Researchers at Microsoft have identified a North Korean threat group carrying out espionage and financial cyberattacks concurrently, using a grab bag of different attack techniques against aerospace, education, and software organizations and developers. In the beginning, Microsoft explained in a blog post, Moonstone Sleet heavily overlapped with the known DPRK advanced persistent threat (APT) Diamond…

Auction house Christie’s disclosed a data breach after the ransomware group RansomHub threatened to leak stolen data. The security breach occurred earlier this month. The website of the auction house was unreachable after the attack. According to BBC, Christie had problems in selling art and other high-value items worth an estimated $840 million due to…

The security researcher Eric Daigle discovered a commercial spyware app, called pcTattletale, on the check-in systems of at least three Wyndham hotels across the US, TechCrunch first reported. Parents often use the app to monitor their children’s online activities or by employers to keep track of employee productivity and internet usage. Daigle discovered the commercial…

ESET researchers discovered two previously unknown backdoors named LunarWeb and LunarMail that were exploited to breach European ministry of foreign affairs. The two backdoors are designed to carry out a long-term compromise in the target network, data exfiltration, and maintaining control over compromised systems. The two backdoors compromised a European ministry of foreign affairs (MFA)…

Security researchers have warned about a new cyberespionage campaign that targets artificial intelligence experts working in private industry, government and academia. The attackers, likely of Chinese origin, are using a remote access trojan (RAT) called SugarGh0st. “The timing of the recent campaign coincides with an 8 May 2024 report from Reuters, revealing that the US…

Over the last decade, social engineering cyberthreats have surged among retailers just as the sector’s reliance on customer data, financial transactions and e-commerce platforms has intensified. Social engineering, in which malicious actors exploit human vulnerabilities to obtain personal or financial information, can pose serious risks to retailers. As a result, chief information security officers and…

Only five months into 2024, and the year has been a busy one for cybersecurity practitioners, with multi-year supply chain attacks, nation-state actors exploiting multiple vulnerabilities in network gateways and edge devices, and multiple ransomware incidents against large healthcare entities. What’s ahead for the rest of year? At last week’s RSA Conference, Ed Skoudis, the…

Roku announced that 576,000 accounts were hacked in new credential stuffing attacks, threat actors used credentials stolen from third-party platforms. “Credential stuffing is a type of attack in which hackers use automation and lists of compromised usernames and passwords to defeat authentication and authorization mechanisms, with the end goal of account takeover (ATO) and/or data…