“Based on what we see, there is a wide range of cybercriminals admitting they are using Lumma, such as actors involved in credit card fraud, initial access sales, cryptocurrency theft, and more,” Kivilevich says. Among other tools, the Scattered Spider hacking group—which has attacked Caesars Entertainment, MGM Resorts International, and other victims—has been spotted using… Read More »
Login credentials belonging to an employee at both the Cybersecurity and Infrastructure Security Agency and the Department of Government Efficiency have appeared in multiple public leaks from info-stealer malware, a strong indication that devices belonging to him have been hacked in recent years. Kyle Schutt is a 30-something-year-old software engineer who, according to Dropsite News,… Read More »
Getty Images reader comments 22 Federal agencies, health care associations, and security researchers are warning that a ransomware group tracked under the name Black Basta is ravaging critical infrastructure sectors in attacks that have targeted more than 500 organizations in the past two years. One of the latest casualties of the native Russian-speaking group, according… Read More »
Getty Images reader comments 14 A federal Cyber Safety Review Board has issued its report on what led to last summer’s capture of hundreds of thousands of emails by Chinese hackers from cloud customers, including federal agencies. It cites “a cascade of security failures at Microsoft” and finds that “Microsoft’s security culture was inadequate” and… Read More »
Getty Images reader comments 13 Federal civilian agencies have until midnight Saturday morning to sever all network connections to Ivanti VPN software, which is currently under mass exploitation by multiple threat groups. The US Cybersecurity and Infrastructure Security Agency mandated the move on Wednesday after disclosing three critical vulnerabilities in recent weeks. Three weeks ago,… Read More »
Getty Images reader comments 26 with Share this story Multiple threat actors—one working on behalf of a nation-state—gained access to the network of a US federal agency by exploiting a four-year-old vulnerability that remained unpatched, the US government warned. Exploit activities by one group likely began in August 2021 and last August by the other,… Read More »
Getty Images reader comments 51 with 42 posters participating Share this story Russian hackers are targeting hundreds of US hospitals and healthcare providers just as the coronavirus is making a comeback and the US presidential election is in its final stretch, officials from three government agencies and the private sector are warning. The hackers typically… Read More »