Microchip Technology Inc. announced Tuesday that it had been targeted by a cyberattack, prompting the US chipmaker to shut down some systems and reduce its operations. According to a regulatory filing, Microchip, a key supplier to the US defense industry, detected unusual activity in its IT systems on 17 August. By 19 August, Microchip confirmed that certain servers and business operations had been compromised. This breach occurs amid a global race for chip market dominance, driven by national security concerns and efforts to avoid the supply chain disruptions experienced during the pandemic. In a similar incident two months ago, Taiwanese…
ISB Staff Reporter
FlightAware, a provider of real-time flight tracking information, has informed users of a data security incident that may have exposed personal information. The company is taking precautionary measures by requiring all potentially impacted users to reset their passwords. The incident, discovered on 25 July 2024, was caused by a configuration error that may have inadvertently exposed sensitive information stored in users’ FlightAware accounts. This information includes user IDs, passwords, email addresses, and other personal details such as full names, billing and shipping addresses, IP addresses, social media accounts, telephone numbers, year of birth, the last four digits of credit card…
In a joint statement, the Office of the Director of National Intelligence (ODNI), the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA) have warned about heightened Iranian efforts to interfere in the upcoming US elections. The statement highlights Iran’s continued attempts to undermine confidence in American democratic processes and influence the election process. The intelligence community has noted increasingly aggressive activity by Iran, including influence operations targeting the American public and cyber operations directed at Presidential campaigns. Importantly, the agencies attribute recent cyberattacks on former President Donald Trump’s campaign to Iranian operatives, indicating a broader…
The cybersecurity landscape is marked by sophisticated malware strains designed to harvest sensitive data, get a foothold on company networks, and generally wreak havoc. A new report from ReliaQuest examines five malware variants that have recently impacted the threat landscape or may do so in the near future: “LummaC2,” Rust-based stealers, “SocGholish,” “AsyncRAT,” and “Oyster.” ReliaQuest’s Threat Research team analyzed customer incident data, external industry reporting, and cybercriminal forums to identify the most pressing malware threats that warrant proactive responses from customers due to their past use, anticipated future deployment, interest on the dark web, and ability to bypass defenses…
Claims on cyber insurance have dropped by more than a third between 2022 and 2024, despite more organizations than ever having this type of cover. This was revealed in Databarracks’ Data Health Check – an annual survey of 500 UK IT decision-makers. Two-thirds (66%) of those surveyed report having insurance specifically for cyber in 2024, rising from 51% over the past two years. However, as more organisations take out policies, 36% made a claim this year, falling from 58% in 2022. According to Jammes Watts, MD of Databarracks, these findings are likely linked to an increasing number of ransomware recoveries.…
In a year marked by significant shifts in the cybercrime landscape, 2024 is on track to become the highest-grossing year for ransomware, even as overall illicit activity on the blockchain has declined by nearly 20% year-to-date. This trend highlights the growing severity and sophistication of ransomware attacks, which continue to extort larger payments from victims, particularly those in critical infrastructure and large corporations. Ransomware Payments Reach New Heights One of the most alarming developments in 2024 is the record-breaking increase in ransomware payments. This year has already seen the largest single ransomware payment ever recorded, a whopping $75 million made…
Background check provider National Public Data (NPD) has confirmed a data breach after hackers leaked a stolen database containing millions of Social Security numbers and other sensitive information. The compromised data reportedly includes names, email addresses, phone numbers, Social Security numbers (SSNs), and mailing addresses. The breach has been linked to a hacking attempt from late 2023. NPD acknowledged data leaks in April and summer 2024, attributing them to the same threat actor responsible for the December 2023 incident. The company has since investigated the breach, cooperated with law enforcement, and reviewed the affected records. If significant developments arise, impacted…
Sophos researchers have uncovered a new tool, EDRKillShifter, that malicious actors are using to target endpoint detection and response (EDR) systems. The discovery came after an unsuccessful ransomware attack in May. The threat actors deployed the tool to disable endpoint protection software and execute the notorious RansomHub ransomware. The attack failed when Sophos’ protection systems detected and blocked the ransomware. According to Sophos, this tool is a significant evolution in malware that targets EDR systems as more businesses are investing in these technologies to protect themselves from cyber threats. Since 2022, Sophos has seen a rise in malware designed to…
A Moscow-based Russian national, Georgy Kavzharadze, has been sentenced to 40 months in federal prison for selling stolen financial information on the dark web marketplace known as Slilpp. The US Attorney’s Office for the District of Columbia announced that Kavzharadze, 27, was a prolific vendor of login credentials, personal information, and other sensitive information using the alias “TeRorPP.” On 16 February 2024, Kavzharadze pleaded guilty to conspiracy to commit bank and wire fraud. Over and above his prison sentence, he was ordered to pay more than $1.2 million in restitution for damages caused by his criminal activities. Using several online…
Researchers from Kaspersky have detected a series of ongoing targeted cyberattacks on dozens of computers at Russian government entities and IT organizations. The bad actors infected devices via phishing emails with malicious shortcut attachments. These shortcuts were used to deliver malware that received commands via the popular cloud service Dropbox. Malicious actors used this malware to download additional payloads onto infected machines, in particular tools used by the APT31 group and an updated CloudSorcerer backdoor. Kaspersky has named this campaign EastWind. The security giant shared some interesting facts about the implants used in this campaign: Detecting Attacks The implants pinpointed…