Discover ‘sedexp’, a stealthy Linux malware using udev rules for persistence, hiding credit card skimmers, and evading detection since 2022.
A company spokesperson for the oil drilling and fracking giant declined to name the executive overseeing cybersecurity, if any.
American chipmaker Microchip Technology Incorporated has disclosed that a cyberattack impacted its systems over the weekend, disrupting operations across multiple manufacturing facilities.
Headquartered in Chandler, Arizona, the company has roughly 123,000 customers across multiple industry sectors, including industrial, automotive, consumer, aerospace and defense, communications, and computing markets.
Due to an incident, some Microchip Technology manufacturing facilities operate at reduced capacity, affecting the company’s ability to meet orders. Microchip Technology also had to take steps to manage the situation, such as shutting down some systems and isolating the affected ones following the breach.
Ransomware victims have paid $459,800,000 to cybercriminals in the first half of 2024, setting the stage for a new record this year if ransom payments continue at this level.
Last year, ransomware payments reached a record $1.1 billion, which Chainalysis previously predicted from stats gathered in the first half of the year when ransomware activity grossed $449,100,000.
We now stand at approximately 2% higher than 2023’s record-breaking trajectory from the same period despite significant law enforcement operations that disrupted large ransomware-as-a-service operations, such as LockBit.
Quantum simulation enables scientists to simulate and study complex systems that are challenging or even impossible using classical computers across various fields, including financial modeling, cybersecurity, pharmaceutical discoveries, AI and machine learning. For instance, exploring molecular vibronic spectra is critical in understanding the molecular properties in molecular design and analysis.
RansomHub ransomware operators are now deploying new malware to disable Endpoint Detection and Response (EDR) security software in Bring Your Own Vulnerable Driver (BYOVD) attacks.
Named EDRKillShifter by Sophos security researchers who discovered it during a May 2024 ransomware investigation, the malware deploys a legitimate, vulnerable driver on targeted devices to escalate privileges, disable security solutions, and take control of the system.
This technique is very popular among various threat actors, ranging from financially motivated ransomware gangs to state-backed hacking groups.
Security experts are warning that a background check site may have been breached, resulting in the potential exposure of billions of Social Security and address records that could cover everyone in the United States.
As BleepingComputer reports, a hacking forum lit up when a user claimed to have access to a huge cache of documents gleaned from data brokerage National Public Data.
Though it doesn’t share its methodology on its website, NPD is believed to scrape its data from publicly available records to create individual user profiles generally used by private investigators or in background or criminal records checks.
Monitoring evolving DDoS trends is essential for anticipating threats and adapting defensive strategies. The comprehensive Gcore Radar Report for the first half of 2024 provides detailed insights into DDoS attack data, showcasing changes in attack patterns and the broader landscape of cyber threats. Here, we share a selection of findings from the full report.
Key Takeaways
The number of DDoS attacks in H1 2024 has increased by 46% compared to the same period last year, reaching 445K in Q2 2024. Compared to data for the previous six months (Q3–4 2023), it increased by 34%.
Almost 2.7 billion records of personal information for people in the United States were leaked on a hacking forum, exposing names, social security numbers, all known physical addresses, and possible aliases.
The data allegedly comes from National Public Data, a company that collects and sells access to personal data for use in background checks, to obtain criminal records, and for private investigators.
National Public Data is believed to scrape this information from public sources to compile individual user profiles for people in the US and other countries.
Three new encryption algorithms to bolster global cybersecurity efforts against future attacks using quantum technologies were published today by the National Institute of Standards and Technology (NIST), a division of the U.S. Department of Commerce. The new standards are designed for two tasks: general encryption and digital signatures.
These new standards are the culmination of an eight-year effort from the agency to tap the best minds in cybersecurity to devise the next generation of cryptography strong enough to withstand quantum computers. Experts expect quantum computers capable of breaking current current cryptographic algorithms within a decade. The new standards, the first released by NIST’s post-quantum cryptography (PQC) standardization project, are published on the department’s website. The documents contain the algorithms’ computer code, instructions for how to implement them in products and in encryption systems, and use cases for each.
