Canada’s second-largest telecom is investigating a potential data breach after a threat actor shared samples online of what appears to be employee data. They subsequently posted screenshots that apparently show stolen source code and payroll records.
The number of people who have made the weaponized software available for sharing via torrent suggests that many unsuspecting victims may have downloaded the XMRig coin miner.
The suspect, Dariy Pankov, aka dpxaker, was extradited from Georgia in October 2022 and he appeared before a US judge this week. Pankov has been charged with computer fraud, conspiracy, and access device fraud, and faces up to 47 years in prison.
The infection vector used by Clasiopa is unknown, although there is some evidence to suggest that the attackers gain access through brute force attacks on public-facing servers.
Palo Alto Networks warns attackers are building economies of scale by conducting more efficient operations and complementing their skills with commercially available tools.
Hackers spammed the npm repository with more than 15,000 packages in the hope of distributing phishing links. Hackers created these packages using automated processes, through auto-generated names and project descriptions that closely resembled one another. The bogus modules had names like “free-tiktok-followers,” “free-xbox-codes,” and “instagram-followers-free.”
A mysterious and unidentified group of hackers has sought to paralyze the computer networks of almost 5,000 victims across the US and Europe, in one of the most widespread ransomware attacks on record.
The Asia-Pacific region retained the top spot as the “most attacked” region in 2022 for the second consecutive year, accounting for 31 percent of all cybersecurity incidents remediated worldwide, a new report by IBM X-Force revealed on Wednesday.
Multiple threat actors have been observed opportunistically weaponizing a now-patched critical security vulnerability impacting several Zoho ManageEngine products since January 20, 2023.
The European Union’s executive branch said Thursday that it has temporarily banned TikTok from phones used by employees as a cybersecurity measure, reflecting widening worries from Western officials over the Chinese-owned video sharing app.