless a ransom is paid. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/adt-confirms-data-breach-after-shinyhunters-leak-threat/
-
Poor Risk Analysis Cost 4 Firms $1.7 Million in HIPAA Fines
HHS OCR Breach Investigators Again Find All-Too-Common Risk Analysis Failures. Faulty or non-existent security risk analyses cost a medical imaging provider, a women’s healthcare group, a health plan and a third-party insurance administrator a collective $1.7 million in fines after federal regulators concluded they didn’t do enough to prevent ransomware attacks. First seen on govinfosecurity.com…
-
New US House privacy bills raise hard questions about enterprise data collection
Tags: access, ai, awareness, banking, business, cio, ciso, compliance, credentials, data, finance, framework, governance, group, identity, insurance, Internet, jobs, law, privacy, regulation, risk, service, strategy, supply-chainWhere privacy law overlaps with AI governance: The SECURE Data Act does not contain broad, standalone AI governance rules, but it still touches AI in meaningful ways.The bill includes opt-outs for fully automated profiling used for decisions with legal or similarly significant effects. That language can clearly implicate some uses of AI, particularly in hiring,…
-
TDL 020 – Why DNS Is Your First Line of Cyber Defense – Chris Buijs
Tags: access, attack, automation, business, cisco, ciso, cloud, container, corporate, country, cyber, cybersecurity, data, ddos, defense, dns, encryption, endpoint, finance, firewall, group, hacker, ibm, infrastructure, Internet, iot, jobs, malicious, microsoft, network, office, phone, programming, router, saas, service, software, startup, strategy, switch, technology, threat, tool, training, update, usa, vulnerability, zero-trustIn Episode 20 of The Defender’s Log, host David Redekop sits down with Amsterdam-based tech veteran Chris Buijs to discuss the often-overlooked backbone of internet security: DNS (Domain Name System). The “Set-it-and-Forget-it” Trap Buijs, who transitioned from an electrician to a network architect, notes that many organizations treat DNS as a “utility” rather than a…
-
TDL 020 – Why DNS Is Your First Line of Cyber Defense – Chris Buijs
Tags: access, attack, automation, business, cisco, ciso, cloud, container, corporate, country, cyber, cybersecurity, data, ddos, defense, dns, encryption, endpoint, finance, firewall, group, hacker, ibm, infrastructure, Internet, iot, jobs, malicious, microsoft, network, office, phone, programming, router, saas, service, software, startup, strategy, switch, technology, threat, tool, training, update, usa, vulnerability, zero-trustIn Episode 20 of The Defender’s Log, host David Redekop sits down with Amsterdam-based tech veteran Chris Buijs to discuss the often-overlooked backbone of internet security: DNS (Domain Name System). The “Set-it-and-Forget-it” Trap Buijs, who transitioned from an electrician to a network architect, notes that many organizations treat DNS as a “utility” rather than a…
-
New BlackFile extortion group linked to surge of vishing attacks
A new financially motivated hacking group tracked as BlackFile has been linked to a wave of data theft and extortion attacks against retail and hospitality organizations since February 2026. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-blackfile-extortion-gang-targets-retail-and-hospitality-orgs/
-
Signal phishing campaign targets Germany’s Bundestag President Julia Klöckner
Germany’s Bundestag President Klöckner was targeted in a Signal phishing attack via a fake CDU group chat. Germany’s Bundestag President Julia Klöckner has reportedly become the latest European political figure targeted through a Signal-based phishing attack, reported Der Spiegel. The incident is another reminder that even trusted messaging apps can become entry points when attackers…
-
French Police Arrest HexDex Hacker Over Mass Data Theft and Leaks
French police arrest HexDex hacker, a 20-year-old suspect accused of mass data theft and leaks targeting government, sports groups, and firms. First seen on hackread.com Jump to article: hackread.com/french-police-arrest-hexdex-hacker-data-leak-leaks/
-
China-linked threat actors use consumer device botnets to evade detection, warn UK and partners
UK National Cyber Security Centre (NCSC) warns China-linked hackers use hijacked devices as proxy networks to hide activity and evade detection. UK National Cyber Security Centre (NCSC) and global partners warn that China-linked threat actors now rely on large proxy networks built of hacked consumer devices. Groups control routers, cameras, video recorders, and NAS systems…
-
Ransomware Gang Unveils Custom Data-Theft Tool
Ransomware operators introduced a custom-built data exfiltration tool, signaling a notable evolution in attack techniques. Unlike most ransomware groups that rely on publicly available utilities such as Rclone or MegaSync, Trigona affiliates are now using a proprietary tool to steal sensitive data with greater precision and stealth. Trigona, active since late 2022, operates as a…
-
China-Backed Hackers Are Industrializing Botnets
China’s state-backed groups are now using covert networks of compromised devices to execute attacks in a low-cost, low-risk, and deniable way. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/china-hackers-industrializing-botnets
-
Iran-nexus threat groups refine attacks against critical infrastructure
State-sponsored and hacktivist groups have shown greater determination to damage or disable energy, water and other key sectors. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/iran-nexus-threat-groups-refine-attacks-against-critical-infrastructure/818299/
-
China-linked hackers targeted Mongolian government using Slack, Discord for covert communications
The group, which researchers at cybersecurity firm ESET named GopherWhisper, has been active since at least November 2023 and was discovered in January 2025 after investigators found a previously unknown backdoor on the network of a Mongolian government institution. First seen on therecord.media Jump to article: therecord.media/china-linked-hackers-target-mongolian-gov-slack-discord
-
Chinese hackers using compromised networks to spy on Western companies, says Five Eyes
Companies urged to take countermeasures as Chinese hacking groups use networks of infected home and office devices ‘at scale’ to evade security monitoring systems First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366641986/Chinese-hackers-using-compromised-networks-to-spy-on-Western-companies-says-Five-Eyes
-
Chinese hackers using everyday devices to target UK firms, warns cybersecurity agency
Britain’s National Cyber Security Centre says companies must step up vigilance to prevent espionage attacks<ul><li><a href=”https://www.theguardian.com/business/live/2026/apr/23/uk-government-borrowing–oil-100-a-barrel-strait-of-hormuz-deadlock-growth-latest-updates”>Business live latest updates</li></ul>British businesses are being urged to step up their vigilance against a China-linked hacking ploy that uses everyday devices for espionage.The UK’s National Cyber Security Centre (NCSC) and agencies in nine other countries have warned of persistent…
-
New GopherWhisper APT group abuses Outlook, Slack, Discord for comms
A previously undocumented state-backed threat actor named GopherWhisper is using a Go-based custom toolkit and legitimate services like Microsoft 365 Outlook, Slack, and Discord in attacks against government entities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-gopherwhisper-apt-group-abuses-outlook-slack-discord-for-comms/
-
New GopherWhisper APT group abuses Outlook, Slack, Discord for comms
A previously undocumented state-backed threat actor named GopherWhisper is using a Go-based custom toolkit and legitimate services like Microsoft 365 Outlook, Slack, and Discord in attacks against government entities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-gopherwhisper-apt-group-abuses-outlook-slack-discord-for-comms/
-
Outlook Mailboxes Abused to Conceal Linux GoGra Backdoor Traffic
The Harvester APT group has quietly expanded its espionage arsenal with a new Linux variant of its GoGra backdoor, one that cleverly hides its command-and-control (C2) traffic within Microsoft Outlook mailboxes, making it significantly harder to detect with traditional network defenses. Researchers from Symantec and Carbon Black Threat Hunter Team discovered the malware. They linked…
-
Chinese hackers are using everyday devices to hack UK firms, warns watchdog
Britain’s cybersecurity agency says companies must step up vigilance to prevent espionage attacks<ul><li><a href=”https://www.theguardian.com/business/live/2026/apr/23/uk-government-borrowing–oil-100-a-barrel-strait-of-hormuz-deadlock-growth-latest-updates”>Business live latest updates</li></ul>British businesses are being urged to step up their vigilance against a China-linked hacking ploy that uses everyday devices for espionage.The UK’s National Cyber Security Centre (NCSC) and agencies in nine other countries have warned of persistent attempts by…
-
Chinese hackers are using everyday devices to hack UK firms, warns watchdog
Britain’s cybersecurity agency says companies must step up vigilance to prevent espionage attacks<ul><li><a href=”https://www.theguardian.com/business/live/2026/apr/23/uk-government-borrowing–oil-100-a-barrel-strait-of-hormuz-deadlock-growth-latest-updates”>Business live latest updates</li></ul>British businesses are being urged to step up their vigilance against a China-linked hacking ploy that uses everyday devices for espionage.The UK’s National Cyber Security Centre (NCSC) and agencies in nine other countries have warned of persistent attempts by…
-
Unwary Chinese Hackers Hardcoded Credentials into Backdoors
Eset Researchers Discover Trove of Go-Based Malware. Researchers uncovered a Chinese-linked cyberespionage group after attackers left command and control credentials embedded in malware, exposing internal operations, testing environments and thousands of messages tied to campaigns targeting a Mongolia government agency. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/unwary-chinese-hackers-hardcoded-credentials-into-backdoors-a-31487
-
Outlook Mailboxes Used to Conceal Linux GoGra Backdoor Traffic
A newly discovered Linux variant of the GoGra backdoor is being used by the Harvester advanced persistent threat (APT) group to conduct stealthy cyber espionage operations. Harvester, a suspected nation-state-backed group active since at least 2021, is known for targeting South Asia with custom malware and espionage campaigns. The discovery of a Linux version of…
-
China-Linked GopherWhisper Infects 12 Mongolian Government Systems with Go Backdoors
Mongolian governmental institutions have emerged as the target of a previously undocumented China-aligned advanced persistent threat (APT) group tracked as GopherWhisper.”The group wields a wide array of tools mostly written in Go, using injectors and loaders to deploy and execute various backdoors in its arsenal,” Slovakian cybersecurity company ESET said in a report shared with…
-
GopherWhisper APT group hides command and control traffic in Slack and Discord
Attackers continue to lean on everyday collaboration platforms to hide command and control traffic inside normal enterprise noise. A newly identified China-aligned APT group … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/23/gopherwhisper-apt-group/
-
Lazarus Lures Developers With Backdoored Coding Tests
North Korea-linked hackers are using AI-assisted malware and backdoored coding challenges to quietly loot millions in cryptocurrency from Web3 developers. Expel assesses with high confidence that HexagonalRodent is a DPRK state-sponsored subgroup that likely evolved from fraudulent IT worker operations before pivoting fully to malware-driven theft. In just three months, the group exfiltrated data from…
-
Microsoft Graph API misused by new GoGra Linux malware for hidden communication
A new GoGra Linux malware uses Microsoft Graph API and an Outlook inbox to deliver payloads, making it stealthy and hard to detect. A new Linux version of the GoGra backdoor uses Microsoft’s Graph API and an Outlook inbox to deliver malicious payloads stealthily. The malware is linked to the Harvester cyberespionage group, which is…
-
CNAPP ein Kaufratgeber
Tags: access, ai, application-security, attack, authentication, cloud, container, detection, edr, encryption, framework, group, ibm, infrastructure, intelligence, kubernetes, linux, ml, monitoring, network, open-source, risk-management, saas, soar, software, supply-chain, threat, tool, vmwareCloud Security bleibt ein diffiziles Thema und die Tools, mit denen sie sich gewährleisten lässt, werden zunehmend komplexer und schwieriger zu durchschauen auch dank der ungebrochenen Liebe der Branche zu Akronymen. Mit CNAPP kommt nun ein weiteres hinzu. Die Abkürzung steht für Cloud-Native Application Protection Platform und kombiniert die Funktionen von vier separaten Cloud-Security-Werkzeugen: Cloud…