Lawrence Abrams reports: Hackers breached ESET’s exclusive partner in Israel to send phishing emails to Israeli businesses that pushed data wipers disguised as antivirus software for destructive attacks. A data wiper is malware that intentionally deletes all of the files on a computer and commonly removes or corrupts the partition table to make it harder to…
Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks
Ravie Lakshmanan reports: A nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks targeting Russian businesses and government agencies with ransomware with the twin goals of disrupting business operations and financial gain. “The group under review has a toolkit that includes utilities such as Mimikatz, XenAllPasswordPro, PingCastle, Localtonet, resocks, AnyDesk,…
Sudanese Brothers Arrested in ‘AnonSudan’ Takedown
Brian Krebs reports: The U.S. government on Wednesday announced the arrest and charging of two Sudanese brothers accused of running Anonymous Sudan (a.k.a. AnonSudan), a cybercrime business known for launching powerful distributed denial-of-service (DDoS) attacks against a range of targets, including dozens of hospitals, news websites and cloud providers. The younger brother is facing charges that could land…
FBI Arrests Alabama Man in the January 2024 SEC X Hack that Spiked the Value of Bitcoin
Kelvin Munene Murithi reports: The FBI has arrested Eric Council Jr., 25, of Athens, Alabama, in connection with the January 2024 unauthorized takeover of the U.S. Securities and Exchange Commission’s (SEC) X account, previously known as Twitter. The arrest follows allegations that Council played a key role in a hacking incident that led to a…
Double trouble: DoctorsToYou has not one, but two data security incidents to address
On Wednesday, the RansomHub ransomware group added a listing for DoctorsToYou in New York to their leak site. Their listing included several screencaps that revealed personally identifiable information (PII) and protected health information (PHI). Some of the files specifically showed their name or letterhead. The listing did not indicate how many GB of data RansomHub…
Radiant Capital Halts Lending After $50+ Million Security Breach; Compounded by Ancilia Goof
Coinpaper reports: Radiant Capital paused its lending markets after a cybersecurity breach that resulted in losses of more than $50 million on both the BNB Chain and Arbitrum networks. According to Web3 cybersecurity firm De.Fi Antivirus, the exploit was linked to the “transferFrom” function in Radiant Capital’s smart contracts, which allowed the attacker to drain funds…