A new report today from cybersecurity services company Group-IB Global Pvt. Ltd. details the uncovering of more than 16,000 malicious domains created during the Inferno Drainercrypto scam last year. Although the Inferno Drainer group announced in November it was shutting down, the report does a deep dive into the prolific group, which operated a scam-as-a-service scheme while leveraging high-quality phishing ...

Insurance and settlement service giant Fidelity National Financial Inc. has officially disclosed that they suffered from a “cybersecurity incident” that the infamous ransomware gang ALHPV/BlackCat claimed responsibility for in November. The disclosure came via a Jan. 9 filing with the U.S. Securities and Exchange Commission, which states that Fidelity National became aware of a cybersecurity incident ...

Some 4 million records, including school shooter emergency plans, have been exposed online in the latest case of unsecured cloud storage. Discovered by security researcher Jeremiah Fowler and detailed today by vpnMentor, the exposed cloud instance was found to belong to Raptor Technologies LLC, a Texas-based school security company. Fowler found three separate storage buckets that ...

Information technology security software company Ivanti Inc. is warning customers about two vulnerabilities in all versions of Ivanti Connect Secure and Ivanti Policy Secure Gateways that are being actively exploited by hackers. The vulnerabilities were first identified by cybersecurity firm Volexity Inc. in the second week of December when the company detected suspicious lateral movement on the network of one of its ...

A new report released today by SentinelLabs, the research arm of listed cybersecurity company SentinelOne Inc., is warning of a new sophisticated Python-based malware targeting cloud and payment services. Dubbed “FBot,” the malware is said to represent a significant threat due to its specific targeting of web servers, cloud services and software-as-a-service platforms, including Amazon Web Services Inc., ...

Texas-based healthcare services provider HMG Healthcare LLC is the latest company to be hacked as a data breach resulted in the theft of personally identifiable information and medical records. Described as a “data security incident” by HMG Healthcare in a privacy update, the breach was detected in November, with a subsequent investigation finding that someone ...

The price of bitcoin rose today after the U.S. Securities and Exchange Commission approved proposals for 11 spot bitcoin exchange-traded funds, a day after SEC’s X Inc. (Twitter) was hacked and made the same announcement. Years in the making, the SEC’s approval was warmly greeted by investors, with bitcoin surging above $47,600 before settling to ...

New research published today by cloud email security and brand protection startup Redsift Ltd. has found that 33% of publicly listed companies are not ready for new bulk email sending requirements that come into place in February. The new requirements, announced by Google LLC and Yahoo Inc. in October, require any company sending more than 5,000 email ...

A new report released today by researchers at cloud-native security company Aqua Security Software Ltd. warns of a new attack targeting Apache Hadoop and Flink applications. The attack is described as “particularly intriguing” thanks to the attacker’s use of packers and rootkits to conceal their malware. It was discovered by the researchers over the last few weeks ...

Pro-Ukrainian hacking group Blackjack has claimed to have breached a Moscow internet service provider in revenge for a Russian attack last month on Kyivstar, Ukraine’s largest telecom provider. The cyberattack targeted Moscow-based M9 Telecom and is reported to have destroyed the provider’s servers, deleting about 20 terabytes of data, including the company’s official website, branch websites, mail ...