IT Security News

  • DarkHotel APT Targets Wynn, Macao Hotels to Rip Off Guest Data

    A DarkHotel phishing campaign breached luxe hotel networks, including Wynn Palace and the Grand Coloane Resort in Macao, a new report says.

    read more 

  • Sandworm APT Hunts for ASUS Routers with Cyclops Blink Botnet

    The Russian-speaking APT behind the NotPetya attacks and the Ukrainian power grid takedown could be setting up for additional sinister attacks, researchers said.

    read more 

  • Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware

    Researchers are tracking a number of open-source "protestware" projects on GitHub that have recently altered their code to display "Stand with Ukraine" messages for users, or basic facts about the carnage in Ukraine. The group also is tracking several code packages that were recently modified to erase files on computers that appear to be coming from Russian or Belarusian Internet addresses.

    read more 

  • Lawmakers Probe Early Release of Top RU Cybercrook

    Aleksei Burkov, a cybercriminal who long operated two of Russia's most exclusive underground hacking forums, was arrested in 2015 by Israeli authorities. The Russian government fought Burkov's extradition to the U.S. for four years -- even arresting and jailing an Israeli woman to force a prisoner swap. That effort failed: Burkov was sent to America, pleaded guilty, and was sentenced to nine years in prison. But a little more than a year later, he was quietly released and deported back to Russia. Now some Republican lawmakers are asking why a Russian hacker once described as "an asset of supreme importance" was allowed to shorten his stay.

    read more 

  • Report: Recent 10x Increase in Cyberattacks on Ukraine

    As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians.

    read more 

  • Microsoft Patch Tuesday, March 2022 Edition

    Microsoft on Tuesday released software updates to plug at least 70 security holes in its Windows operating systems and related software. For the second month running, there are no scary zero-day threats looming for Windows users (that we know of), and relatively few "critical" fixes. And yet we know from experience that attackers are already trying to work out how to turn these patches into a roadmap for exploiting the flaws they fix. Here's a look at the security weaknesses Microsoft says are most likely to be targeted first.

    read more 

  • Internet Backbone Giant Lumen Shuns .RU

    Lumen Technologies, an American company that operates one of the largest Internet backbones and carries a significant percentage of the world's Internet traffic, said today it will stop routing traffic for organizations based in Russia. Lumen's decision comes just days after a similar exit by backbone provider Cogent, and amid a news media crackdown in Russia that has already left millions of Russians in the dark about what is really going on with their president's war in Ukraine.

    read more 

  • Microsoft Addresses 3 Zero-Days & 3 Critical Bugs for March Patch Tuesday

    The computing giant patched 71 security vulnerabilities in an uncharacteristically light scheduled update, including its first Xbox bug.

    read more 

  • The Uncertain Future of IT Automation

    While IT automation is growing, big challenges remain. Chris Hass, director of information security and research at Automox, discusses how the future looks.

    read more 

  • Zero-Click Flaws in Widely Used UPS Devices Threaten Critical Infratructure

    The 'TLStorm' vulnerabilities, found in APC Smart-UPS products, could allow attackers to cause both cyber and physical damage by taking down critical infrastructure.

    read more