Cyber security

Google has announced today that it has disrupted the operations of the Glupteba botnet and has filed a lawsuit against two Russian nationals it believes have created and helped run the malware for the past few years. The company said it removed around 63 million Google Docs files used by the Glupteba gang to distribute […]

Taiwanese hardware vendor QNAP has released a new security advisory today warning users that a new strain of crypto-mining malware is targeting its network-attached storage (NAS) devices. The company did not share any information on how the devices were being compromised but said that once the malware got a foothold on infected systems, it would […]

Microsoft said today that its legal team has successfully obtained a court warrant that allowed it to seize 42 domains used by a Chinese cyber-espionage group in recent operations that targeted organizations in the US and 28 other countries. Tracked by Microsoft as Nickel, but also known under other names such as APT15, Mirage, or Vixen […]

Russia could opt to launch a sweeping cyber and disinformation campaign against Ukraine and its government rather than a traditional military invasion of the country, a senior Biden administration said on Monday. “Could the Russian government choose a different course here, one in which they rely more heavily on information operations, cyber and destabilization activities […]

Threat actors have abused a legitimate feature of the Google Tag Manager service to secretly add and deploy malicious JavaScript code to more than 300 e-commerce stores since March this year. The malicious code—called a “web skimmer” or “Magecart script”—was used to collect the payment card details of online shoppers, data that was later offered […]

Cryptocurrency exchange BitMart said on Saturday that it was hacked for $150 million in what was the third hack of a cryptocurrency exchange of last week and the second-largest crypto-heist of the year. The hack took place on Saturday morning, according to a statement released by the company and tweets from its CEO. “We have identified a […]

Zoho urged customers on Friday to update their ManageEngine servers and apply a software fix that patches a zero-day vulnerability that is currently being exploited in the wild. Tracked as CVE-2021-44515, the vulnerability impacts Zoho ManageEngine Desktop Central, an endpoint management solution that companies use to manage their workers’ devices. In a security advisory, the company said it […]

In a dramatic move, China’s answer to Uber, Didi Chuxing, said on Friday that it will delist from the New York Stock Exchange and seek an alternate listing in Hong Kong. The decision comes just six months after it raised $4.4 billion in what was seen as a blockbuster U.S. initial public offering in June. […]

The US Federal Bureau of Investigations said today that the operators of the Cuba ransomware have earned at least $43.9 million from ransom payments following attacks carried out this year. In a flash alert sent out on Friday, the Bureau said the Cuba gang has “compromised at least 49 entities in five critical infrastructure sectors, including […]

The German cybersecurity authority has told German organizations to expect ransomware and other cyber-attacks over the Christmas and end-of-year holidays, citing the return of the Emotet botnet and the large number of Microsoft Exchange email servers that have been left unpatched. The Emotet gang, which began rebuilding its botnet two weeks ago, has often rented access […]