Cybersecurity researchers have disclosed details of an ongoing phishing campaign that leverages recruiting- and job-themed lures to deliver a Windows-based backdoor named WARMCOOKIE. “WARMCOOKIE appears to be an initial backdoor tool used to scout out victim networks and deploy additional payloads,” Elastic Security Labs researcher Daniel Stepanic said in a new analysis. “Each sample is […]

State-sponsored threat actors backed by China gained access to 20,000 Fortinet FortiGate systems worldwide by exploiting a known critical security flaw between 2022 and 2023, indicating that the operation had a broader impact than previously known. “The state actor behind this campaign was already aware of this vulnerability in FortiGate systems at least two months […]

An appeal has been launched for O blood-type donors to book appointments across the country following the ransomware attack affecting major London hospitals. The IT attack means the affected hospitals cannot currently match patients’ blood at the same frequency as usual. Several London hospitals declared a critical incident, cancelled operations and tests, and were unable […]

WARSAW, June 3 (Reuters) – Poland will spend over 3 billion zlotys ($760 million) to boost cybersecurity, the digitalisation minister said on Monday, after state news agency PAP was hit by what authorities say was likely a Russian cyberattack. With European parliament elections to be held in Poland on Sunday, authorities are on high alert […]

TALLINN, Estonia — Since the start of this week, Ukraine has signed security agreements with Spain, Belgium and Portugal, adding to a list that includes a dozen other nations. The signees are pledging to provide financial, humanitarian, military and cyber support to Kyiv in its fight against Russia. All of the nations are NATO members, […]

A never-before-seen North Korean threat actor codenamed Moonstone Sleet has been attributed as behind cyber attacks targeting individuals and organizations in the software and information technology, education, and defense industrial base sectors with ransomware and bespoke malware previously associated with the infamous Lazarus Group. “Moonstone Sleet is observed to set up fake companies and job […]

Microsoft revealed its AI-optimized Copilot+ PCs on Monday, including a new feature that has raised concern among some security experts. The Copilot+ PCs will ship with a preview version of a feature called “Recall,” which Microsoft said is designed to feel like having a “photographic memory” of everything you’ve viewed on your PC. Recall takes […]

Cyberattacks against water utilities across the country are becoming more frequent and more severe, the Environmental Protection Agency warned Monday as it issued an enforcement alert urging water systems to take immediate actions to protect the nation’s drinking water. About 70% of utilities inspected by federal officials over the last year violated standards meant to […]

Security researchers have disclosed almost a dozen security flaws impacting the GE HealthCare Vivid Ultrasound product family that could be exploited by malicious actors to tamper with patient data and even install ransomware under certain circumstances. “The impacts enabled by these flaws are manifold: from the implant of ransomware on the ultrasound machine to the […]

The cyber espionage group known as Mustang Panda introduced malware over the past five months to gain remote access to “computer systems belonging to cargo shipping companies based in Norway, Greece, and the Netherlands, including some that appeared to be aboard the cargo ships themselves,” according to the Slovakia-based cyber security firm ESET. The report […]