The US sanctions a China-based cybersecurity company involved in the Salt Typhoon hacks and a Shanghai-based hacker involved in the recent US Treasury breach
Treasury's OFAC is sanctioning Yin Kecheng, a Shanghai-based cyber actor who was involved with the recent Department of the Treasury network compromise. … X: Nicole Perlroth / @nic...
Palo Alto Networks says it has observed exploitation of two zero-days in its PAN-OS firewall OS; researchers say hackers have compromised 2,000+ firewalls
Malicious hackers have compromised potentially thousands of organizations by exploiting two new zero-day vulnerabilities found …
As the US and allies try to sanction Evil Corp., the UK NCA says the ransomware gang conducted cyberattacks and espionage ops on NATO allies on Kremlin orders
- Evil Corp. cybercrime crew conducted espionage on NATO members — UK, US and Australia issued sanctions against alleged hackers
The FBI and US DOJ disrupt Volt Typhoon, a uniquely dangerous Chinese hacking operation to hijack hundreds of Cisco and Netgear routers at end-of-life status
How Microsoft's 10-year-old Digital Crime Unit uses unique legal tactics and the company's technical reach to disrupt global cybercrime and state-backed actors
Ten years in, Microsoft's DCU has honed its strategy of using both unique legal tactics and the company's technical reach …
Microsoft seizes US-based infrastructure and websites used by cybercrime group Storm-1152 that created ~750M fraudulent Microsoft accounts, after a court order
Denver-based healthcare software provider Welltok reports a July 2023 data breach exposed ~8.5M US patients' data, making it the second largest MOVEit breach
https://www.bleepingcomputer.com/ ... X: Carly Page / @carlypage_ : New: Hackers accessed the sensitive health information of more than 8 million Welltok patients. This makes the i...
Denver-based healthcare software provider Welltok reports a July 2023 data breach exposed ~8.5M US patients' data, making it the second largest MOVEit breach
Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S …
Filing: Progress Software says the US SEC opened an investigation into the MOVEit hack that has cost the company $1M and exposed 64M+ people's personal data
Note 15: Cyber Related Matters November 2022 Cyber Incident Following the detection … Cynthia Brumfield / Metacurity : SEC Launches Probe into Progress Software's MOVEit Vulnerabil...
Filing: Caesars confirms the casino operator was hacked via a social engineering attack on an outsourced IT support vendor; sources: Caesars paid a ~$15M ransom
CURRENT REPORT Pursuant to Section 13 or 15(d) of the Securities Exchange Act … Thomas Barrabi / New York Post : Caesars Entertainment paid about $15M to hackers who stole customer...
MGM was likely hacked by Scattered Spider, an English-speaking group that previously used help desk calls to get passwords and planned to hack the slot machines
Person claiming to represent cybercriminals explains techniques used to evade detection by casino resort company
Halcyon: Cloudzy, a Wyoming-registered web hosting company likely operating out of Tehran, is acting as a command-and-control provider for state-backed hackers
A little-known cloud company provided web hosting and internet services to more than two dozen different state-sponsored hacking groups …
One of the Western Digital hackers claims they stole ~10TB of data, including customer information, and says they are asking for a ransom of “minimum 8 figures”
Lorenzo Franceschi-Bicchierai / TechCrunch :
After the Russia-linked Clop ransomware gang claimed to hit 130 companies, victims are coming forward, many of which used Fortra's GoAnywhere file transfer tool
After the ALPHV ransomware group claimed to have hit Amazon's Ring, the company says there's no breach evidence but a vendor without customer records was hit
Joseph Cox / VICE :
Community Health Systems, which owns ~80 hospitals in 16 US states, says hackers stole data on up to 1M patients; Russia-linked malware gang Clop takes credit
Carly Page / TechCrunch :
The LockBit ransomware gang claims responsibility for an attack on the UK's Royal Mail that halted international shipping, contradicting an earlier statement
The LockBit ransomware operation has claimed the cyberattack on UK's leading mail delivery service Royal Mail that forced the company …
The LockBit ransomware gang claims responsibility for an attack on the UK's Royal Mail that halted international shipping, contradicting an earlier statement
The LockBit ransomware operation has claimed the cyberattack on UK's leading mail delivery service Royal Mail that forced the company …
LastPass parent GoTo confirms hackers stole encrypted backups, an encryption key for some data, billing info, and more, in a breach first disclosed last year
GoTo (formerly LogMeIn) is warning customers that threat actors who breached its development environment in November 2022 stole …
Signal says attackers accessed the phone numbers and SMS verification codes for around 1,900 users as part of the recent Twilio breach
just reasons I don't understand. Can somebody explain those reasons to me? https://twitter.com/... Joseph Menn / @josephmenn : Every time there is a high-end attack on a critical e...