Search giant Google agreed to a $93 million settlement with the state of California on Thursday over its location-privacy practices. The settlement follows a $391.5 million settlement with 40 states, reached in November 2022, to resolve an investigation into how the company tracked users’ locations. The states’ investigation was sparked by a 2018 Associated Press […]
The US Department of Defense (DoD) this week published an unclassified summary of its 2023 Cyber Strategy, outlining plans for both offensive and defensive efforts. One key focus of the 2023 Cyber Strategy is the commitment to boost the cyber capabilities of allies and partners, and to increase collective resilience against cyberattacks. This includes augmenting […]
The BlackCat ransomware gang, suspected to be a rebrand of DarkSide/BlackMatter, has been using stolen Microsoft accounts and a new variant of the Sphynx encryptor to target Azure cloud storage.
The U.S. needs a national cybersecurity alert system that would provide actionable information on threats and risks, according to a panel that advises the Cybersecurity and Infrastructure Security Agency (CISA). Without specifying what such a system would look like or how it would behave, the panel found that “there is a genuine need for a […]
A recently introduced Google account sync feature has been blamed by software development firm Retool after sophisticated hackers gained access to its systems and targeted over two dozen of its customers from the cryptocurrency sector. Retool is a San Francisco, California-based company that provides a development platform designed for building custom business tools without the […]
More Russian journalists have come forward this week expressing concern that they too may have been targeted with spyware, following the news that the prominent media figure Galina Timchenko was hacked with Pegasus. On Thursday, three Russian-speaking journalists reported that they have also recently received notifications from Apple warning them that their phones are potential […]
Financially Motivated Hackers Are Diversifying Operations Akshaya Asokan (asokan_akshaya) • September 15, 2023 Image: Shutterstock A financially motivated criminal syndicate that mainly operates in Telegram and underground forums has expanded its criminal arsenals to deploy ransomware and other intrusion capabilities on various cloud applications, warn Mandiant researchers. See Also: Live Webinar | Best […]
Sep 18, 2023THNCyber Attack / Data Breach Software development company Retool has disclosed that the accounts of 27 of its cloud customers were compromised following a targeted and SMS-based social engineering attack. The San Francisco-based firm blamed a Google Account cloud synchronization feature recently introduced in April 2023 for making the breach worse, calling it […]
Sep 18, 2023THNThreat Intelligence / Ransomware The financially motivated threat actor known as UNC3944 is pivoting to ransomware deployment as part of an expansion to its monetization strategies, Mandiant has revealed. “UNC3944 has demonstrated a stronger focus on stealing large amounts of sensitive data for extortion purposes and they appear to understand Western business practices, […]