According to security researchers at Cybereason, almost four in five (78%) organizations who paid a ransom demand were hit by a second ransomware attack, often by the same threat actor.  Of the 78% breached a second time, 36% of perpetrators were the same threat actor, and 42% were a different attacker.  In total, 56% of organizations suffered more than one ransomware attack in the last 24 months.  During the study, the researchers surveyed over 1000 cybersecurity professionals.

According to an analysis of hundreds of cryptocurrency wallets linked to the LockBit ransomware operation, the gang behind it received over $125 million in ransom payments over the past 18 months. After the LockBit takedown in Operation Cronos, the National Crime Agency (NCA) in the UK, with help from the blockchain analysis company Chainalysis, identified over 500 active cryptocurrency addresses. Law enforcement obtained 30,000 Bitcoin addresses that were used to manage the group's profits from ransom payments.

A vulnerability in Apple's popular Shortcuts app enables attackers to access sensitive data across the device without the user's permission. The Shortcuts app, designed for macOS and iOS, aims to automate tasks. According to Bitdefender's analysis, the vulnerability tracked as CVE-2024-23204, allows the creation of a malicious Shortcuts file that can bypass Apple's Transparency, Consent, and Control (TCC) security framework, which is implemented to ensure apps explicitly request permission from the user before accessing specific data or functionalities.

AT&T recently announced Thursday's hourslong outage to its U.S. cellphone network was due to a technical error, not a malicious attack.  The outage knocked out cellphone service for thousands of its users across the U.S. starting early Thursday before it was restored. AT&T blamed the incident on an error in coding without elaborating. National Security Council spokesman John Kirby said the Federal Communications Commission contacted AT&T about the outage, and the Department of Homeland Security and FBI were also looking into it.  

Australian telecommunications provider Tangerine recently announced that the personal information of 230,000 individuals was stolen in a recent cyberattack.  The incident occurred on February 18 but was not discovered until two days later.  The company said that the attackers accessed a legacy customer database containing the information of roughly 230,000 current and former customer accounts.  The compromised personal information includes names, addresses, dates of birth, email addresses, mobile phone numbers, and Tangerine account numbers.

Citrix reports that 42 percent of organizations surveyed in the US are considering or have already moved at least half of their cloud-based workloads back to on-premises infrastructures due to unexpected security issues, high project expectations, and more. According to Information Technology (IT) leaders, the most common reasons for cloud repatriation projects were security concerns, unexpected costs, performance issues, compatibility issues, and service outages.

A team of researchers examined the different approaches to cybersecurity and data protection taken by the EU, the US, and China. In addressing historical data concerns and evolving cyber threats, countries are considering the impact of Large Language Models (LLMs), such as ChatGPT. Cybersecurity and data privacy have emerged as significant concerns, affecting business operations and user safety.

A new paper by National Renewable Energy Laboratory (NREL) researchers, presented at the 2023 IEEE Power and Energy Society's Innovative Smart Grid Technologies conference, emphasizes the importance of solar energy cybersecurity. Securing behind-the-meter Distributed Energy Resources (DERs) is critical as the global energy landscape evolves.

The United States recently announced that it is offering big rewards for information on cybercriminals linked to the recently disrupted LockBit ransomware operation. The UK’s National Crime Agency (NCA) and other law enforcement agencies have seized LockBit domains and servers, causing significant disruption to the cybercrime operation. The NCA has mocked cybercriminals, posting a message in the hijacked LockBit panel informing affiliates that law enforcement may be in touch with them very soon.