Mixin, a Hong Kong-based cryptocurrency company, has disclosed that hackers stole about $200 million worth of its assets after attacking its cloud service provider. The company has temporarily suspended deposit and withdrawal services due to the incident. Mixin offers a network for transferring digital currency and similar assets. The company contacted Google and SlowMist, a blockchain security company, to investigate.

A Nigerian national residing in South Africa has recently pleaded guilty in court in the United States to his role in a million-dollar business email compromise (BEC) fraud scheme.  The man, Kosi Goodness Simon-Ebo, 29, was extradited to the US from Canada in April 2023.  According to the Department of Justice (DoJ), Simon-Ebo was involved in a conspiracy to commit BEC fraud and money laundering with total intended losses of close to $7 million.  The actual loss from the scheme, however, was of just over $1 million.  Simon-Ebo admitted in court to gaining unauthorized ac

Tibetan, Uyghur, and Taiwanese individuals and organizations are being targeted by a persistent campaign aimed at stealing sensitive information. According to security researchers at Volexity, the attacker has developed fake Tibetan websites and social media profiles to launch browser-based exploits against targeted users. To help spread their malware, the attacker has formed communities on online platforms such as Telegram, partly by impersonating existing popular communities.

A cyber espionage attack against a government agency in the Middle East involved a novel and sophisticated backdoor malware named Deadglyph. The Deadglyph malware is attributed to the Stealth Falcon Advanced Persistent Threat (APT) group, also known as Project Raven or FruityArmor, a United Arab Emirates (UAE) state-sponsored hacking group. For nearly a decade, the cyber group has been targeting activists, journalists, and dissidents. In a new report released at the LABScon cybersecurity conference, ESET researcher Filip Juracko explains how the new modular malware infects Windows systems.

Although there have been some positive developments, ransomware attacks continue to have a significant impact, according to SpyCloud. Infostealer infections preceded 22 percent of ransomware incidents for North American and European ransomware victim organizations in 2023, with common infostealers such as Raccoon, Vidar, and Redline increasing the likelihood. SpyCloud's analysis reveals that Raccoon infostealer malware was involved in 76 percent of infections preceding ransomware attacks.

In an effort to bolster voting security ahead of the next US Presidential Election, election machine manufacturers are allowing hackers access to their systems. The Election Security Research Forum featured organized penetration testing and bug research for digital scanners, ballot marking devices, and electronic pollbooks, emphasizing the technology that voters may encounter at the polls. The forum also allowed security researchers to interact with system vendors.

The US Cybersecurity and Infrastructure Security Agency (CISA) has published new micro-challenges that are now part of the Cyber Careers Pathway Tool. This interactive tool allows users to explore the 52 work roles in the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework. CISA's micro-challenges provide an opportunity for K-12 students and individuals looking to reskill or transition from a non-cyber career to gain further insight into the knowledge, skills, and tasks performed in the top cybersecurity workforce roles.

The National Student Clearinghouse, an educational nonprofit that provides reporting, verification, and research services to colleges and universities in North America, has recently revealed that nearly 900 schools are impacted by the MOVEit hack.  The National Student Clearinghouse in late August informed Maine’s attorney general that more than 51,000 individuals were affected by the incident.

The City of Dallas has recently announced that an $8.5 million budget has been approved to support the restoration of its systems following a ransomware attack that happened in May 2023.  The attack was identified on May 3, when the cybercrime gang named Royal started deploying file-encrypting ransomware on multiple systems.  The investigation launched into the matter has revealed that the attackers had access to the city’s network for roughly a month before that.

A team of researchers from the University of Colorado (CU) Boulder is leading a project for 5G wireless security. The National Science Foundation's (NSF) Convergence Accelerator program awarded CU Boulder $5 million for the "GHOST: 5G Hidden Operations through Securing Traffic" project. The work aims to ensure American soldiers, businesses, and non-governmental organizations (NGOs) can use 5G cellular networks in foreign countries without untrusted or potentially malicious network operators being able to extract user information.