Cyber Security News Today

Watch Dog hacking group launches new Docker cryptocurrency campaign.

Views expressed in this cybersecurity-cyber crime update are those of the reporters and correspondents. 

Content provided by ""


Please click link or scroll down to read your selections.

Thanks for joining us today.

Russ Roberts (machine learning, artificial intelligence, IoT, and information security)

Latest Cybersecurity News And Articles

WatchDog hacking group launches new Docker cryptojacking campaign

?The WatchDog cybercriminal group is conducting a new cryptojacking campaign with advanced techniques for intrusion, worm-like propagation, and evasion of security software.

Clipminer group rakes in $1.7 million in crypto hijacking

The malware, dubbed Trojan.Clipminer, leverages the compute power of compromised systems to mine for cryptocurrency as well as identify crypto-wallet addresses in clipboard text and replace it to redirect transactions.

Chinese LuoYu Hackers Using Man-on-the-Side Attacks to Deploy WinDealer Backdoor

An "extremely sophisticated" Chinese-speaking advanced persistent threat (APT) actor dubbed LuoYu has been observed using a malicious Windows tool called WinDealer that's delivered by means of man-on-the-side attacks.

Ten Eleven Ventures Raises $600M Fund for Cybersecurity Investments

On the heels of similar announcements by YL Ventures and SYN Ventures, Ten Eleven this week announced it had raised $600 million for its third generation fund to invest in the next wave of security companies, from seed to growth stages.

Australian Trading Giant ACY Securities Exposed 60GB of User Data

The data breach happened due to a misconfigured database owned by ACY Securities. The worse part of the data leak is the fact that it contained over 60GB worth of data that was left exposed without any security authentication.

Microsoft disrupts Bohrium hackers’ spear-phishing operation

The Microsoft Digital Crimes Unit (DCU) has disrupted a spear-phishing operation linked to an Iranian threat actor tracked as Bohrium that targeted customers in the U.S., Middle East, and India.

Several Elasticsearch Databases Attacked for Ransom

Several Elasticsearch Databases Attacked for Ransom - Cybersecurity news
Secureworks spotted a new campaign targeting vulnerable Elasticsearch databases to replace their indexes with a ransom note; a total ransom of $280,000 has been demanded. The attackers have used an automated script to parse unprotected databases, wipe out their data, and add the ransom note. Admins ... Read More

Global Law Enforcement Operation Shuts Down FluBot

Global Law Enforcement Operation Shuts Down FluBot - Cybersecurity news
Europol, along with law enforcement agencies from Finland, Austria, Belgium, Ireland, Spain, Sweden, Hungary, the U.S., the Netherlands, and Switzerland, took down FluBot's infrastructure. The Dutch Police claimed to have disconnected 10,000 victims from the FluBot network and stopped over 6.5 mill ... Read More

CISA Warns of Critical Vulnerabilities in Illumina Genetic Analysis Devices

The flaws affect Illumina Local Run Manager (LRM), which is used by sequencing instruments designed for clinical diagnostic use in the sequencing of a person's DNA, testing for various genetic conditions, as well as research.

SideWinder Launched More than 1,000 Attacks in Two Years

SideWinder Launched More than 1,000 Attacks in Two Years - Cybersecurity news
The SideWinder APT has launched more than 1,000 attacks while leveraging over 400 domains and subdomains, with additional stealth mechanisms. The threat group is maintaining a large C2 infrastructure comprising more than 400 domains and subdomains that were used to host malicious payloads and manag ... Read More

Researchers Uncover Malware Controlling Thousands of Sites in Parrot TDS Network

Sucuri, which has been tracking the same campaign since February 2019 under the name "NDSW/NDSX," said that "the malware was one of the top infections" detected in 2021, accounting for more than 61,000 websites.

Chainguard raises $50M Series A for supply chain security

The round was led by Sequoia Capital. Amplify, the Chainsmokers’ Mantis VC, LiveOak Venture Partners, Banana Capital, K5/JPMC, and CISOs from Google and Square, among others, also participated in this round.

GitLab Issues Security Patch for Critical Account Takeover Vulnerability

Also resolved by GitLab in versions 15.0.1, 14.10.4, and 14.9.5 are seven other security vulnerabilities, two of which are rated high, four are rated medium, and one is rated low in severity.

The Underground Company That Hacks iPhones for Ordinary Consumers

An underground group is offering people a way to strip that lock from certain iPhones with its pay-for-hacking service. iOS security experts suspect it is being used to remove protections from stolen iPhones.

Ransomware Gang Now Hacks Corporate Websites to Show Ransom Notes

As part of their attacks, Industrial Spy will breach networks, steal data, and deploy ransomware on devices. The threat actors then threaten to sell the stolen data on their Tor marketplace if a ransom is not paid.

Access Brokers and Ransomware-as-a-Service Gangs Tighten Relationships

Dark web watchers have noted the increasing professionalism of cybercrime groups over the last few years. Criminal groups are well-organized and have just one purpose: streamlining operations to maximize profits.

Scammers Target NFT Discord Channel

Discord a public chat application designed for gamers has grown popular among crypto owners all over the world. Attackers are targeting the Discord servers of several popular nonfungible token (NFT) projects.

Evil Corp Switches to LockBit Ransomware to Evade Sanctions

The Evil Corp cybercrime group has now switched to deploying LockBit ransomware on targets' networks to evade sanctions imposed by the U.S. Treasury Department's Office of Foreign Assets Control (OFAC).

Twice as Many Healthcare Organizations Now Pay Ransom

Global healthcare organizations (HCOs) experienced a 94% year-on-year surge in ransomware attacks last year, with almost twice as many electing to pay their extorters, according to new data from Sophos.

Chinese LuoYu Hackers Deploy Cyberespionage Malware via App Updates

A Chinese-speaking hacking group known as LuoYu is infecting victims WinDealer information stealer malware deployed by switching legitimate app updates with malicious payloads in man-on-the-side attacks.

Logging and Security Analytics Firm Devo Banks New $100 Million Investment

The Series F round was led by Eurazeo, a global investment firm with over $30 billion in assets under management. Existing investors Insight Partners, Georgian, TCV, General Atlantic, Bessemer Venture Partners, and Kibo Ventures also participated.

Exiled Iran Group Claims Tehran Hacking Attack

Iranian state media said earlier that the internal computer system of the municipality of Tehran was targeted in a "deliberate" shutdown Thursday in the latest apparent cyberattack in the country.

Hackers Exploiting Unpatched Critical Atlassian Confluence Zero-Day Vulnerability

Atlassian has warned of a critical unpatched remote code execution vulnerability impacting Confluence Server and Data Center products that it said is being actively exploited in the wild.

China's draft cybersecurity rules pose risks for financial firms, lobby group warns

China's proposed cybersecurity rules for financial firms could pose risks to the operations of western companies by making their data vulnerable to hacking, among other things, a leading lobby group has said in a letter seen by Reuters.

Russia is ‘failing’ in its mission to destabilize Ukraine’s networks after a series of thwarted cyber-attacks

Since even before its invasion of Ukraine began on February 24, 2022, Russia has conducted a series of cyberattacks against both the country’s internet infrastructure and other critical services in an attempt to destabilize Ukraine.


Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.