Tag: group
-
The FCC Has a Fast Lane for Complaints About Trump’s Media Critics
Internal emails obtained by WIRED reveal how a conservative legal group with a direct line into FCC chairman Brendan Carr’s office built the case against Jimmy Kimmel and his employees. First seen on wired.com Jump to article: www.wired.com/story/the-fcc-has-a-fast-lane-for-complaints-about-trumps-media-critics/
-
Hackers Exploit Obsidian Plugin to Deploy Cross-Platform Malware
Hackers are abusing Obsidian’s Shell Commands plugin and shared cloud vaults to deliver a new cross”‘platform malware chain that ends with the PHANTOMPULSE remote access trojan. Attackers pose as a venture capital firm targeting financial and cryptocurrency professionals, first engaging over LinkedIn and then moving conversations to Telegram group chats with multiple fake “partners” to…
-
How AI is transforming threat detection
Tags: ai, attack, automation, best-practice, business, ceo, cisa, cve, cyber, data, detection, email, endpoint, framework, google, governance, group, incident response, intelligence, international, jobs, kev, malware, network, nist, organized, phishing, risk, skills, soc, switch, technology, threat, toolReducing alert fatigue: In alert triage, AI agents are reducing alert fatigue by clustering alert patterns and enabling risk-based prioritization, adds Dipto Chakravarty, chief product and technology officer at Black Duck.For example, natural language processing agents can summarize threat alerts at scale and correlate them with threat intel feeds such as CVE.org and the CISA KEV Catalog,…
-
Rockstar’s GTA Game Hacked, 78.6 Million Records Published Online
Rockstar Games has suffered a significant data breach after the infamous threat group ShinyHunters leaked over 78.6 million internal records on April 14, 2026. The incident did not involve a direct attack on Rockstar’s primary network infrastructure. Instead, the hackers executed a supply-chain attack through a third-party analytics platform, highlighting the escalating risk of integrated…
-
Survey Sees Little Progress Made on Automating Identity Management
A survey of 614 cybersecurity and IT leaders finds 89% of the applications deployed are not centrally managed via a multifactor authentication (MFA) platform. Conducted by the Ponemon Group on behalf of Cerby, a provider of a platform for managing identities, the survey also notes 70% have not configured to provide single sign-on (SSO) capabilities……
-
Hacker group threatens to release Grand Theft Auto VI data in Rockstar Games attack
The group named ShinyHunters have accessed a third party server and have given the company a deadline of 14 April to enter ransom negotiations Rockstar Games, the studio behind Grand Theft Auto, has been the target of a cyberattack for the second time in three years. A hacker group called ShinyHunters said it would release…
-
APT41 Delivers ‘Zero-Detection’ Backdoor to Harvest Cloud Credentials
The prolific China-backed threat group is targeting AWS, Google, Azure, and Alibaba cloud environments and using typosquatting to obscure C2 communication. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/apt41-zero-detection-backdoor-harvest-cloud-credentials
-
APT41 Delivers ‘Zero-Detection’ Backdoor to Harvest Cloud Credentials
The prolific China-backed threat group is targeting AWS, Google, Azure, and Alibaba cloud environments and using typosquatting to obscure C2 communication. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/apt41-zero-detection-backdoor-harvest-cloud-credentials
-
Hackers claim breach of Rockstar Games via cloud analytics platform
The ShinyHunters cybercrime group has claimed responsibility for breaching systems linked to video game developer Rockstar Games, threatening to release stolen data if a ransom is not paid. First seen on therecord.media Jump to article: therecord.media/rockstar-hackers-cyberattack-cloud
-
Rockstar Games receives “pay or leak” warning after cyberattack
Rockstar Games, the developer behind titles such as Grand Theft Auto and Red Dead Redemption, has confirmed a cyberattack claimed by hacking group ShinyHunters, which says it … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/13/rockstar-games-data-breach-shinyhunters/
-
Iran-linked group Handala claims to have breached three major UAE organizations
Iran-linked group Handala claims to have breached three major UAE organizations, Dubai Courts, Dubai Land Department, and Dubai Roads & Transport Authority The group Handala claimed a major cyberattack against the UAE, targeting Dubai Courts Department, Dubai Land Department, and Dubai Roads and Transport Authority. They alleged destroying 6 petabytes of data and stealing 149 TB…
-
RaaS Gang Anubis Claims Signature Healthcare Data Theft
Attackers Allege They Stole 2TBs of Patient Data, But Didn’t Encrypt IT System. Ransomware group Anubis claimed it stole 2 terabytes of patient data in an attack this week on Signature Healthcare. The Massachusetts health system is still diverting ambulance patients from its hospital and using paper charts while it continues to recover. First seen…
-
TDL 019 – The Psychology Behind a Cyber Breach and the Leaders Who Survive It – Nim Nadarajah
Tags: access, ai, apple, automation, breach, business, cctv, ceo, cio, ciso, cloud, computing, conference, control, corporate, crowdstrike, cve, cyber, cyberattack, cybersecurity, data, dns, edr, email, finance, firewall, governance, group, healthcare, incident, incident response, infrastructure, injection, insurance, Internet, jobs, law, LLM, metric, microsoft, msp, network, office, powershell, privacy, programming, psychology, risk, saas, service, siem, soar, soc, software, startup, strategy, supply-chain, switch, technology, threat, tool, training, usa, vulnerability, windows, zero-trustLeading Through the Cyber Abyss In Episode 019 of The Defender’s Log, host David Redekop sits down with Nim Nadarajah, CISO and Managing Partner of Critical Matrix, to explore the evolving landscape of cybersecurity leadership. From the “annual pilgrimage” of RSAC 2026 to the front lines of incident response, the conversation shifts from technical bits…
-
TDL 019 – The Psychology Behind a Cyber Breach and the Leaders Who Survive It – Nim Nadarajah
Tags: access, ai, apple, automation, breach, business, cctv, ceo, cio, ciso, cloud, computing, conference, control, corporate, crowdstrike, cve, cyber, cyberattack, cybersecurity, data, dns, edr, email, finance, firewall, governance, group, healthcare, incident, incident response, infrastructure, injection, insurance, Internet, jobs, law, LLM, metric, microsoft, msp, network, office, powershell, privacy, programming, psychology, risk, saas, service, siem, soar, soc, software, startup, strategy, supply-chain, switch, technology, threat, tool, training, usa, vulnerability, windows, zero-trustLeading Through the Cyber Abyss In Episode 019 of The Defender’s Log, host David Redekop sits down with Nim Nadarajah, CISO and Managing Partner of Critical Matrix, to explore the evolving landscape of cybersecurity leadership. From the “annual pilgrimage” of RSAC 2026 to the front lines of incident response, the conversation shifts from technical bits…
-
Storm-2755 Uses AiTM Hijacking to Divert Employee Salaries
Hackers are abusing adversary-in-the-middle (AiTM) session hijacking to steal employee salaries in a new “payroll pirate” campaign tracked by Microsoft as Storm-2755 and targeting Canadian users. By hijacking live Microsoft 365 sessions, the group redirects payroll deposits to attacker-controlled bank accounts while bypassing multifactor authentication (MFA) and blending in with normal user activity. The group’s…
-
UAT-10362 linked to LucidRook attacks targeting Taiwan-based institutions
LucidRook is Lua malware used in phishing attacks on NGOs and universities in Taiwan, linked to UAT-10362, spread via password-protected emails. LucidRook is a new Lua-based malware used in targeted phishing attacks against NGOs and universities in Taiwan. Cisco Talos links it to a skilled group tracked as UAT-10362. In Oct 2025, attackers used password-protected…
-
Poisoned >>Office 365<< search results lead to stolen paychecks
A financially motivated hacking group is targeting Canadian employees with a sophisticated campaign designed to covertly redirect their salary payments into … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/10/poisoned-office-365-search-results-lead-to-stolen-paychecks/
-
Fake BTS Tour Ticket Scams Target Fans Worldwide
Cybercriminals are exploiting the massive hype around BTS’s return to the global stage by launching a wave of fake ticketing websites targeting fans across multiple countries. The K-pop group recently reunited after nearly four years, during which members completed mandatory military service in South Korea. Their upcoming “ARIRANG” world tour has triggered overwhelming demand and…
-
The cyber winners and losers in Trump’s 2027 budget
Tags: cisa, communications, compliance, corporate, cyber, cybersecurity, defense, government, group, infrastructure, international, network, office, risk, service, strategy, threatFigure 1- Top gainers in Trump’s 2027 budget. Compilation from OMB cross-cut tables. CSOSeveral smaller agencies, including the EPA, Department of Education, Tennessee Valley Authority, Federal Mine Safety and Health Review Commission, and the US Army Corps of Engineers, also stand to post modest gains under the 2027 budget. Losers: DHS, VA, and research programs…
-
What to Know About CyberAv3ngers: The IRGC-Linked Group Targeting Critical Infrastructure
Tags: access, advisory, ai, attack, authentication, automation, backup, cctv, chatgpt, cisa, communications, compliance, control, credentials, crypto, cve, cyber, cybersecurity, data, data-breach, defense, detection, dns, email, exploit, finance, firewall, flaw, government, group, healthcare, infrastructure, intelligence, international, Internet, iot, iran, kev, leak, linux, malicious, malware, mitigation, mitre, monitoring, network, office, openai, password, radius, resilience, risk, router, service, siem, software, strategy, switch, technology, threat, tool, update, vpn, vulnerability, vulnerability-managementAn Iran-affiliated threat group has evolved from defacing water utility displays to deploying custom ICS malware and exploiting Rockwell Automation PLCs across multiple U.S. critical infrastructure sectors. Key takeaways: CyberAv3ngers is a state-directed threat group operating under Iran’s IRGC Cyber-Electronic Command. The U.S. Treasury sanctioned six named officials in February 2024 and the State Department…
-
Russia’s ‘Fancy Bear’ APT Continues Its Global Onslaught
Victims don’t need to match the cybercrime group’s technical sophistication, experts say. But patching and some form of zero trust are now non-negotiable. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/russias-fancy-bear-apt-continues-global-onslaught
-
Cloudflare ‘actively adjusting’ quantum priorities in wake of Google warning
Tags: android, attack, awareness, browser, chrome, ciso, communications, compliance, computer, computing, crypto, cryptography, cybersecurity, data, encryption, google, government, group, Hardware, infrastructure, Internet, ml, mobile, regulation, risk, service, strategy, technology, threat, vulnerabilityNational Institute of Standards and Technology (NIST) has set a 2030 deadline for depreciating legacy encryption algorithms ahead of their planned retirement in 2035.Late last month Google brought forward its own post-quantum cryptography (PQC) deadline a year to 2029 because advances in quantum computers mean that legacy encryption and digital signature systems are at greater…
-
Trump’s Proposed $707 Million CISA Budget Cut a ‘Gift to Nation-State Actors’
The Trump Administration wants to strip $707 million from CISA as it looks to narrow the scope of the security agency, but cybersecurity experts are saying that such cuts are a strategic mistake at a time when threat groups linked to China, Iran, and other nation-states are increasingly targeting U.S. critical infrastructure. First seen on…
-
Middle East HackHire Operation Traced to South Asian Cyber Espionage Group
A spear-phishing campaign which spread across the Middle East between 2023 and 2024 has now been linked to Bitter APT group First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/middle-east-hack-operation-bitter/
-
Google Warns of New Threat Group Targeting BPOs and Helpdesks
Google’s threat intel team warns UNC6783, a new extortion group possibly linked to the “Raccoon” persona, is targeting BPOs and enterprises First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/google-warns-group-targeting-bpos/
-
RoningLoader Campaign Uses DLL Side-Loading, Code Injection to Slip Past Defenses
A sophisticated cyber-espionage group known as DragonBreath (APT-Q-27) has been linked to a new RoningLoader malware campaign that uses advanced evasion techniques such as DLL side-loading and code injection to bypass traditional security defenses. Active since at least 2022, DragonBreath has steadily evolved its capabilities. Earlier campaigns were documented by QianXin and Sophos, but recent…
-
Questions raised about how LinkedIn uses the petabytes of data it collects
CSOonline. “We do disclose that we scan for browser extensions in our privacy policy, in order to detect abuse and provide defense for site stability.” When asked whether it uses that data solely to do those things, LinkedIn did not reply. The key person behind the allegations calls himself Steven Morrell (not his legal name, which…
-
Russia-linked APT28 uses PRISMEX to infiltrate Ukraine and allied infrastructure with advanced tactics
APT28 targets Ukraine and allies with PRISMEX malware, using stealthy techniques for espionage and command-and-control. Russia-linked group APT28 (aka UAC-0001, akaFancy Bear,Pawn Storm,Sofacy Group,Sednit,BlueDelta, andSTRONTIUM) is running a spear-phishing campaign against Ukraine and its allies, deploying a new malware suite called PRISMEX. Active since September 2025, the campaign uses advanced stealth techniques like steganography and…
-
Hackhire group caught targeting Android devices and iCloud backups
Security researchers exposed a spying campaign by a hack-for-hire group that used Android spyware and phishing to steal iCloud credentials and hack victims’ devices. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/08/hack-for-hire-group-caught-targeting-android-devices-and-icloud-backups/