Latest Cybersecurity News and Articles

---

NHS Software Supplier Advanced Faces $7.6 Million Fine Over Ransomware Attack Failings

NHS software supplier Advanced faces a hefty fine of over £6 million (~$7.6 Million) for failing to protect personal information during a ransomware attack that impacted the National Health Service in the UK.

---

Roundcube Webmail Flaws Allow Hackers to Steal Emails and Passwords

Cybersecurity researchers have disclosed details of security flaws in the Roundcube webmail software that could be exploited to execute malicious JavaScript in a victim's web browser and steal sensitive information from their account under specific circumstances. "When a victim views a malicious email in Roundcube sent by an attacker, the attacker can execute arbitrary JavaScript in the victim's

---

Ransomware Swells Despite Collective Push to Curb Attacks

Rapid7 researchers noted over 2,570 attacks in the first half of 2024, equating to around 14 attacks daily. The number of ransomware groups posting on data leak sites surged 67% compared to the previous year.

---

Threat Actors Announced Doubleface Ransomware, Claims Fully Undetectable

Threat actors have introduced Doubleface ransomware, claiming it to be fully undetectable by major antivirus software. The ransomware utilizes a unique algorithm with AES-128 and RSA-4096 encryption, making decryption difficult without the right key.

---

Cyber Training Organization Pledges $15 Million in Education Programs

EC-Council, a cyber certification organization, has pledged $15 million in scholarships to support over 50,000 students in cybersecurity programs. The goal is to help students earn industry credentials and enhance their cybersecurity skills.

---

North Korean Hackers Leverage Malicious NPM Packages for Initial Access

North Korean hackers, identified as Moonstone Sleet, have been distributing malicious JavaScript packages on the npm registry to infect Windows systems. The two packages, harthat-api and harthat-hash, were uploaded on July 7, 2024.

---

AI is responsible for 40% of business email compromise (BEC) emails

According to a recent report, 40% of BEC emails are generated by AI. 

---

Abnormal Security Raises $250M on $5.1B Valuation to Enhance AI-Driven Cyber Protection

Abnormal Security, an AI-driven cybersecurity company, has raised $250 million in funding, valuing the company at $5.1 billion. The funding will support their mission of using AI to protect against cybercrime by understanding human behavior.

---

Chameleon Malware Now Targeting Employees Masquerading as a CRM app

Researchers have revealed a new tactic used by threat actors behind the Chameleon Android banking trojan, targeting Canadian users with a disguised Customer Relationship Management (CRM) app.

---

Replacement for Action Fraud, UK’s Cybercrime Reporting Service, Delayed Again Until 2025

The new service, known as the Fraud and Cyber Crime Reporting and Analysis System (FCCRAS), will enhance the reporting process by allowing users to upload additional information like metadata, screenshots, and images.

---

The Role of AI in Cybersecurity Operations

AI can analyze data quickly, detect patterns of malicious behavior, and automate routine tasks like alert triaging and log analysis. However, human oversight is still necessary to ensure the accuracy and relevance of AI-generated insights.

---

New Go-based Backdoor GoGra Targets South Asian Media Organization

An unnamed media organization in South Asia was targeted in November 20233 using a previously undocumented Go-based backdoor called GoGra. "GoGra is written in Go and uses the Microsoft Graph API to interact with a command-and-control (C&C) server hosted on Microsoft mail services," Symantec, part of Broadcom, said in a report shared with The Hacker News. It's currently not clear how it's

---

The Prevalence of DarkComet in Dynamic DNS

A recent analysis using HYAS Insight threat intelligence revealed a trend in dynamic DNS registrations originating from Turkey in 2024, with DarkComet malware representing over 50% of the malicious domains identified.

---

CrowdStrike Reveals Root Cause of Global System Outages

Cybersecurity company CrowdStrike has published its root cause analysis detailing the Falcon Sensor software update crash that crippled millions of Windows devices globally. The "Channel File 291" incident, as originally highlighted in its Preliminary Post Incident Review (PIR), has been traced back to a content validation issue that arose after it introduced a new Template Type to enable

---

Police Recover Over $40m Headed to BEC Scammers

A Singaporean commodity firm has had a narrow escape after police managed to intervene to recover nearly all of the $42.3m lost to fraudsters in a business email compromise (BEC) scam.

---

Florida Firm Sued Over Theft of 2.9B Personal Records

A class-action lawsuit is brewing over the cyber-heist of 2.9 billion personal records that were stolen from a Florida data broker, Jerico Pictures, doing business as National Public Data, and sold on the dark web.

---

NCSC CEO shares insights into securing UK elections in cyber space at major international conference

Felicity Oswald shares reflections on the UK approach to election security at Black Hat USA conference.

---

CISA Adds Microsoft COM for Windows Bug to its Known Exploited Vulnerabilities Catalog

The vulnerability, tracked as CVE-2018-0824, arises from the deserialization of untrusted data. Microsoft warns that this flaw could lead to remote code execution if exploited by a specially crafted file or script.

---

Attackers Use Multiple Techniques to Bypass Reputation-Based Security

Attackers have developed multiple techniques to bypass reputation-based security controls like Windows Smart App Control, allowing them initial access to environments without triggering alerts.

---

NHS IT firm faces £6m fine over medical records hack

Watchdog says Advanced software firm failed to protect data of thousands affected by 2022 ransomware attack in EnglandA software provider faces being fined more than £6m over a 2022 ransomware attack that disrupted NHS and social care services in England, the data protection regulator has announced.The Information Commissioner’s Office (ICO) said it had provisionally found that Advanced Computer Software Group had failed to implement measures to protect the personal information of 82,946 people who were affected by the attack, which included some sensitive information. Continue reading...