Cybersecurity

Gigabyte Motherboard Firmware Exposes Millions of PCs to Potential Cybersecurity Threats

In a potentially damaging cybersecurity revelation, researchers from the cybersecurity company Eclypsium have identified a hidden mechanism in the firmware of motherboards manufactured by Taiwanese company Gigabyte. more

EFF Raises Concerns Over EU’s Proposed Cyber Resilience Act

The Electronic Frontier Foundation (EFF) has voiced concerns about the European Union's proposed Cyber Resilience Act (CRA), saying it could pose significant threats to open-source developers and cybersecurity. more

Meta Lawsuit Leads to Significant Decline in Phishing Domains Tied to Freenom

A lawsuit filed by Meta has led to a significant decrease in phishing websites tied to the domain name registrar Freenom. Cybersecurity expert Brian Krebs in a report on Friday said that Freenom, which provides free domain name registration services, was a favored resource for cybercriminals due to its policy of protecting customer identities. more

Stealth Cyberattacks by China’s Volt Typhoon Threaten U.S. Infrastructure: Microsoft Unmasks Espionage Campaign

Microsoft today disclosed the detection of covert and targeted malicious activity aimed at critical infrastructure organizations in the United States. The attack is orchestrated by a state-sponsored group from China, known as Volt Typhoon, with the suspected objective of disrupting the communication infrastructure between the U.S. and Asia during potential future crises. more

New Research Reveals Over 340 Million Accounts Compromised in the First Four Months of 2023

Recent research conducted by the Independent Advisor reveals that a significant number of accounts, exceeding 340 million, have been compromised due to business data breaches within the first four months of 2023. Notably, Twitter experienced the largest breach this year, impacting approximately 235 million user accounts. more

The Rise of ChatGPT and Its Impact on Cybersecurity

The emergence of ChatGPT, a powerful AI language model developed by OpenAI, has revolutionized the way developers approach coding tasks. With its ability to generate code snippets and even entire software programs, ChatGPT offers convenience and time-saving potential. more

U.S. Targets Russian Mastermind Behind Dominant Ransomware Landscape, Offers $10 Million Reward

The U.S. government has declared criminal charges, economic sanctions, and a $10 million reward for information leading to the arrest of a Russian citizen, Mikhail Matveev. Accused of a series of ransomware attacks, Matveev's alleged operations, known as Babuk, have targeted entities such as the D.C. police, an airline, and other American industries. more

New Google Domains Spark Cybersecurity Concerns: Risks and Reactions to .zip and .mov Top-Level Domains

In a developing cybersecurity concern, IT experts and researchers warn of potential misuse of Google's new .zip and .mov top-level domains (TLDs), which they argue could be exploited for phishing attacks and malware distribution. more

US Justice Department and FBI Dismantle Long-Running Russian State-Sponsored Cyber-Espionage Operation Targeting NATO

The United States Department of Justice has announced that it has neutralized a global network of computers compromised by malware called "Snake," which the U.S. government attributes to a unit within Center 16 of the Federal Security Service of the Russian Federation (FSB). more

FBI Director Warns of Vastly Outnumbered US Cyber Intelligence Staff in Face of Chinese Hackers

The Federal Bureau of Investigation (FBI) is facing a massive cybersecurity challenge as the U.S. is vastly outnumbered by Chinese hackers, according to FBI Director Christopher Wray. In testimony before the House Appropriations Subcommittee on Thursday, Wray urged Congress to provide the FBI with more funds to bolster its cyber intelligence staff. more

Microsoft, Fortra, and Health-ISAC Take Legal Action Against the Abuse of Cobalt Strike to Combat Ransomware Attacks

A group of companies, including Microsoft, have collaborated to launch a major action to disrupt the use of cracked, legacy copies of the security tool Cobalt Strike which cybercriminals have abused to deploy ransomware. more

FBI Takes Down ‘Genesis Market’ Cybercrime Store: Dozens Arrested Worldwide

Today's FBI action against Genesis Market is the latest in a string of coordinated efforts to take down bot shops and other services that enable cybercrime. Earlier this year, the FBI seized Webstresser.org, a DDoS-for-hire service that was thought to be responsible for launching a massive attack against the City of Atlanta in 2018.  more

German Authorities Seize Servers of Cybercriminal DDoS-for-Hire Service FlyHosting

FlyHosting had been open for business since November 2022 and was used for malicious activities such as hosting malware, botnet controllers, and carrying out DDoS attacks. more

India Seeks Alternatives to NSO Group Spyware Amid Global Snooping Scandals

The Indian government is seeking to acquire new spyware in an effort to replace the controversial Pegasus system, which has been blacklisted by the US government. more

‘Vulkan Files’ Leak Reveals Unique Insight Into Russian Cyber-War Plans

According to reports on Thursday, an anonymous person has Leaked confidential documents of NTC Vulkan, a Moscow-based defense contractor. It is believed that the documents are authentic and have been provided by an anonymous source who was greatly disturbed by Russia's attack on Ukraine.  more