Category: DarkNet

The U.S. Congressional Budget Office (CBO) confirms it suffered a cybersecurity incident after a suspected foreign hacker breached its network, potentially exposing sensitive data. In a statement shared with BleepingComputer, CBO spokesperson Caitlin Emma confirmed the “security incident” and said the agency acted quickly to contain it. “The Congressional Budget Office has identified the security incident

The State of Nevada has published an after-action report detailing how hackers breached its systems to deploy ransomware in August, and the actions taken to recover from the attack. The document is one of the few completely transparent technical report from a federal government in the U.S. on a cybersecurity incident, describing all the steps

By Sila Ozeren Hacioglu, Security Research Engineer at Picus Security. In many organizations, red and blue teams still work in silos, usually pitted against each other, with the offense priding itself on breaking in and the defense doing what they can to hold the line. However, too often, their efforts don’t meet in the middle

Russian state-backed hacker group Sandworm has deployed multiple data-wiping malware families in attacks targeting Ukraine’s education, government, and the grain sector, the country’s main revenue source. The attacks occurred in June and September, cybersecurity company ESET says in a report today, and continue Sandworm’s (a.k.a. APT44) string of destructive operations in Ukraine. As the name indicates

SonicWall’s investigation into the September security breach that exposed customers’ firewall configuration backup files concludes that state-sponsored hackers were behind the attack. The network security company says that incident responders from Mandiant confirmed that the malicious activity had no impact on SonicWall’s products, firmware, systems, tools, source code, or customer networks. “The Mandiant investigation is now

Hyundai AutoEver America is notifying individuals that hackers breached the company’s IT environment and gained access to personal information. The company discovered the intrusion on March 1 but the investigation revealed that the attacker had access to the systems since February 22nd. Hyundai AutoEver America (HAEA) is an affiliate of Hyundai Motor Group that provides IT

The Gootloader malware loader operation has returned after a 7-month absence and is once again performing SEO poisoning to promote fake websites that distribute the malware. Gootloader is a JavaScript-based malware loader spread through compromised or attacker-controlled websites, used to trick users into downloading malicious documents. The websites are promoted in search engines either via

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning that threat actors are exploiting a critical remote command execution flaw in CentOS Web Panel (CWP). The agency has added the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog and is giving federal entities subject to the BOD 22-01 guidance until November 25 to apply available security updates and

Picture this: you’re at the helm of a sophisticated avionics suite, trusting every gauge and blinking light. Your flight plan is impeccable, air traffic control is on call, and your co‑pilot follows every procedure. But what if a sensor drifts out of calibration or a radar feed lags by a few seconds? Suddenly, critical decisions

The U.S. Treasury Department imposed sanctions on two North Korean financial institutions and eight individuals involved in laundering cryptocurrency stolen in cybercrime and fraudulent IT worker schemes. The Treasury’s Office of Foreign Assets Control (OFAC) designated Ryujong Credit Bank, a North Korea-based financial institution linked to sanctions-evasion activities between North Korea and China, including money