31 Jul 2020

China arrests over 100 people suspected of involvement in PlusToken cryptocurrency scam

China has reportedly arrested over 100 individuals under suspicion that they were involved in the PlusToken cryptocurrency fraud ring. The ring was based in South Korea and advertised as a high-yield investment opportunity for traders who dealt with cryptocurrencies. However, the PlusToken initiative actually created a massive Ponzi scheme in

Read More
30 Jul 2020

Hackers Broke Into Real News Sites to Plant Fake Stories

Security firm FireEye released a report on Wednesday detailing the activity of a disinformation group it has dubbed “Ghostwriter.” The group has been creating and disseminating disinformation since at least March 2017. Ghostwriter primarily focuses on undermining NATO and the US troops in Poland and the Baltics. Ghostwriter has posted

Read More
30 Jul 2020

Kaspersky Uncovers New APT “Mercenary” Group

Kaspersky’s security researchers have released information on a new cyber-mercenary group that the firm recently discovered and named “Deceptikons.” Kaspersky states that the advanced persistent threat group has been providing hacking services for hire for almost a decade. According to researchers, the APT group is lacking technically and is not

Read More
30 Jul 2020

North Korean Hackers Sniffing for US Defense Secrets

According to McAfee, North Korea was behind a cyber-espionage campaign that occurred earlier this year and targeted US defense and aerospace firms. McAfee’s Advanced Threat Research group claimed they detected similarities between the recent campaign and previous ones that linked the espionage to Hidden Cobra, a term used to refer

Read More
29 Jul 2020

Promo Data Breach Hits 14.6 Million User Accounts

Earlier this week, an Israeli marketing video firm called Promo announced a major data breach in which 14 million accounts were impacted. The Israeli company revealed in an online notice that customer data was compromised due to a vulnerability in a third-party service. Attackers gained access to sensitive data such

Read More
29 Jul 2020

Lazarus Group Shifts Gears with Custom Ransomware

North Korean advanced persistent threat (APT) group called Lazarus has emerged with new custom ransomware first spotted by Kaspersky in attacks against two organizations in March and April of this year. Researchers who have been observing the group’s actions state that the strain of ransomware utilized in the attacks is

Read More
29 Jul 2020

US provides new expanded set of espionage charges against former Twitter employees

The US government has charged three individuals who formerly worked for Twitter with more offenses, including fraudulently accessing information and acting as illegal agents of a foreign government. The former Twitter employees were originally charged with two different crimes, however, they are now under scrutiny for seven offenses rather than

Read More
28 Jul 2020

A Cyberattack on Garmin Disrupted More Than Workouts

According to researchers, the ransomware attack that hit the navigation and fitness company Garmin didn’t just affect the website and workout services. The ransomware attack took down Garmin Connect, which is the cloud platform utilized by customers to sync user data. Pilots who use Garmin products for positioning, navigation, and

Read More
28 Jul 2020

Cosmetics Giant Avon Leaks 19 Million Records

Researchers have uncovered a misconfigured cloud server operated by cosmetics brand Avon, allowing the public to access more than 19 million records. SafetyDetectives researchers found the Elasticsearch database on an Azure server that contained no password protection or encryption, meaning that anyone who has the server’s IP address could access

Read More
28 Jul 2020

Attackers Exploiting High-Severity Network Security Flaw, Cisco Warns

According to Cisco, a high severity flaw in its network security software is being actively exploited by cybercriminals. Cisco’s software is used by many Fortune 500 companies who are now at risk due to the vulnerability, which can lead to remote unauthenticated access to sensitive data. Patches for the flaw

Read More