A new ransomware family called 'White Rabbit' appeared in the wild recently, and according to recent research findings, could be a side-operation of the FIN8 hacking group.FIN8 is a financially motivated actor who has been spotted targeting financial organizations for several years, primarily by deploying POS malware that can steal credit card details.A simp

Chronicle’s VirusTotal (VT) is a boon to security researchers and a gift to potential criminals. Apart from virus samples it contains likely millions of user credentials readily available to anyone who knows where and how to look.This is the finding of SafeBreach researchers who wanted to see if VT’s advanced search capabilities could provide a supercharged

A critical vulnerability impacting multiple IDEMIA biometric identification devices can be exploited to unlock doors and turnstiles.Because of this security defect, if the TLS protocol is not activated, an attacker in the network can send specific commands without authentication to open doors or turnstiles directly operated by a vulnerable device.The attacke

Nonprofit organization Goodwill has started notifying users of its ShopGoodwill.com e-commerce platform that their personal information was compromised as a result of a cybersecurity breach.The notice sent out by Goodwill via email was obtained by Australian researcher Troy Hunt, who runs the Have I Been Pwned data breach notification service.The company has

A Moscow court on Saturday remanded eight hackers in custody for two months as Russia cracks down on the REvil cybercrime group at Washington's request. Eight members of the prominent hacking group REvil were ordered by Moscow's Tverskoi district court to remain in custody until mid-March, the court said. They could face up to seven years in prison if conv

Hackers on Friday temporarily shut down dozens of Ukrainian government websites, causing no major damage but adding to simmering tensions while Russia amasses troops on the Ukrainian border. Separately, in a rare gesture to the U.S. at a time of chilly relations, Russia said it had arrested members of a major ransomware gang that targeted U.S. entities.The e

At least 15 websites belonging to various Ukrainian public institutions were compromised, defaced, and subsequently taken offline.This includes the websites of the ministry of foreign affairs, agriculture, education and science, security and defense, and the online portal for the cabinet of ministers.The defacement messages were posted in Ukrainian, Russian,

North Korea-linked hacking group Lazarus stole close to $400 million worth of crypto-assets last year, Chainalysis reports.The most well-known APT operating on behalf of the North Korean government and active for more than a decade, Lazarus is believed to have been involved in multiple high-profile attacks, including the $81 million cyber theft from the cent

The North Korean threat actor group known as 'BlueNoroff' has been spotted targeting cryptocurrency startups with malicious documents and fake MetaMask browser extensions.The motive of this group is purely financial, but its sophistication in carrying out objectives has previously led researchers to conclude that this is a sub-group of the North Ko

Threat actors can take advantage of a weakness that affects Microsoft Defender antivirus on Windows to learn locations excluded from scanning and plant malware there.The issue has persisted for at least eight years, according to some users, and affects Windows 10 21H1 and Windows 10 21H2.Lax permissionsLike any antivirus solution, Microsoft Defender lets use

Dozens of journalists and human rights defenders in El Salvador had their cellphones repeatedly hacked with sophisticated spyware over the past year and a half, an internet watchdog said Wednesday.Reporting on its latest findings about use of the Israeli firm NSO Group’s Pegasus spyware, the University of Toronto’s Citizen Lab said it had identified a Pegasu

US Cyber Command (USCYBERCOM) has officially linked the Iranian-backed MuddyWatter hacking group to Iran's Ministry of Intelligence and Security (MOIS).MOIS is the Iran government's leading intelligence agency, tasked with coordinating the country's intelligence and counterintelligence, as well as covert actions supporting the Islamic regime's goals beyond I

A 32 year-old software engineer has been sentenced to two years and two months in prison for remotely accessing chat logs, photos, videos, and webcams of his female victims. For nine years, between 2010 to 2019, Robert Davies used malware to infiltrate his targets’ devices and access their data without them knowing. In one incident Davies accessed

The OceanLotus group of state-sponsored hackers are now using the web archive file format (.MHT and .MHTML) to deploy backdoors to compromised systems.The goal is to evade detection by antivirus solutions  tools which are more likely to catch commonly abused document formats and stop the victim from opening them on Microsoft Office.Also tracked as APT32

Michael Grime, a British games programmer, has escaped jail after using stolen credentials to access several women’s personal email accounts and social media accounts in order to steal their private and intimate photos. Grime was caught by the National Crime Agency (NCA) as part of an operation involving several agencies and the FBI. The agencies we