FBI shifting cybercrime focus from arrests, indictments to payment seizures, incident response

Written by Tim Starks Jan 13, 2022 | CYBERSCOOP In 2022, the FBI is looking to approach cybercrime differently. During separate public appearances on Thursday, two FBI officials said the…

NSW government casual recruiter suffers ransomware hit

IT recruitment firm Finite Recruitment has confirmed it experienced a cyber incident in October, which resulted in a “small subset” of the company’s data being downloaded and published on the…

US Senate passes Bill to ban goods produced from Uyghur forced labour

The US Senate on Thursday unanimously passed a Bill banning the import of all goods, including technology, produced in the Chinese region of Xinjiang to penalise the Chinese government for…

New Jersey Cancer Care Providers Settle Data Breach Claim

New Jersey Cancer Care Providers Settle Data Breach Claim A trio of healthcare providers in New Jersey has agreed to pay $425,000 and adopt new security measures to settle a…

‘Tropic Trooper’ Reemerges to Target Transportation Outfits

Analysts warn that the attack group, now known as ‘Earth Centaur,’ is honing its attacks to go after transportation and government agencies. They’ve been an active threat group since 2011,…

‘PseudoManuscrypt’ Mass Spyware Campaign Targets 35K Systems

It’s similar to Lazarus’s Manuscrypt malware, but the new spyware is splattering itself onto government organizations and ICS in a non-Lazarus-like, untargeted wave of attacks. Researchers have tracked new spyware…

60% of UK Workers Have Been Victim of a Cyber-Attack, Yet Awareness Remains Low

60% of UK Workers Have Been Victim of a Cyber-Attack, Yet Awareness Remains Low There is a “dangerous” lack of awareness among UK workers towards cybersecurity, leaving businesses at risk…

Online Shoppers Could Face Eight Million Credential Stuffing Attacks Per Day Over Christmas

Online Shoppers Could Face Eight Million Credential Stuffing Attacks Per Day Over Christmas Online shoppers in the UK will be hit by up to eight million credential stuffing attacks per…

The Log4j Vulnerability Is Now Used by State-Backed Hackers

The vulnerability, officially tagged as CVE-2021-44228 and called Log4Shell or LogJam, is an unauthenticated RCE vulnerability that allows total system takeover on systems running Log4j 2.0-beta9 through 2.14.1. What Happened? Nation-state hackers…

Meta targets user information, database scraping in bug bounty expansion

Meta has announced an expansion to its bug bounty platform to include vulnerabilities that can be abused for data scraping.  On Wednesday, the company – recently rebranded from Facebook –…