Category: Security Bloggers

Researchers at CloudSEK have identified an extensive phishing campaign in which threat actors (TA) were impersonating the Ministry of Human Resources of the UAE government. Spotted through XVigil, the company’s artificial intelligence (AI) digital risk monitoring platform, the new threat would target various government and corporate entities across the finance, travel, legal, hospital, oil and […]

The post Advanced Phishing Campaign Found to Target Middle Eastern Entities appeared first on IT Security Guru.

Read more →

Last Thursday, June 30th, the California Department of Justice admitted that the personal information of all those who had been rejected or accepted for concealed carry permits from 2011 to 2021 was exposed. The California Department of Justice confirmed that among the affected departments were the state’s Assault Weapon Registry, Handguns Certified for Sale, Dealer […]

The post Leak of California gun owners’ private data far wider than originally reported appeared first on IT Security Guru.

Read more →

The recent abolition of the right to an abortion in the United States has raised questions about compliance for employers across the nation. Microsoft, Amazon, Google, and Facebook are central in this struggle between new laws and worker demands not just because of their size and social prominence but also because of the data they […]

The post Will Facebook’s End-to-End Encryption Protect Abortion-Seeking Users? appeared first on IT Security Guru.

Read more →

Last week, the Cyber Police of Ukraine disclosed that it apprehended nine members of a criminal gang that embezzled 100 million hryvnias via hundreds of phishing sites that claimed to offer financial assistance to Ukrainian citizens as part of a campaign aimed at capitalising on the ongoing conflict. The agency said in a press statement […]

The post Ukrainian Authorities Arrest Phishing Gang For Embezzling 100 Million UAH appeared first on IT Security Guru.

Read more →

An anonymous threat actor is selling several databases which they claim contain more than 22 terabytes of stolen information on roughly 1 billion Chinese citizens for 10 bitcoins (approx. $195,000). The announcement was posted on a hacker forum by a user with the handle ‘China Dan,’ saying that the information was leaked from the Shanghai […]

The post Hacker Claims to Have Stolen Information on 1 Billion Chinese Citizens appeared first on IT Security Guru.

Read more →

The Netherlands Maastricht University has announced that an extended investigation into a ransomware attack in 2019 has finally resulted in the seizure of €500,000. Yet, what is remarkable is that Maastricht University only paid out €200,000 originally. In 2019 Maastricht University was hit by a wave of malware which paralyzed the campus. The attack prevented […]

The post Dutch University Turns a Profit on Ransomware Payment appeared first on IT Security Guru.

Read more →

NATO has announced plans to develop virtual rapid response capabilities “to respond to significant malicious cyber activities.” These plans were published in a declaration made following the NATO Summit in Madrid, last week. The latest summit was significant in light of Russia’s invasion of Ukraine earlier this year, amid fears of the conflict spreading further. […]

The post NATO Announce Plans to Develop Cyber Rapid Response Capabilities appeared first on IT Security Guru.

Read more →

Following concerns that U.S. users’ data had been accessed by TikTok engineers in China between September 2021 and January 2022, TikTok sought to assure U.S. lawmakers that it’s taking steps to “strengthen data security.” The admission that some China-based employees can access information from U.S. users came in a letter sent to nine senators. The […]

The post TikTok Assures U.S. Lawmakers That They Are Working to Further Safeguard User Data From Chinese Staff appeared first on IT Security Guru.

Read more →

Reportedly, CloudSEK used its artificial intelligence (AI)-powered digital risk platform XVigil to identify a post on a cybercrime forum mentioning open source automation server platform Jenkins as one of the TTP (tactics, techniques, and procedures) used by a threat actor (TA) in attacks against IBM and Stanford University. Used by a TA to get clicks […]

The post Threat Actor Group Claims Responsibility for High Profile University Hacks appeared first on IT Security Guru.

Read more →

Microsoft’s Security Intelligence team have issued a new warning against a known cloud threat actor group. Active since early 2017 and tracked as 8220, the group have now updated its malware toolset to breach Linux servers to install crypto miners as part of a long-running campaign. On Thursday, Microsoft wrote in a Twitter thread, “the […]

The post Microsoft Issue Updated Warning Against Known Cloud Threat Actor Group appeared first on IT Security Guru.

Read more →

Publishing firm Macmillan was forced to shut down their network and offices while recovering from a security incident that appears to be a ransomware attack. The attack reportedly occurred on Saturday 25th June, with the company shutting down all their IT systems to prevent further spread. Publishers Weekly first reported on the incident, having seen […]

The post Macmillan Publishers Shut Down Systems After Security Incident appeared first on IT Security Guru.

Read more →