WeRedEvils announced their intention to target Iranian systems on Telegram, claiming their attack was successful in infiltrating Iran’s computer systems, stealing data, and causing the outage.
The lawsuit alleges that TikTok collected personal information from children under 13 without parental consent, failed to delete children-created accounts, and misled parents about data collection.
Unlike other ransomware groups targeting businesses, Magniber focuses on individuals. Victims report their devices getting infected after running software cracks. Ransom demands start at $1,000 and escalate to $5,000 if not paid within three days.
Federal officials have raised concerns about the software supply chain and memory safety vulnerabilities following a global IT outage caused by a faulty CrowdStrike software update.
Germany has summoned the Chinese ambassador over a cyberattack by a Beijing-backed threat actor on a cartography agency. The attack, aimed at espionage, was carried out at the end of 2021.
The Streamlining Federal Cybersecurity Regulations Act, led by senators Gary Peters and James Lankford, would create an interagency group to synchronize U.S. cyber regulatory regimes and establish a pilot program for testing new frameworks.
Hackers are targeting misconfigured Jupyter Notebooks using a repurposed Minecraft DDoS tool known as mineping. The attack, dubbed Panamorfi, involves utilizing a Java tool to launch a TCP flood DDoS attack against vulnerable Jupyter Notebooks.
This type of attack, known as Bytecode Jiu-Jitsu, takes advantage of the fact that interpreters do not require execution privilege for bytecode, making it difficult for security tools to detect.
Threat actors used StackExchange to promote malicious PyPi packages, including ‘spl-types,’ ‘raydium,’ ‘sol-structs,’ ‘sol-instruct,’ and ‘raydium-sdk,’ which steal data from browsers, messaging apps, and cryptocurrency wallets.
The Plymouth County Retirement Association claims the company misrepresented the effectiveness of its software platform and quality control procedures. The lawsuit alleges that CrowdStrike did not adequately test its software.