Published on: 2025-06-12 17:44:15
The DragonForce ransomware operation successfully breached a managed service provider and used its SimpleHelp remote monitoring and management (RMM) platform to steal data and deploy encryptors on downstream customers' systems. Sophos was brought in to investigate the attack and believe the threat actors exploited a chain of older SimpleHelp vulnerabilities tracked as CVE-2024-57727, CVE-2024-57728, and CVE-2024-57726 to breach the system. SimpleHelp is a commercial remote support and access t
Keywords: actors attacks dragonforce ransomware simplehelp
Find related items on AmazonPublished on: 2025-06-18 01:26:44
The FBI warned that an extortion gang known as the Silent Ransom Group has been targeting U.S. law firms over the last two years in callback phishing and social engineering attacks. Also known as Luna Moth, Chatty Spider, and UNC3753, this threat group has been active since 2022 and was also behind BazarCall campaigns that provided initial access to corporate networks for Ryuk and Conti ransomware attacks. In March 2022, following Conti's shutdown, the threat actors separated from the cybercri
Keywords: access attacks group ransom srg
Find related items on AmazonPublished on: 2025-06-20 05:00:03
A consortium of global law enforcement agencies and tech companies announced on Wednesday that they have disrupted the infostealer malware known as Lumma. One of the most popular infostealers worldwide, Lumma has been used by hundreds of what Microsoft calls “cyber threat actors” to steal passwords, credit card and banking information, and cryptocurrency wallet details. The tool, which officials say is developed in Russia, has provided cybercriminals with the information and credentials they nee
Keywords: attacks infrastructure lumma malware microsoft
Find related items on AmazonPublished on: 2025-06-22 09:27:21
A 3AM ransomware affiliate is conducting highly targeted attacks using email bombing and spoofed IT support calls to socially engineer employees into giving credentials for remote access to corporate systems. This tactic was previously linked to the Black Basta ransomware gang and later observed in FIN7 attacks, but its effectiveness has driven a wider adoption. Sophos reports seeing at least 55 attacks leveraging this technique between November 2024 and January 2025, linked to two distinct th
Keywords: 3am attacks email ransomware sophos
Find related items on AmazonPublished on: 2025-06-23 17:49:56
Police investigation into UK retail hacks focuses on English-speaking youths 11 minutes ago Share Save Joe Tidy Cyber correspondent, BBC World Service Share Save Getty Images Detectives investigating cyber attacks on UK retailers are focussing on a notorious cluster of cyber criminals known to be young English-speakers, some of them teenagers, police have revealed. For weeks speculation has mounted that disruptive attacks on M&S, Co-op, Harrods and some US retailers could be the work of a hac
Keywords: attacks cyber nca scattered spider
Find related items on AmazonPublished on: 2025-06-24 08:50:18
Cyber-attack threat keeps me awake at night, bank boss says 5 hours ago Share Save Graham Fraser & Kevin Peachey Technology reporter & Cost of living correspondent Share Save Getty Images Ian Stuart said the HSBC banking group is spending hundreds of millions of pounds on its IT systems The boss of one of the UK's biggest banks has said the threat of cyber-attacks "keeps me awake at night". Ian Stuart, the CEO of HSBC UK, said cyber-security was "top of the agenda" for his banking group, and
Keywords: attacks cyber said stuart uk
Find related items on AmazonPublished on: 2025-06-25 13:01:15
Cyber attack threat keeps me awake at night, bank boss says 1 hour ago Share Save Graham Fraser & Kevin Peachey Technology reporter & Cost of living correspondent Share Save Getty Images Ian Stuart said the HSBC banking group is spending hundreds of millions of pounds on its IT systems The boss of one of the UK's biggest banks has said the threat of cyber attacks "keeps me awake at night". Ian Stuart, the CEO of HSBC UK, said cyber security was "top of the agenda" for his banking group, and d
Keywords: attacks cyber said stuart uk
Find related items on AmazonPublished on: 2025-06-29 17:13:19
On Thursday, CISA warned U.S. federal agencies to secure their systems against ongoing attacks exploiting a high-severity vulnerability in the Chrome web browser. Solidlab security researcher Vsevolod Kokorin discovered the flaw (CVE-2025-4664) and shared technical details online on May 5th. Google released security updates to patch it on Wednesday. As Kokorin explained, the vulnerability is due to insufficient policy enforcement in Google Chrome's Loader component, and successful exploitation
Keywords: attacks chrome day exploited google
Find related items on AmazonPublished on: 2025-07-03 09:38:53
Google warned today that hackers using Scattered Spider tactics against retail chains in the United Kingdom have also started targeting retailers in the United States. "The US retail sector is currently being targeted in ransomware and extortion operations that we suspect are linked to UNC3944, also known as Scattered Spider," John Hultquist, Chief Analyst at Google Threat Intelligence Group, told BleepingComputer. "The actor, which has reportedly targeted retail in the UK following a long hia
Keywords: actors attacks scattered spider threat
Find related items on AmazonPublished on: 2025-07-05 13:14:43
The state-backed North Korean threat group Konni (Opal Sleet, TA406) was observed targeting Ukrainian government entities in intelligence collection operations. The attackers use phishing emails that impersonate think tanks, referencing important political events or military developments to lure their targets. Proofpoint researchers who discovered the activity in February 2025 suggest that it's likely an effort to support the DPRK's military involvement alongside Russia in Ukraine and evaluate
Keywords: attacks north powershell proofpoint targeting
Find related items on AmazonPublished on: 2025-07-05 13:48:18
SAP has released patches to address a second vulnerability exploited in recent attacks targeting SAP NetWeaver servers as a zero-day. The company issued security updates for this security flaw (CVE-2025-42999) on Monday, May 12, saying it was discovered while investigating zero-day attacks involving another unauthenticated file upload flaw (tracked as CVE-2025-31324) in SAP NetWeaver Visual Composer that was fixed in April. "SAP is aware of and has been addressing vulnerabilities in SAP NETWEA
Keywords: 2025 attacks cve netweaver sap
Find related items on AmazonPublished on: 2025-07-06 05:46:39
Fortinet released security updates to patch a critical remote code execution vulnerability exploited as a zero-day in attacks targeting FortiVoice enterprise phone systems. The security flaw is a stack-based overflow vulnerability tracked as CVE-2025-32756 that also impacts FortiMail, FortiNDR, FortiRecorder, and FortiCamera. As the company explains in a security advisory issued on Tuesday, successful exploitation can allow remote unauthenticated attackers to execute arbitrary code or commands
Keywords: attacks devices fcgi fortinet security
Find related items on AmazonPublished on: 2025-07-10 13:23:08
Forescout Vedere Labs security researchers have linked ongoing attacks targeting a maximum severity vulnerability impacting SAP NetWeaver instances to a Chinese threat actor. SAP released an out-of-band emergency patch on April 24 to address this unauthenticated file upload security flaw (tracked as CVE-2025-31324) in SAP NetWeaver Visual Composer, days after cybersecurity company ReliaQuest first detected the vulnerability being targeted in attacks. Successful exploitation enables unauthentic
Keywords: attacks chinese instances netweaver sap
Find related items on AmazonPublished on: 2025-07-13 09:39:15
Since the start of the year, the Russian state-backed ColdRiver hacking group has been using new LostKeys malware to steal files in espionage attacks targeting Western governments, journalists, think tanks, and non-governmental organizations. In December, the United Kingdom and Five Eyes allies linked ColdRiver to Russia's Federal Security Service (FSB), the country's counterintelligence and internal security service. Google Threat Intelligence Group (GTIG) first observed LostKeys being "deplo
Keywords: attacks coldriver group lostkeys targets
Find related items on AmazonPublished on: 2025-07-20 01:19:18
Following three high-profile cyberattacks impacting major UK retailers, the country's National Cyber Security Centre (NCSC) has published guidance that all companies are advised to follow to strengthen their cybersecurity defenses. The cybersecurity breaches that prompted NCSC's alert are the recent hacks at Marks & Spencer, Co-op, and Harrods, all multi-million British retailers. The attacks started with M&S, which suffered a DragonForce ransomware attack that utilized tactics associated with
Keywords: actors attacks ncsc op threat
Find related items on AmazonPublished on: 2025-07-20 21:30:03
Beware phony IT calls after Co-op and M&S hacks, says UK cyber centre 2 hours ago Share Save Joe Tidy Cyber correspondent, BBC World Service Share Save Getty Images The National Cyber Security Centre (NCSC) has warned criminals launching cyber attacks at British retailers are impersonating IT help desk calls to break into organisations. Hackers have targeted Marks & Spencer, Co-op and Harrods in the last two weeks, and on Friday the anonymous group told the BBC there will be more attacks soon
Keywords: attacks cyber help ncsc security
Find related items on AmazonPublished on: 2025-07-21 16:04:26
Russia-aligned hacktivists persistently target key public and private organizations in the Netherlands with distributed denial of service (DDoS) attacks, causing access problems and service disruptions. The situation was acknowledged via a statement by the country's National Cyber Security Center (NCSC), part of the Dutch Ministry of Justice. "This week, several Dutch organizations have been targeted by large-scale DDoS attacks," reads the NCSC announcement. "The DDoS attacks are directed at
Keywords: attacks ddos group organizations threat
Find related items on AmazonPublished on: 2025-07-22 09:57:31
The United Kingdom's National Cyber Security Centre warned that ongoing cyberattacks impacting multiple UK retail chains should be taken as a "wake-up call." Part of the GCHQ British intelligence agency, the NCSC provides support and guidance to private and public sector entities following major cybersecurity incidents to protect the UK's critical services. In a statement issued this week, the NCSC also confirmed that it's working with affected organizations in the retail sector to assess the
Keywords: attacks marks ncsc op uk
Find related items on AmazonPublished on: 2025-07-23 02:44:03
A Ukrainian national has been extradited from Spain to the United States to face charges over allegedly conducting Nefilim ransomware attacks against companies. The suspect, Artem Aleksandrovych Stryzhak, 35, was arrested in Spain in June 2024 and extradited to the U.S. on April 30, 2025. According to the U.S. Department of Justice, Stryzhak allegedly participated in ransomware attacks that targeted high-revenue companies, primarily in the United States, Norway, France, Switzerland, Germany, a
Keywords: attacks data nefilim ransomware stryzhak
Find related items on AmazonPublished on: 2025-07-24 13:25:47
At least two people have come forward and said they were told to take the threats seriously. Apple has been warning possible victims of spyware attacks, according to several alleged recipients of the messages. At the time of writing there appears to be at least two people who have confirmed they’ve been notified by Apple, and that the warning itself says that users in 100 countries have received similar alerts. The company does not offer any specifics as to how many people may have been targete
Keywords: apple attack attacks spyware warning
Find related items on AmazonPublished on: 2025-07-25 06:13:30
Apple has notified iPhone users in 100 countries that their devices have been infected with spyware, implying that it may be NSO’s Pegasus. The company has warned victims to take it seriously, and to immediately take a number of security actions in response. One of the recipients has shared almost the entire message, the first time I can recall seeing more than a brief excerpt … Apple alerts spyware victims Our NSO guide explains the background to the main iPhone spyware used for these attack
Keywords: apple attacks iphone mercenary spyware
Find related items on AmazonPublished on: 2025-07-25 05:33:42
A China-aligned APT threat actor named "TheWizards" abuses an IPv6 networking feature to launch adversary-in-the-middle (AitM) attacks that hijack software updates to install Windows malware. According to ESET, the group has been active since at least 2022, targeting entities in the Philippines, Cambodia, the United Arab Emirates, China, and Hong Kong. Victims include individuals, gambling companies, and other organizations. The attacks utilize a custom tool dubbed "Spellbinder" by ESET that a
Keywords: attacks eset ipv6 spellbinder tool
Find related items on AmazonPublished on: 2025-07-27 06:32:05
A set of security vulnerabilities in Apple's AirPlay Protocol and AirPlay Software Development Kit (SDK) exposed unpatched third-party and Apple devices to various attacks, including remote code execution. According to cybersecurity company Oligo Security security researchers who discovered and reported the flaws, they can be exploited in zero-click and one-click RCE attacks, man-in-the-middle (MITM) attacks, and denial of service (DoS) attacks, as well as to bypass access control list (ACL) a
Keywords: airplay apple attacks devices security
Find related items on AmazonPublished on: 2025-07-27 17:15:07
In an unprecedented display of diplomatic aggression, French authorities publicly accused Russia of sponsoring several high-profile cyber attacks on French entities for over a decade to gather intelligence and destabilize the country. The incidents include everything from a faked Islamic State takeover of a French television broadcast signal in 2015 to the leak of President Emmanuel Macron’s emails in 2017. On Tuesday, France’s Foreign Ministry formally attributed those cyberattacks and several
Keywords: cyber cyberattacks france french russian
Find related items on AmazonPublished on: 2025-07-28 13:57:15
Today, the French foreign ministry blamed the APT28 hacking group linked to Russia's military intelligence service (GRU) for targeting or breaching a dozen French entities over the last four years. "France condemns in the strongest terms the use by the Russian military intelligence service (GRU) of the APT28 attack procedure, which has led to several cyber attacks against French interests," a statement released on Tuesday says. "These destabilizing activities are unacceptable and unworthy of a
Keywords: apt28 attacks entities french military
Find related items on AmazonPublished on: 2025-07-30 13:28:54
Ongoing outages at British retail giant Marks & Spencer are caused by a ransomware attack believed to be conducted by a hacking collective known as "Scattered Spider" BleepingComputer has learned from multiple sources. Marks & Spencer (M&S) is a British multinational retailer that employs 64,000 employees and sells various products, including clothing, food, and home goods in over 1,400 stores worldwide. Last Tuesday, M&S confirmed it suffered a cyberattack that caused widespread disruption, i
Keywords: attack attacks scattered spider threat
Find related items on AmazonPublished on: 2025-07-31 13:04:10
Internet services giant Cloudflare says it mitigated a record number of DDoS attacks in 2024, recording a massive 358% year-over-year jump and a 198% quarter-over-quarter increase. These figures come from Cloudflare's 2025 Q1 DDoS Report, where the company says it mitigated a total of 21.3 million DDoS attacks in 2024. However, 2025 is looking to be an even bigger problem for online entities and companies, with Cloudflare already responding to 20.5 million DDoS attacks in just the first quarte
Keywords: attack attacks cloudflare ddos quarter
Find related items on AmazonPublished on: 2025-08-01 17:30:00
On paper, Clair Obscur: Expedition 33 doesn’t seem to stand out amidst a recent wave of prestige RPGs, from the newly polished high fantasy of the Elder Scrolls IV: Oblivion remake to the medieval warfare of 15th century Bohemia in Kingdom Come: Deliverance II. For one, its fantastical conquests are set in a world reminiscent of France’s Belle Époque period, an era known for its economic prosperity and radical artistic movements, from Art Nouveau to Expressionism. Add a tinge of melodrama and an
Keywords: 33 attacks combat expedition like
Find related items on AmazonPublished on: 2025-08-06 12:06:04
An Active! Mail zero-day remote code execution vulnerability is actively exploited in attacks on large organizations in Japan. Active! mail is a web-based email client developed initially by TransWARE and later acquired by Qualitia, both Japanese companies. While it's not widely used worldwide like Gmail or Outlook, Active! is often used as a groupware component in Japanese-language environments of large corporations, universities, government agencies, and banks. According to the vendor, Acti
Keywords: active attacks japanese mail service
Find related items on AmazonPublished on: 2025-08-07 05:02:12
Phishing attacks remain a huge challenge for organizations in 2025. In fact, with attackers increasingly leveraging identity-based techniques over software exploits, phishing arguably poses a bigger threat than ever before. With MFA-bypassing phishing kits the new normal, capable of phishing accounts protected by SMS, OTP, and push-based methods, detection controls are being put under constant pressure as prevention controls fall short. A key challenge with phishing detection is that based on
Keywords: attacks email malicious page phishing
Find related items on AmazonGo K’awiil is a project by nerdhub.co that curates technology news from a variety of trusted sources. We built this site because, although news aggregation is incredibly useful, many platforms are cluttered with intrusive ads and heavy JavaScript that can make mobile browsing a hassle. By hand-selecting our favorite tech news outlets, we’ve created a cleaner, more mobile-friendly experience.
Your privacy is important to us. Go K’awiil does not use analytics tools such as Facebook Pixel or Google Analytics. The only tracking occurs through affiliate links to amazon.com, which are tagged with our Amazon affiliate code, helping us earn a small commission.
We are not currently offering ad space. However, if you’re interested in advertising with us, please get in touch at [email protected] and we’ll be happy to review your submission.