It is heartwarming that 16 prisoners, including innocent ex-Marine Paul Whelan and Wall Street Journal reporter Evan Gershkovich, have been freed from their wrongful imprisonment in Russia in exchange for 24 convicted Russian prisoners. What is disturbing is that innocent individuals wrongfully convicted are being used to bargain for convicted individuals, including cybercriminals.

Krebs on

We previously reported on the concerning mash-up of worldwide cybercriminals, known as Scattered Spider, working together to attack victims.

New reports from Microsoft and others indicate that since the second quarter of 2024, Scattered Spider is now using RansomHub and Qilin ransomware against victims. Scattered Spider is suspected of attacking hundreds of organizations since its

Intercontinental Exchange, Inc. (ICE), the owner of the New York Stock Exchange, has agreed to settle with the Securities and Exchange Commission (SEC) for $10 million over allegations that it failed to timely notify the SEC of the cybersecurity incident it experienced in 2021 involving its virtual private network.

The SEC alleged that ICE should

According to the National Security Agency, actors backed by the Chinese government are actively targeting a zero-day vulnerability in two commonly-used Citrix networking devices.

The exploit (CVE-2022-27518) affects Citrix ADC, an application delivery controller, and Citrix Gateway, a remote access tool. Both devices are standard in mid-to-large enterprise networks. Analysts at the National

Palo Alto’s Unit 42 recently issued a threat assessment alert outlining a new, unique phishing scam that has been successful. The scam is believed to have been carried out by the Luna Moth/Silent Ransom Group and is targeting businesses in the legal and retail sectors. Unit 42 predicts that the scam is “expanding in scope.”

Killnet, a Russian-speaking hacking group that emerged shortly after Russia invaded Ukraine, took responsibility last week for deploying a denial-of-service attack that temporarily took several U.S. states’ websites offline.

Although reported as unsophisticated, the attacks managed to affect the websites of Colorado, Connecticut, Kentucky, and Mississippi. The group’s goal is reportedly to disrupt U.S. state

It’s a cold, hard fact that hackers don’t really care about their victims or their victims’ data or business. They are greedy, evil human beings that just want the money.

The newest trend for hackers is to develop and launch cyber-attacks that deploy destructive malware. This means that when a threat actor infiltrates a business’

Hackers caused a massive traffic jam in Moscow by exploiting the ride-sharing app Yandex Taxi and using it to summon dozens of taxis to a single location. While Yandex has not confirmed the attacker’s identity, the hacktivist group Anonymous claimed responsibility on Twitter. The group has been actively taking aim at Russian targets in response

Password manager LastPass, reportedly used by more than 33 million users, recently announced that it was hacked, and although it reports that no passwords of users were compromised in the incident, unfortunately, its source code was stolen.

 According to LastPass

“We have determined that an unauthorized party gained access to portions of the LastPass development