Skip to content
Iranian hackers probed election-related websites in 10 states, US officials saySuspected Iranian hackers have probed the election-related websites of 10 states and, in one case, accessed voter registration data, federal personnel told election security officials on Friday. The hackers were conducting broad scanning of state and local websites at the end of September, then attempted to exploit the websites and nab voter data, officials from the FBI…
How cloud transformation helps stop emerging threatsAutomation, agility, efficiency and cost play critical roles in accelerating public sector transformation through the cloud, according to an experienced cybersecurity-focused executive with an eye on the future. They also are provide a smarter, more progressive approach to protecting data, said Rajiv Gupta, a senior vice president in the cloud security business unit at McAfee,…
Health sector mobilizes defenses following Ryuk ransomware warningA day after U.S. federal agencies warned of an “imminent” ransomware threat to hospitals, it’s an all-hands-on deck mentality for a health sector already strained by the coronavirus pandemic. Private threat briefings are being held for hospital executives, federal officials are appealing for more data on the cybercriminals and hospitals are hardening their computer networks.…
Don't let election-themed misinformation fool you. Here's what to watch out for.Whether it’s Russian trolls or verified Twitter accounts spreading disinformation during the current political moment almost is besides the point. Four years after Russian operatives aimed to influence the 2016 election in favor of President Donald Trump by spreading lies on social media, a large range of groups, lawmakers and influential political voices have been…
Wisconsin Republicans say last minute hack cost party $2 million meant to reelect TrumpLess than a week before Election Day in a vital swing state, Wisconsin Republicans said on Thursday that hackers made off with $2.3 million devoted to reelecting President Donald Trump. The Republican Party of Wisconsin said it first detected the attack on Oct. 22, then notified the FBI the following day about doctored invoices in…
Why the extortion of Vastaamo matters far beyond Finland — and how cyber pros are respondingEven for veterans of cybercriminal investigations, the recent extortion of a psychotherapy practice in Finland has been unusual — and disturbing. Rather than sticking only to the common tactic of trying to shake down a breached organization, the attackers who stole tens of thousands of patient records from Vastaamo also demanded ransoms from individual people. In doing so, the…
European ransomware group strikes US hospital networks, analysts warnAn Eastern European cybercriminal group has conducted ransomware attacks at multiple U.S. hospitals in recent days in some of the most disruptive cyber-activity in the sector during the coronavirus pandemic, cybersecurity company FireEye said Wednesday. The group, which FireEye calls UNC1878, has been deploying Ryuk ransomware and taking multiple hospital IT networks offline, said Charles…
Why, and how, Turla spies keep returning to European government networksTurla, a group of suspected Russian hackers known for pinpoint espionage operations, has used updated tools to breach the computer network of an unnamed European government organization, according to new research. The research from consulting giant Accenture shows how, despite a large body of public data on Turla techniques, and a warning from Estonian authorities linking…
Monero scam was at the center of Trump campaign website defacementThe brief defacement of President Trump’s campaign website Tuesday night serves as another reminder that when cybercriminals want to cast a wide net for a scam, U.S. politics present plenty of opportunities — especially in the final days of a highly fraught election season. The front page of the site was replaced with a message claiming that hackers had compromised…
Munich Security Conference attendees targeted with Iran-linked spearphishing, Microsoft saysIranian government-linked hackers have been sending spearphishing emails to large swaths of high-profile potential attendees of the upcoming Munich Security Conference as well as the Think 20 Summit in Saudi Arabia, according to Microsoft research. The Iranian attackers, known as Phosphorous, have disguised themselves as conference organizers and have sent fake invitations containing PDF documents…
CISA chief rips IG report, touts election security effortsThe head of the U.S. Cybersecurity and Infrastructure Security Agency has slammed a new inspector general report criticizing some of the agency’s election security work, calling the investigation “poorly timed” and its conclusions misleading. The Department of Homeland Security’s inspector general credited CISA for making progress in helping election officials mitigate cyberthreats, but also concluded…
FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. HospitalsOn Monday, Oct. 27, KrebsOnSecurity began following up on a tip from a reliable source that an aggressive Russian cybercriminal gang known for deploying ransomware was preparing to disrupt information technology systems at hundreds of hospitals, clinics and medical care facilities across the United States. Today, officials from the FBI and the U.S. Department of…
Security Blueprints of Many Companies Leaked in Hack of Swedish Firm GunneboIn March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of…
WordPress Patches 3-Year-Old High-Severity RCE BugIn all, WordPress patched 10 security bugs as part of the release of version 5.5.2 of its web publishing software.
Firestarter Android Malware Abuses Google Firebase Cloud MessagingThe DoNot APT threat group is leveraging the legitimate Google Firebase Cloud Messaging server as a command-and-control (C2) communication mechanism.
Wisc. GOP’s $2.3M MAGA Hat Debacle Showcases Fraud ConcernsScammers bilked Wisconsin Republicans out of $2.3 million in a basic BEC scam — and anyone working on the upcoming election needs to pay attention. 
Halloween News Wrap: The Election, Hospital Deaths and Other Scary Cyberattack StoriesThreatpost breaks down the scariest stories of the week ended Oct. 30 haunting the security industry -- including bugs that just won't die.
Wroba Mobile Banking Trojan Spreads to the U.S. via TextsThe Roaming Mantis group is targeting the States with a malware that can steal information, harvest financial data and send texts to self-propagate.
Microsoft Warns Threat Actors Continue to Exploit Zerologon BugTech giant and feds this week renewed their urge to organizations to update Active Directory domain controllers.
NVIDIA Patches Critical Bug in High-Performance ServersNVIDIA said a high-severity information-disclosure bug impacting its DGX A100 server line wouldn't be patched until early 2021.
Kegtap, Singlemalt, Winekey Malware Serve Up Ransomware to HospitalsAmid an uptick in attacks on healthcare orgs, malware families, Kegtap, Singlemalt and Winekey are being used to deliver the Ryuk ransomware to already strained systems.
University Email Hijacking Attacks Push Phishing, MalwareAttackers are compromising email accounts from popular universities, including Purdue and Oxford, to launch attacks that get around DMARC and SPF.
REvil Gang Promises a Big Video-Game Hit; Claims Massive RevenueIn a wide-ranging interview, a REvil leader said the gang is earning $100 million per year, and provided insights into the life of a cybercriminal.
Home Depot Confirms Data Breach in Order Confirmation SNAFUHundreds of emailed order confirmations for random strangers were sent to Canadian customers, each containing personal information.
Oracle WebLogic Server RCE Flaw Under Active AttackThe flaw in the console component of the WebLogic Server, CVE-2020-14882, is under active attack, researchers warn.
Bug-Bounty Awards Spike 26% in 2020The most-rewarded flaw is XSS, which is among those that are relatively cheap for organizations to identify.
Xfinity, McAfee Brands Abused by Parked Domains in Active CampaignsMalicious redirection websites are using typosquatting and impersonation to attack unwary visitors.
2 More Hospitals Hit by Growing Wave of Ransomware Attacks, As Feds Issue WarningHospitals in New York and Oregon were targeted on Tuesday by threat actors who crippled systems and forced ambulances with sick patients to be rerouted, in some cases.
Microsoft’s SMBGhost Flaw Still Haunts 108K Windows SystemsWhile Microsoft patched the bug known as CVE-2020-0796 back in March, more than one 100,000 Windows systems are still vulnerable.
‘Copyright Violation’ Notices Lead to Facebook 2FA BypassFraudulent Facebook messages allege copyright infringement and threaten to take down pages, unless users enter logins, passwords and 2FA codes.
How the Pandemic is Reshaping the Bug-Bounty LandscapeBugcrowd Founder Casey Ellis talks about COVID-19's impact on bug bounty hunters, bug bounty program adoption and more.
Russian Espionage Group Updates Custom Malware SuiteTurla has outfitted a trio of backdoors with new C2 tricks and increased interop, as seen in an attack on a European government.
Iran-linked APT Targets T20 Summit, Munich Security Conference AttendeesThe Phosphorous APT has launched successful attacks against world leaders who are attending the Munich Security Conference and the Think 20 (T20) Summit in Saudi Arabia, Microsoft warns.
Election Security: How Mobile Devices Are Shaping the Way We Work, Play and VoteWith the election just a week away, cybercriminals are ramping up mobile attacks on citizens under the guise of campaign communications.
North Korea-Backed Spy Group Poses as Reporters in Spearphishing Attacks, Feds WarnThe Kimsuky/Hidden Cobra APT is going after the commercial sector, according to CISA.
Experts Weigh in on E-Commerce Security Amid Snowballing ThreatsHow a retail sector reeling from COVID-19 can lock down their online systems to prevent fraud during the upcoming holiday shopping spike.
Trump Campaign Website Defaced by Cryptocurrency ScamHackers claim to have access to classified information linking the president to the origin of the coronavirus and criminal collusion with foreign actors.
Lax Security Exposes Smart-Irrigation Systems to Attack Across the Globe Systems designed by Mottech Water Management were misconfigured and put in place and connected to the internet without password protections.
CreativeMinds WordPress Plugin Curated RSS Aggregator
