A Chinese-speaking hacking group called DragonSpark was seen using Golang source code interpretation to avoid detection while conducting espionage attacks against East Asian companies. SentinelLabs is monitoring the attacks and reports that DragonSpark…

The FBI has confirmed that North Korean threat actors stole $100 million in cryptocurrency assets from the Harmony Horizon Bridge in June 2022. According to the law enforcement agency, the hack was attributed to the Lazarus Group and APT38, the latter of…

Russia has been at war with Ukraine for nearly a year, and while the conflict has moved to the cyber world, many organizations continue to underestimate its intensity. According to an Armis survey of over 6,000 Information Technology (IT) and security…

Grand Theft Auto V (GTA V), a popular video game, has been found to contain a vulnerability that could enable partial Remote Code Execution (RCE). Hackers initially exploited the flaw to get to higher levels in the game and ban other users. However, it…

Detailed tactical plans for upcoming police raids, confidential police reports describing crimes and suspects, and a forensic extraction report describing the contents of a suspect's phone were compromised following a recent hack and defacement of the…

An international task force aimed at combating ransomware, which was unveiled at a White House event in November 2022, has officially begun operations, according to the Australian government. The mission of the International Counter Ransomware Task Force…

Researchers spotted Roaming Mantis threat actors using an updated version of their mobile malware called Wroba to attack Wi-Fi routers and take control of Domain Name System (DNS) settings. In March 2018, Roaming Mantis emerged, hacking routers in Japan…

Security researchers at NCC Group have discovered two new vulnerabilities in the Galaxy App Store application allowing local attackers to install arbitrary applications or execute JavaScript by launching a specific web page.  The first flaw…

A new unit to handle cybersecurity in Mississippi is in place and has its first director.  The Mississippi Department of Public Safety recently said the Mississippi Cyber Unit, a component of the Mississippi Office of Homeland Security, will be the…

In another instance of misconfigured cloud storage, a Swiss hacker discovered a copy of the US Transportation Security Administration's (TSA) "no-fly list" exposed on the Internet. The exposed database was discovered on a server operated by the regional…

Awareness Raising in a Box (AR-in-a-BOX) is a "do-it-yourself" toolkit made available by the European Union Agency for Cybersecurity (ENISA) to help organizations in developing and implementing a tailored security awareness-raising program. The package…

The Zendesk Software-as-a-Service (SaaS) company for Customer Relationship Management (CRM) sent an email to some customers on January 13, revealing that it was breached in October 2022, exposing client account data to a threat actor. The email from…