Cybersecurity

A new strain of the HardBit ransomware has emerged in the wild, which contains a protection mechanism in an attempt to prevent analysis from security researchers.

Read more in my article on the Tripwire State of Security blog.

In episode seven of The AI Fix, Alexa goes wild, Mark learns how to hang a towel on a Peloton for only $39.90 a month, Graham puts the news items in the wrong order, and a strawberry uses the internet.

Graham explains to Mark what bats argue about, our hosts ponder whether AI should always write in Comic Sans, and Mark tells Graham why AIs are like dolphins that smoke pufferfish.

All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.

A group of hacktivists claims to have breached the IT systems of Disney, and stolen a gigantic 1.1 terabytes worth of data from the entertainment giant’s internal Slack messaging channels.

The hacking group, which calls itself NullBulge, posted on an underground hacking forum that it had hoped to postpone announcing the breach until it had accessed more information, “but our insider man got cold feet and kicked us out.”

Read more in my article on the Hot for Security blog.

At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven’t set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn’t yet been registered, merely by supplying an email address tied to an existing domain.

AT&T Corp. disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people — nearly all of its customers. AT&T said it delayed disclosing the incident in response to “national security and public safety concerns,” noting that some of the records included data that could be used to determine where a call was made or text message sent. AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed).

Despite first appearing earlier this year, RansomHub is already considered one of the most prolific ransomware groups in existence.

Read more in my article on the Tripwire State of Security blog.

The US Justice Department, working in coordination with Canadian and Dutch authorities, has seized two domain names which it claims were being used by Russian-backed hackers to spread disinformation on social media.

Read more in my article on the Hot for Security blog.

Execs at a health tech startup are sentenced to jail after a massive ad fraud, and a school is shaken after teachers are targeted via TikTok.

All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

The Russia-based cybercrime group dubbed “Fin7,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities. But experts say Fin7 has roared back to life in 2024 — setting up thousands of websites mimicking a range of media and technology companies — with the help of Stark Industries Solutions, a sprawling hosting provider is a persistent source of cyberattacks against enemies of Russia.

Microsoft Corp. today issued software updates to plug 139 security holes in various flavors of Windows and other Microsoft products. Redmond says attackers are already exploiting at least two of the vulnerabilities in active attacks against Windows users.