Despite law enforcement pressure, North Korean hackers continue to evolve and explore alternative money laundering methods, demanding continuous vigilance and innovation from businesses and governments.
While patches have been released for some implementations, several projects using Kyber, including Signal, remain unpatched, and the impact of KyberSlash on users’ communications is still unclear.
Capital Health is now fully operational and working with a forensic investigation firm to assess the risk to patient and employee data. While the firm has not disclosed the hacker group involved, it has been alleged that LockBit ransomware was used.
The group leverages DNS hijacking and exploits known vulnerabilities to establish a foothold in target networks and gather intelligence to meet strategic Turkish interests.
A group known as Anonymous Arabic, with links to Turkey and Syria, is behind a sophisticated remote access Trojan called SilverRAT. They plan to release an updated version that can control compromised Windows systems and Android devices.
Extortionists are resorting to swatting as a new tactic to pressure hospitals into paying ransom demands. Swatting involves making false reports to the police, resulting in heavily armed officers showing up at victims’ homes.
The city of Beckley, West Virginia, is currently grappling with a cyberattack, which has disrupted their computer network and prompted investigations into the incident’s source and impact.
Attackers can exploit these vulnerabilities to execute commands on vulnerable NameServer components of RocketMQ, highlighting the importance of upgrading to version 5.1.2/4.9.7 or above to mitigate the risk.
The cybersecurity firm ClearSky identified the tools used, including the No-Justice wiper and a PowerShell code. The malware had a valid digital signature, making it appear legitimate.
This incident is part of a larger-scale social engineering campaign targeting verified X accounts on Twitter, highlighting the vulnerability of high-profile accounts to cryptocurrency scams and phishing attacks.