Security researchers have discovered that the Alpha ransomware payload and modus operandi overlap with the now-defunct NetWalker ransomware operation. NetWalker was a Ransomware-as-a-Service (RaaS) active between October 2019 and January 2021. Law enforcement took down its dark web sites, forcing its operators to go silent. The Alpha ransomware, not to be confused with ALPHV/BlackCat, first appeared in February 2023, but its operators kept a low profile, did not promote on hacker forums, and did not launch many attacks.

A Los Angeles man accused of running a "booter" service that facilitated Distributed Denial-of-Service (DDoS) attacks has been charged in federal court. According to court documents filed recently, Scott Esparza, also known as "Hazard," "co-administrated" the website Astrostress.com. The FBI seized the Astrostress domain in December 2022, along with many other booter services. For a fee, Esparza's service would enable his subscribers to direct floods of Internet traffic to victim computers in order to degrade or disrupt their Internet access.

Twenty-seven percent of countries holding national elections in 2024 face the highest cyber threat levels, with multiple priority adversary groups and many state-backed groups linked to priority adversary countries. The four priority adversary countries, which are Russia, China, Iran, and North Korea, are using cyber interference for disinformation and espionage, as well as to try disrupting actual electoral processes. This article continues to discuss the cyber threats facing 2024 elections.

Ukrainian national Vyacheslav Igorevich Penchukov, one of the heads of the notorious JabberZeus cybercrime gang, has recently pleaded guilty to charges related to his leadership roles in the Zeus and IcedID malware groups.  Penchukov (also known as "tank" and "father") was arrested in Switzerland in October 2022 while traveling to meet his wife in Geneva and extradited to the United States in 2023.

The US government recently neutralized another small office/home office (SOHO) router botnet used by Russian cyberspies in malware campaigns.  According to a notice from the Department of Justice (DoJ), a court-authorized operation disrupted a network of hundreds of Ubiquiti Edge OS routers under the control of the notorious APT28 group.