Law enforcement agencies worldwide have coordinated to take down one of the world’s largest hacker forums, scoring a victory against cybercrime.
BreachForums, a notorious marketplace for stolen data, was seized by the authorities on Wednesday, according to a message on its website.
Read more in my article on the Tripwire State of Security blog.
Remember when a US mother was accused of distributing explicit deepfake photos and videos to try to get her teenage daughter’s cheerleading rivals kicked off the team? Well, there has been a surprising development. And learn how cybercriminals have been stealing boomers’ one-time-passcodes via a secretive online service.
All this and more is discussed in the latest edition of the award-winning “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Microsoft today released updates to fix more than 60 security holes in Windows computers and supported software, including two “zero-day” vulnerabilities in Windows that are already being exploited in active attacks. There are also important security patches available for macOS and Adobe users, and for the Chrome Web browser, which just patched its own zero-day flaw.
Security agencies in the United States have issued a new warning about the Black Basta ransomware group, in the wake of a high-profile attack against the healthcare giant Ascension.
The cyber attack last week forced the Ascension computer systems offline, and caused some hospital emergency departments to turn away ambulances “in order to ensure emergency cases are triaged immediately.”
Read more in my article on the Exponential-e blog.
A Korean cybersecurity expert has been sentenced to prison for illegally accessing and distributing private photos and videos from vulnerable “wallpad” cameras in 400,000 private households.
Read more in my article on the Hot for Security blog.
Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit’s leader “LockBitSupp” claims the feds named the wrong guy, saying the charges don’t explain how they connected him to Khoroshev. This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years.
Boeing has confirmed that it received a demand for a massive $200 million after a ransomware attack by the notorious LockBit hacking group in October 2023.
The company confirmed its link to the indictment of Dmitry Yuryevich Khoroshev, who was identified this week by the US Department of Justice as the true identity of LockBitSupp, the kingpin of the LockBit gang.
Read more in my article on the Hot for Security blog.
Do you know Dmitry Yuryevich Khoroshev?
If you do, there’s a chance that you might well on the way to receiving a reward of up to $10 million.
Read more in my article on the Exponential-e blog.
The FBI has issued a warning to US retailers about a financially-motivated malicious hacking ring that has been targeting employees with phishing attacks in an attempt to create fraudulent gift cards.
Read more in my article on the Tripwire State of Security blog.
A medical lab that specialises in cancer screenings has admitted to an alarming data breach that left sensitive patient information exposed for years – and accessible by unauthorised parties.
California-based Guardant Health is notifying affected individuals that information related to samples collected in late 2019 and 2020 was “inadvertently” left exposed online to the general public after an employee mistakenly uploaded it.
Read more in my article on the Hot for Security blog.