A Canadian man has been handed a three year prison sentence after being found guilty of buying and selling over 1700 stolen identities on a dark web marketplace. 29-year-old Slava Dmitriev, who went by the online handle of "GoldenAce", bought and sold individuals' personal private information, including social security numbers, on the AlphaBay dark...

To his victims, he was "Tony Eden," a middle-aged white man looking for romance online while working overseas for a drilling company. In reality, he was a school caretaker named Osagie Aigbonohan. Originally from Lagos, Nigeria, he was part of a criminal gang with links to the notorious "Black Axe" group. Southwark Crown Court in London sentenced...

A notorious cybercrime gang, involved in a series of high profile ransomware attacks, has in recent months been sending out poisoned USB devices to US organisations. As The Record reports, the FBI has warned that FIN7 – the well-organised cybercrime group believed to behind the Darkside and BlackMatter ransomware operations - has been mailing...

Security researchers say they have seen a "massive wave" of malicious hackers exploiting the comment feature in Google Docs to spread malicious content into the inboxes of unsuspecting targeted users. According to a blog post published by Avanan, the comments functionality of Google Docs, as well as its fellow Google Workplace web-based...

The United States Department of Homeland Security (DHS) is inviting security researchers to uncover vulnerabilities and hack into its systems, in an attempt to better protect itself from malicious attacks. The DHS says that it is launching the "Hack DHS" bug bounty program to "identify potential cybersecurity vulnerabilities within certain DHS...

Finland's National Cyber Security Centre (NCSC-FI) has issued a warning about malicious SMS messages that have been spammed out to mobile users, directing iPhone owners to phishing sites and Android users to download malware. The messages are written in Finnish but without the customary accented characters. In some instances, the messages pose as a...

Security researchers are warning biomanufacturing facilities around the world that they are being targeted by a sophisticated new strain of malware, known as Tardigrade. The warning comes from the non-profit Bioeconomy Information Sharing and Analysis Center (BIO-ISAC) which revealed that at least two large facilities working on manufacturing bio...

If the UK Government gets its way, IT service vendors and other cloud-based service providers may soon be required to adopt new measures to strengthen their cybersecurity, amid rising concerns about supply chain risks. The Department for Digital, Culture, Media and Sport (DCMS) has floated plans to make mandatory compliance with the National Cyber...

A recently published report from the US Government Accountability Office (GAO) has warned that official security guidance from the Department of Education is out-of-date, and needs to be refreshed to address the increasing reports of ransomware and other cyber threats. According to the GAO report, the current plan for addressing threats to K-12...

The U.S. Department of Justice charged a British man for his alleged role in stealing $784,000 worth of cryptocurrency using SIM swap attacks. According to the unsealed indictment, Joseph James O'Connor – also known as "PlugWalkJoe" – conspired with others to steal approximately $784,000 worth of cryptocurrency from a Manhattan-based cryptocurrency...

The FBI has warned that over 30 US-based companies had been hit by the Ranzy Locker ransomware by July this year, in a flash alert to other organisations who may be at risk. According to the alert, issued with the Cybersecurity and Infrastructure Security Agency (CISA), most of the victims were compromised after brute force credential attacks...

The US Government has issued an alert to organisations about the threat posed by the BlackMatter ransomware group. The government's Cybersecurity & Infrastructure Security Agency (better known as CISA) issued the advisory earlier this week, following a series of BlackMatter ransomware attacks since July 2021 targeting US critical infrastructure,...

Google has released a report taking a close look at the more than 80 million ransomware samples uploaded to its VirusTotal service in the last year and a half. Each day, approximately 150,000 ransomware samples were analysed by the free VirusTotal service after being submitted by suspicious computer users, and shared with the security community to...

Organisations who find their networks hit by a ransomware attack may soon have to disclose within 48 hours any payments to their extortionists. That's the intention of the Ransom Disclosure Act, a new bill proposed by US Senator Elizabeth Warren and Representative Deborah Ross. Ransomware victims are not currently required to report attacks or...

REvil is one of the most notorious ransomware groups in the world. Also known as Sodin and Sodinokibi, REvil has made a name for itself extorting large amounts of money from businesses, operating as a ransomware-as-a-service (RAAS) business model that sees it share its profits with affiliates who break into networks and negotiate with victims on...

The US Government has underlined once again that it continues to strongly discourage organisations hit by ransomware from giving in to extortion demands. In an updated advisory, the Department of Treasury's Office of Foreign Assets Control (OFAC) has called upon businesses not to pay ransoms, and to focus on cybersecurity measures that can prevent...

What are the limits of online privacy and law enforcement? Can we clearly define them, or is this a vague and blurred area of debate? The fact is that as technology advances, the real and the virtual worlds are increasingly converging. Actions (or inactions) in the cyberspace introduce risks and threats for people, especially the most vulnerable...

In a security advisory, Microsoft has warned that malicious hackers are exploiting an unpatched vulnerability in Windows to launch targeted attacks against organisations. The security hole, dubbed CVE-2021-40444, is a previously unknown remote code execution vulnerability in MSHTML, a core component of Windows which helps render web-based content. ...

The FBI and CISA (the Cybersecurity and Infrastructure Security Agency) have jointly issued an advisory to organisations, warning about an increase in the number of attacks coinciding with weekends and holidays. With the Labor Day weekend rapidly approaching, the agencies have reminded businesses to be especially vigilant, remain diligent about...

Cybercrime is one of the most significant threats facing companies today. With the average cost of a data breach reaching an all-time high of $4.24 million, the business case for cybersecurity has never been stronger. Still, some businesses seem to misunderstand the urgency of meeting current cybersecurity standards. It may help to consider the...