Bleeping Computer reports: ClickFix attacks are gaining traction among threat actors, with multiple advanced persistent threat (APT) groups from North Korea, Iran, and Russia adopting the technique in recent espionage campaigns. ClickFix is a social engineering tactic where malicious websites impersonate legitimate software or document-sharing platforms. Targets are lured via phishing or malvertising and shown […]
The Daily Hodl reports: A car rental giant says sensitive customer data has been exposed in a cybersecurity incident involving one of its vendors. In a notice posted on its website, Hertz says that its vendor, Cleo Communications US, witnessed a zero-day vulnerability exploit late last year that enabled thieves to siphon customer data. Notifications on various […]
NPR reports: In the first days of March, a team of advisers from President Trump’s new Department of Government Efficiency initiative arrived at the Southeast Washington, D.C., headquarters of the National Labor Relations Board. … according to an official whistleblower disclosure shared with Congress and other federal overseers that was obtained by NPR, subsequent interviews […]
The Wall Street Journal reports: Chinese police issued wanted notices for three people they said engaged in cyberattacks against China on behalf of the U.S. National Security Agency, a rare step by Beijing as hostilities between the superpowers escalate. The accusations that the NSA targeted the Asian Winter Games held in the northeastern Chinese city of Harbin […]
Department Answers Frequently Asked Questions, Provides Guidance, and Issues Limited Enforcement Policy for First 90 Days Today, the Justice Department took significant steps to move forward with implementing a critical program to prevent China, Russia, Iran, and other foreign adversaries from using commercial activities to access and exploit U.S. government-related data and Americans’ sensitive personal […]
Fox8 reports: Chinese officials acknowledged behind closed doors at a December meeting that their government was responsible for a series of cyberattacks on U.S. infrastructure, according to a Wall Street Journal report based on information from people familiar with the matter. The news comes as the two countries continue to spar over tariffs imposed by President Donald […]
TechCrunch reports: Democratic Sen. Ron Wyden has put a hold on the Trump administration’s nomination of Sean Plankey to head the federal government’s top cybersecurity agency, citing a “multi-year cover up” of security flaws at U.S. telecommunication companies. Wyden said in remarks, seen by TechCrunch and confirmed by the senator’s spokesperson, that he will block the nomination […]
Only days after news sites reported that RansomHub was collaborating with EvilCorp in developing its attacks, RansomHub appeared to have been the victim of a takeover by another group. Or perhaps it was just a merger? DragonForce recently posted an announcement on the RAMP cybercrime forum claiming that it had become partners with RansomHub. A […]
Newsweek reports: A group of hackers that previously targeted President Donald Trump has pledged to take aim at Elon Musk for the next month. DonRoad Team, which previously claimed responsibility for taking down several Trump-associated websites, announced Monday it would begin hitting sites linked to Elon Musk. Newsweek contacted Tesla, SpaceX, X (formerly Twittter) and the Department of Government Efficiency […]
BakerHostetler launches 2025 Data Security Incident Response Report
BakerHostetler has released its 2025 Data Security Incident Response Report, which provides insight and analysis from more than 1,250 data security incidents managed by the firm this past year. Their report features a deep dive into critical components of security incidents (e.g., response timeline, average ransom payment amount, frequency of litigation) as well as an examination of […]