Geek-Guy.com

Tag: disrupted

AI, Europe, Global Security News, malware, Network Security

Resecurity Supports Microsoft DCU in Disrupting Fox Tempest ’s Cybercriminal Code-Signing Ecosystem

Microsoft and Resecurity disrupted Fox Tempest, a malware-signing service that used fake Microsoft certificates to make malware look legitimate. Resecurity supported Microsoft’s Digital Crimes Unit (DCU) in its disruption of Fox Tempest, a financially motivated threat actor operating a malware-signing-as-a-service (MSaaS) capability used by cybercriminals to make malicious files appear legitimate. On May 19, 2026,…

Read more →

AI, Apps, Endpoint, Global Security News, malware, Network Security, Risk Management

Microsoft Disrupts Malware-Signing Service Used by Ransomware Gangs

Microsoft says it disrupted a malware-signing service that abused Azure Artifact Signing to create fraudulent certificates used in ransomware and malware attacks.  The Fox Tempest operation allegedly helped cybercriminals distribute malware disguised as trusted software to evade Windows defenses and fool users.   “Fox Tempest doesn’t directly target victims but instead provides supporting services that enable…

Read more →

AI, Global Security News, malware, Network Security

Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks

Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company’s Artifact Signing system to deliver malicious code and conduct ransomware and other attacks, compromising thousands of machines and networks across the world. The tech giant attributed the activity to a threat actor it calls Fox Tempest, which it said offered the…

Read more →

AI, Apps, Europe, Global Security News, malware

Microsoft disrupts malware code-signing service used by ransomware gangs

Microsoft has disrupted the infrastructure powering the largest malware code-signing service used to help ransomware groups and other cybercriminals make malicious programs harder to detect on Windows. The threat actors behind the service used stolen identities and impersonated legitimate organizations to obtain more than 1,000 code-signing certificates. Microsoft seized the group’s website, signspace[.]cloud, revoked the…

Read more →

AI, china, Global Security News, Government & Policy, malware, Network Security

Microsoft dismantled malware-signing network Fox Tempest

Microsoft disrupted Fox Tempest, a malware-signing-as-a-service (MSaaS) that allowed attackers to sign malware with fake trusted certificates. Microsoft said it disrupted a cybercrime operation run by a threat actor named Fox Tempest, which helped threat actors sign malware with short-lived certificates to make malicious software appear legitimate. The service abused Microsoft Artifact Signing and supported…

Read more →

AI, Apps, china, Exploits, Global Security News, Government & Policy, malware

Microsoft disrupts cybercrime service that abused software verification systems en masse

Microsoft seized infrastructure and disrupted a cybercrime service that created and sold more than 1,000 code-signing certificates that other cybercriminals used to make malware-riddled software appear trusted and legitimate for follow-on cyberattacks, including ransomware, the company said Tuesday. The financially-motivated threat group, which Microsoft tracks as Fox Tempest, provided the malware-signing-as-a-service to multiple ransomware groups,…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, Risk Management

Optiv: AI is Reshaping the MDR Security Approach for Partners

Cybersecurity is fundamentally different today from many other industries being disrupted by AI. Defenders are constantly facing active adversaries, and AI has only intensified these threats. Many sectors are focused on AI-driven efficiency and automation, while cybersecurity teams must simultaneously defend against attackers who are rapidly adopting AI-powered tooling. In a conversation with Benjamin Spencer,…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security

Taiwan High-Speed Rail Emergency Braking Hack: How a Student Stopped the Trains and Exposed a Major Security Gap

Taiwan high‑speed rail was disrupted after a 23‑year‑old student spoofed signals and triggered an emergency alarm, stopping four trains for nearly an hour. Taiwan high‑speed rail system, one of the most important pieces of national infrastructure, was thrown into chaos during the Qingming Festival holiday when several trains suddenly came to an unexpected halt. Experts…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, Network Security, Risk Management

CareCloud Incident Exposes Patient Data, Disrupts EHR Systems

An attack on healthcare IT provider CareCloud has exposed sensitive patient data and temporarily disrupted access to critical systems, highlighting ongoing risks facing digital healthcare infrastructure. We are “… continuing to investigate the nature and scope of the incident. The affected environment stores patient information, and the Company continues to assess whether, and the extent…

Read more →

AI, china, Global Security News, Government & Policy, malware, Network Security

Global law enforcement operation targets AISURU, Kimwolf, JackSkid botnet operators

DoJ disrupted IoT botnets’ C2 infrastructure with global partners, targeting operators behind AISURU, Kimwolf, JackSkid, and others. The U.S. DoJ disrupted command-and-control infrastructure used by several IoT botnets, including AISURU, Kimwolf, JackSkid, and Mossad. The operation involved authorities from Canada and Germany, along with major tech companies, to target botnet operators and weaken their global…

Read more →

AI, Apps, Europe, Exploits, Global Security News, malware, Network Security, Risk Management

US and European authorities disrupt socksEscort proxy service tied to AVrecon botnet

Authorities in the US and Europe disrupted the SocksEscort proxy service, which used the AVrecon botnet and infected about 360,000 devices since 2020. Law enforcement agencies in the US and Europe have disrupted SocksEscort, a malicious proxy service powered by the AVrecon botnet. Active since 2020, the service hijacked roughly 360,000 devices and allowed cybercriminals…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, Government & Policy, malware, Network Security

Iran-Linked Hacktivists Claim Wiper Attack on Stryker Systems

A cyberattack has disrupted global operations at medical technology manufacturer Stryker, forcing employees in multiple countries offline and cutting access to core corporate systems.  The incident, which began March 11, triggered widespread outages across the company’s Microsoft environment and left staff temporarily unable to access internal applications and devices.  “When a company the size of…

Read more →

AI, Global Security News

Law enforcement disrupted Tycoon 2FA phishing-as-a-service platform

Authorities disrupted the Tycoon 2FA phishing-as-a-service platform used to send millions of phishing emails to over 500,000 orgs worldwide. The joint effort, led by Microsoft, Europol, and industry partners, aimed to target the infrastructure of Tycoon 2FA phishing-as-a-service platform responsible for tens of millions of fraudulent emails reaching over 500,000 organizations each month worldwide. By…

Read more →

AI, Apps, china, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security

China-linked hackers used Google Sheets to spy on telecoms and governments across 42 countries

Google has disrupted a China-linked espionage group that used Google’s spreadsheet application as a covert spy tool to compromise telecom providers and government agencies across 42 countries, sending commands and receiving stolen data through it, Google’s Threat Intelligence Group (GTIG) said on Thursday. Working with Mandiant, GTIG confirmed intrusions at 53 organizations across 42 countries,…

Read more →

AI, APAC, china, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware

Google GTIG disrupted China-linked APT UNC2814 halting attacks on 53 orgs in 42 countries

Google and partners disrupted UNC2814, a suspected China-linked group that hacked 53 organizations across 42 countries. Google, with industry partners, disrupted the infrastructure of UNC2814, a suspected China-linked cyber espionage group that breached at least 53 organizations in 42 countries. The group has been active since at least 2017, and was spotted targeting governments and…

Read more →

AI, Breaking News, cyber crime, Cybercrime, Cybersecurity, data breach, Data Breaches, Global Security News, Government & Policy, Network Security, Security

Senegal shuts National ID office after ransomware attack

Senegal closed its national ID card office after a ransomware cyberattack disrupted ID, passport, and biometric services. Senegal confirmed a cyberattack on the Directorate of File Automation, the government office that manages national ID cards, passports, and biometric data. After ransomware claims surfaced, authorities temporarily closed the office to contain the incident. The agency warned…

Read more →

AI, Breaking News, cyber crime, Cybersecurity, data breach, Global Security News, malware, Network Security, Security

Romania’s national oil pipeline firm Conpet reports cyberattack

Romania’s national oil pipeline operator Conpet said a cyberattack disrupted its business systems and temporarily knocked its website offline. Conpet is a state-controlled company that owns and operates the country’s crude oil, condensate, and liquid petroleum product pipeline network. Its main role is to transport oil from domestic production fields and import points to refineries…

Read more →

AI, Breaking News, cyber crime, Cybersecurity, data breach, Global Security News, malware, Network Security, Security

Romania’s national oil pipeline firm Conpet reports cyberattack

Romania’s national oil pipeline operator Conpet said a cyberattack disrupted its business systems and temporarily knocked its website offline. Conpet is a state-controlled company that owns and operates the country’s crude oil, condensate, and liquid petroleum product pipeline network. Its main role is to transport oil from domestic production fields and import points to refineries…

Read more →

AI, Breaking News, cyber crime, Cybersecurity, data breach, Global Security News, malware, Network Security, Security

Romania’s national oil pipeline firm Conpet reports cyberattack

Romania’s national oil pipeline operator Conpet said a cyberattack disrupted its business systems and temporarily knocked its website offline. Conpet is a state-controlled company that owns and operates the country’s crude oil, condensate, and liquid petroleum product pipeline network. Its main role is to transport oil from domestic production fields and import points to refineries…

Read more →

AI, Breaking News, cyber crime, Cybersecurity, data breach, Global Security News, malware, Network Security, Security

Romania’s national oil pipeline firm Conpet reports cyberattack

Romania’s national oil pipeline operator Conpet said a cyberattack disrupted its business systems and temporarily knocked its website offline. Conpet is a state-controlled company that owns and operates the country’s crude oil, condensate, and liquid petroleum product pipeline network. Its main role is to transport oil from domestic production fields and import points to refineries…

Read more →

AI, Breaking News, cyber crime, Cybersecurity, Data Breaches, Europe, Global Security News, hacking, malware, Network Security, Russia, Security

Italian university La Sapienza still offline to mitigate recent cyber attack

Rome’s La Sapienza University was hit by a cyberattack that disrupted IT systems and caused widespread operational issues. Since February 2, Rome’s La Sapienza University, one of the most important Italian universities, has been offline due to a cyberattack. For days, students have been unable to book exams, check tuition payments, or access faculty contacts.…

Read more →