PowerSchool customers hit by downstream extortion threats
The large education tech vendor was hit by a cyberattack and paid a ransom in December. Now, a threat actor is attempting to extort the company’s customers…
Advertisement
Ransomware
Federal prosecutors indict alleged head of Black Kingdom ransomware
A man believed to be living in Yemen is accused of developing the ransomware and infecting about 1,500 computer systems in the U.S. and elsewhere between March…
Ukrainian extradited to US for alleged Nefilim ransomware attack spree
Federal law enforcement officials accuse Artem Stryzhak, who was arrested in Spain last year, of attacking and extorting multiple companies between 2018 and 2021.
Cybersecurity vendors are themselves under attack by hackers, SentinelOne says
“It’s practically taboo” for cyber firms to talk about being targeted, but SentinelLabs said in a new report that it has observed multiple threats.
Attackers hit security device defects hard in 2024
Mandiant said exploits were the most common initial access vector last year, linking software defects to 1 in 3 attacks. The most commonly exploited vulnerabilities affected network…
Microsoft patches zero-day actively exploited in string of ransomware attacks
Microsoft said Storm-2460 has exploited the zero-day in the Windows Common Log File System to attack organizations in the U.S., Venezuela, Spain and Saudi Arabia.
Advertisement
Silent Push’s Ken Bagnall on how companies can work with governments to take down malicious infrastructure
Ken Bagnall, CEO of Silent Push Ken
Identity lapses ensnared organizations at scale in 2024
Cisco Talos observed identity-based attacks in 60% of the incidents it responded to last year.
Canadian citizen allegedly involved in Snowflake attacks consents to extradition to US
Connor Moucka, a 26-year-old arrested at the behest of U.S. authorities in October in Kitchener, Ontario, faces 20 federal charges.
Nation-state groups hit hundreds of organizations with Microsoft Windows zero-day
Trend Micro researchers discovered and reported the eight-year-old defect to Microsoft six months ago. The company hasn’t made any commitments to patch or remediate the issue.