Android users are advised to be cautious of applications requesting Accessibility API access, particularly those claiming to be crypto wallets, PDF readers, and video players.
YoMix saw a significant increase in funds in 2023, with about one-third of inflows originating from wallets associated with crypto hacks, demonstrating the adaptability of sophisticated threat actors.
In 2023, around $22bn of cryptocurrency was laundered, marking a 30% decrease from 2022, according to Chainalysis. Nefarious actors adapted their techniques to avoid detection, with a shift towards using new mixers and cross-chain bridges.
The Voltzite threat, a subset of China’s Volt Typhoon APT, has been actively targeting US electric companies and African electric transmission and distribution organizations, with the intent to compromise physical industrial control systems.
Organizations based in the EU are being targeted by spear phishing campaigns leveraging EU political and diplomatic events, according to the bloc’s Computer Emergency Response Team (CERT-EU).
The Washington County Board of Commissioners voted to pay a $350,000 ransom to Russian cybercriminals after a cyberattack shut down county services. The decision was made in an emergency meeting due to the deadline set by the hackers.
The settlement includes options for affected individuals such as identity theft monitoring, reimbursement for losses, or a flat fee cash payment, with attorneys seeking about one-third of the settlement fund in fees.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two Microsoft Windows vulnerabilities to its list of Known Exploited Vulnerabilities. These flaws, CVE-2024-21412 and CVE-2024-21351, are actively being exploited in the wild.
Vyacheslav Igorevich Penchukov, a Ukrainian cybercriminal, pleaded guilty to leading the Zeus and IcedID malware groups, involved in stealing millions of dollars and attacking a major hospital with ransomware.
Russia continues to target Ukraine with cyber operations and espionage to gain an edge in the ongoing ground campaign, focusing on supply chain disruption and information gathering.