Federal law enforcement officials arrested a Russian national in Arizona on charges related to his participation in multiple LockBit ransomware attacks against victims in the U.S., Asia, Europe and Africa, the Department of Justice said Thursday.

The cyberespionage activities consist of spear-phishing campaigns that are designed to entice victims into opening booby-trapped attachments, which ultimately lead to the deployment of stealers such as Giddome, Pterodo, GammaLoad, and GammaSteel.

The threat actors behind the Vidar malware have made changes to their backend infrastructure, indicating attempts to retool and conceal their online trail in response to public disclosures about their modus operandi.

The Swedish Authority for Privacy Protection, or IMY, on Tuesday, imposed a fine of 58 million Swedish kroner (~$5.4 million) in a statement saying Spotify should be more specific about how and for which purposes it collects individuals’ data.

A phishing operation was discovered impersonating WannaCry ransomware (WannaCry 3.0) and targeting Russian-speaking gamers. The phishing page mimics the official Enlisted Game website to spread infection. The ransomware is in fact a customized edition of an open-source ransomware tool called Crypter. This variant was specifically developed for Windows systems and was written in Python.

HP’s analysts report that in the campaign that started in March 2023, ChromeLoader is distributed via a network of malicious websites that promise free downloads of copyrighted music, movies, or video games.

The tension between difficult economic conditions and the pace of technology innovation, including the evolution of AI, is influencing the growth of identity-led cybersecurity exposure, according to CyberArk.

The ransomware bundled with the game installer pretends to be the third major version of the notorious WannaCry, even using the ‘.wncry’ file extension on encrypted files.

The seed funding was led by global cybersecurity specialist investor Ten Eleven Ventures. “Our unique ability lies in knowing the attacker’s TTPs – what they are doing to prepare for an attack or campaign,” said Ken Bagnall, CEO of Silent Push.

The flaws, which exploited a weakness in the postMessage iframe, could have exposed Azure users to potential security breaches. The vulnerabilities were found in Azure Bastion and Azure Container Registry.