The two, Eric Meiggs, 24, of Brockton, and Declan Harrington, 22, of Beverly, employed SIM swapping, computer hacking, and other techniques as part of their nefarious activities, the US Department of Justice says. According to documents presented in court, the two targeted executives of cryptocurrency companies and individuals who had large amounts of cryptocurrency or…

In a data breach notification published on its website, Keystone is disclosing a cybersecurity incident identified on August 19 and which has resulted in the disruption of some systems. The healthcare provider says it immediately launched an investigation into the incident, which discovered that certain patient information might have been compromised. “Our investigation found that…

Initially observed last week, the activity surrounding the new malware family, which labels itself Prestige, does not appear to be connected with any of the ransomware or threat groups that Microsoft currently tracks, and is currently referred to as DEV-0960. However, the tech giant warns of potential overlaps with previously observed Russian state-sponsored activity through…

Woolworths acquired 80% of the MyDeal online marketplace in September, but says MyDeal systems are completely separate from its own systems, which have not been impacted by the incident. According to the company, a threat actor leveraged a user’s compromised credentials to access the MyDeal customer relationship management (CRM) system. This gave the attacker access…

Polonium was initially detailed by Microsoft in June 2022, but evidence suggests that the group has been active since at least September 2021, mainly focusing on cyberespionage. Operating out of Lebanon, the APT is believed to be working with threat actors affiliated with Iran in the targeting of more than 20 communications, engineering, insurance, information…

Also known as Qakbot and Pinkslipbot, QBot is an information stealer with backdoor and self-spreading capabilities that has been around since 2009 and which is often used as the initial infection vector in malicious attacks. Earlier this year, QBot was distributed in attacks exploiting Follina, a Microsoft Support Diagnostic Tool (MSDT) vulnerability tracked as CVE-2022-30190,…

Likely operating out of Brazil, LofyGang appears to be an organized crime group focused on multiple hacking activities, including credit card data theft and Discord premium upgrades, as well as the hacking of games and streaming service accounts. LofyGang has been observed abusing multiple public cloud services for command and control (C&C) purposes, including Discord,…

The information was collected when CISA investigated the hacking of a defense industrial base organization’s enterprise network between November 2021 and January 2022. The investigation, conducted in collaboration with a third-party incident response firm, revealed that multiple threat groups had compromised the victim’s network and some of them had access for at least one year….

The man, Sebastien Vachon-Desjardins, 35, of Gatineau, Quebec, pleaded guilty in June 2022 to participating in the ransomware scheme. Initially spotted in 2019, NetWalker was being offered under the ransomware-as-a-service (RaaS) business model and has been used in attacks against tens of organizations worldwide, including private and public entities, hospitals and emergency services, law enforcement,…