06 Dec 2021

US Issues Cybersecurity Directive for Airlines and Railroads

The US has issued a new Transportation Security Administration mandate requiring all railroads and airlines to report cybersecurity breaches to the federal government. Cyber intrusions must be reported to the Cybersecurity and Infrastructure Security Agency (CISA) within 24 hours of detection, according to the mandate. This includes rail operators, airline

Read More
06 Dec 2021

Cuba ransomware group hit 49 critical infrastructure organizations

Last Friday, the FBI released a new notice regarding the Cuba ransomware, stating that a threat group has attacked 49 entities spanning five different critical infrastructure sectors. The FBI also noted that the group has likely made at least $43.9 million in ransom payments. The threat group deploying the Hancitor

Read More
03 Dec 2021

AT&T Takes Steps to Mitigate Botnet Found Inside Its Network

AT&T is currently facing a modular malware called EwDoor on 5,700 VoIP servers that route traffic from enterprise customers to upstream mobile providers. Researchers from NetLab first discovered the botnet attacking Edgewater Networks devices and leveraging a vulnerability in the EdgeMarc Enterprise Session Border Controllers. The flaw is tracked as

Read More
03 Dec 2021

Planned Parenthood Breach Opens Patients to Follow-On Attacks

Planned Parenthood’s Los Angeles division has suffered from a cyberattack, resulting in data theft and patient data compromised. According to Planned Parenthood, attackers accessed information such as addresses, insurance information, dates of birth, and clinical information such as diagnosis, procedures, and prescription information. Data from roughly 400,000 patients was stolen,

Read More
03 Dec 2021

Phishing Scam Targets Military Families

Threat researchers at Lookout are seeking to take down a phishing campaign that has allegedly been targeting members of the US military and their families. The campaign has been operating for a while and impersonates military support organizations and personnel to commit advance fee fraud and steal sensitive personal and

Read More
03 Dec 2021

Twitter removes another 3,000 state-backed accounts linked to six countries

Twitter has reportedly removed roughly 3,465 state-backed accounts from its platform in an effort to limit the influence of information manipulation and disinformation campaigns on the site. Twitter explained that they identified and removed eight different distinct operations that were traced back to China, Mexico, Russia, Tanzania, Uganda, and Venezuela.

Read More
02 Dec 2021

Widespread ‘Smishing’ Campaign Defrauds Iranian Android Users

Attackers are impersonating the Iranian government in the latest SMS malware campaign against Iranian residents. The attackers are using socially engineered messages to compromise devices, seeking bank credentials. The campaign targets Android users by installing bank information-stealing malware that can exfiltrate credit card data and siphon money from financial accounts.

Read More
02 Dec 2021

Stealthy ‘WIRTE’ Gang Targets Middle Eastern Governments

On Monday, Kaspersky released a report detailing its latest findings pertaining to a threat actor tracked as WIRTE. Kaspersky stated that the group has been attacking Middle Eastern governments since at least 2019, leveraging malicious Excel 4.0 macros and other tactics.  Kaspersky found that the group planted Microsoft Excel droppers

Read More
02 Dec 2021

Facebook’s Meta says bad actors are changing tactics as it takes down six more groups

Meta has been working to take down adversarial networks across the world that were operating on Facebook and engaging in behavior such as spreading false information, harassment, and attempting to have legitimate information taken down. Meta stated that the groups violated rules set forth in its Coordinated Inauthentic Behavior policies

Read More
02 Dec 2021

Nearly 10 Million Android Gamers Hit With Malware From Huawei AppGallery

Security researchers at Doctor Web have discovered dozens of malicious games hiding in AppGallery responsible for infecting victims with a new variant of the Cynos malware. Cynos has been affecting Android users for seven years and is concealed in everything from adult content apps to harmless-looking virtual pet games. Doctor

Read More