SentinelLabs recently attributed a new string of attacks targeting East Asian organizations to a threat actor referred to as DragonSpark. SentinelLabs stated that the campaign leverages a rare open-source SparkRAT and malware tools to evade detection through source code interpretation techniques. The techniques are based on the Go programming language.

Zendesk, a customer service solutions provider, has suffered from a data breach that occurred due to a SMS phishing attack launched against its employees. At least one employee fell for the phishing attack, enabling the attackers to steal the employee’s credentials. Last week, cryptocurrency trading and portfolio management company Coinigy

The US Government Accountability Office (GAO) released a report last Thursday highlighting federal agencies’ failure to implement cybersecurity recommendations. The GAO found that 60% of the cybersecurity recommendations made by the office since 2010 have not been implemented. The GAO stated that the failure to follow the recommendations results in

The FBI has announced that it confirmed a link between North Korean hackers and the $100 million Horizon Bridge Heist that occurred in June 2022. Horizon bridge is a platform designed to enable cryptocurrency holders to transfer assets between networks such as the Ethereum Network, Binance Chain, Bitcoin, and Harmony’s

An app operated by India’s Education ministry contained a security lapse that resulted in the exposure of personally identifying information belonging to millions of students and teachers. The information was exposed for over a year, the ministry confirmed. The app in question is the Digital Infrastructure for Knowledge Sharing app,

CircleCI has confirmed that a data breach that impacted the integration and delivery platform was the result of an infostealer deployed to an employee’s laptop. The breach occurred on January 4, 2023 and the company identified the incident after detecting the presence of an unauthorized third party. The information stealer

European law enforcement agencies collaborated to take down a multimillion dollar cryptocurrency fraud group, making multiple arrests last week. The operation was coordinated by Europol and targeted individuals associated with a large scale cryptocurrency investment fraud scheme. Those arrested include 14 individuals in Serbia and one in Germany, as well

According to recent reporting by blockchain analysis company Chainalysis, over $20 billion worth of illegal transactions were conducted using cryptocurrency last year. The record numbers are expected to get even higher as more illicit activity is uncovered by security research teams. Chainalysis works with law enforcement agencies and the government

Russian state-sponsored threat actor Turla has been identified leveraging Andromeda malware to attack Ukrainian organizations. The malware was likely deployed by other hackers through an infected USB drive. Mandiant detailed the attack in a recent report, stating that the attack was conducted in September 2022. Turla has been active since

Aflac and Zurich have confirmed that millions of customers located in Japan were impacted after a third-party contractor used by both of the insurance multi-nationals was breached. Customer details were allegedly put up for sale after the incident. Although the breached supplier has not been named, Japanese media outlets claim