AllaKore RAT Malware Targeting Mexican Firms with Financial Fraud Tricks
Mexican financial institutions are under the radar of a new spear-phishing campaign that delivers a modified version of an open-source remote access trojan called AllaKore RAT
America covers cybersecurity incidents, policy, privacy, public services, advisories, and regional developments affecting digital security.
Search across headline titles and summaries.
Background for this topic.
America covers cybersecurity and information-security developments connected to America, including incidents, policy, privacy, advisories, research, and news affecting organizations, public services, and digital systems in the area.
For practitioners, the tag provides geographic context for developments involving America's organizations, services, partners, and users. Individual articles provide the specific technologies, threats, sectors, and operational implications relevant to each development.
Mexican financial institutions are under the radar of a new spear-phishing campaign that delivers a modified version of an open-source remote access trojan called AllaKore RAT
US Cyber Agency Issues Step-by-Step Guide to Build Software Bills of MaterialsThe U.S. Cybersecurity and Infrastructure Security Agency is aiming to improve the implementation of software bills of materials across the public and private sectors as experts warn that a failure to build and use the critical inventory lists could result in "catastrophic security breaches."
Authorities in Australia, the United Kingdom and the United States this week levied financial sanctions against a Russian man accused of stealing data on nearly 10 million customers of the Australian health insurance giant Medibank. 33-year-old Aleksandr Ermakov allegedly stole and leaked the Medibank data while working with one of Russia's most destructive ransomware groups, but little more is shared about the accused. Here's a closer look at the activities of Mr. Ermakov's alleged hacker handles.
40-year-old Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his role in creating and distributing the TrickBot malware, the U.S. Department of Justice (DoJ) said
Rest of the crew still at large A former Trickbot developer has been sent down for five years and four months for his role in infecting American hospitals and businesses with ransomware and other malware, costing victims tens of millions of dollars in losses.…
Vladimir Dunaev Acknowledged Acting 'Recklessly' in Working for Cybercriminal GroupA U.S. federal judge sentenced a Russian national to five years and four months in prison for his role in developing TrickBot malware. Vladimir Dunaev, 40, pleaded guilty in December. Dunaev helped develop the malware "while hiding behind his computer," U.S. Attorney Rebecca Lutzko said.
Also: Ivanti Exploitation Continues; Apple Fixes First Zero-Day of 2024This week, U.S. short seller lender EquiLend Holdings was hacked, the Ivanti exploitation continued, Apple addressed the first zero-day of 2024, Ukraine said hackers had hit a Russian research center, Kasseika ransomware evolved, North Korean hackers were active, and Trello experienced a data leak.
U.S.-Led Sanctions Do Little to Curtail North Korea's Development of AISouth Korea's intelligence agency has reported that North Korean hackers are using generative AI to conduct cyberattacks and search for hacking targets. Experts believe North Korea's AI capabilities are robust enough for more precise attacks on South Korea.
Experts Warn Against Increasing Federal Reliance on Chinese TechnologyExperts are raising fresh concerns about the "significant risk" for Chinese espionage against U.S. federal networks after a government watchdog caught the government's main acquisition arm purchasing unauthorized, Chinese-manufactured video conference cameras.
US and UK Water Giants Report Network Breaches and Data Leaks, But No EncryptionTwo major water providers in the U.S. and U.K. report that they recently fell victim to ransomware attacks. In both cases, attackers appear to have stolen employee or customer data that they're now holding to ransom. Ransomware trackers say known attacks, affecting all sectors, have been surging.
Governments from Australia, the U.K., and the U.S. have imposed financial sanctions on a Russian national for his alleged role in the 2022 ransomware attack against health insurance provider Medibank
US Cyber Agency Director Is Latest High-Profile Target of Dangerous Swatting AttackThe director of the U.S. Cybersecurity and Infrastructure Security Agency confirmed she was the apparent target of a swatting attack in which police responded to false calls of a shooting at her Virginia residence on Dec. 30, 2023. In a statement, Easterly described the experience as "harrowing."
Governments Accuse Aleksandr Ermakov and REvil of Being Medibank HackersThe United States, Australia and the United Kingdom sanctioned a Russian man the governments say was behind the October 2022 hacking of Medibank, Australia's largest private health insurer. The attack was a high point in a wave of data breaches buffeting the country that year.
Veolia North America, a subsidiary of transnational conglomerate Veolia, disclosed a ransomware attack that impacted systems part of its Municipal Water division and disrupted its bill payment systems. [...]
X, formerly Twitter, announced today that iOS users in the United States can now log into their accounts using passkeys. [...]
Hackers Spread Fake News About SEC Approving Spot Bitcoin Exchange-Traded FundIt wasn't a sophisticated hack on Jan. 9 that allowed hackers to briefly take control of an official U.S. Securities and Exchange Commission social media account, the agency said Monday. The hackers simply scammed the account's mobile phone provider in a SIM swap attack.
The U.S. Securities and Exchange Commission confirmed today that its X account was hacked through a SIM-swapping attack on the cell phone number associated with the account. [...]
Today, the U.S. Federal Trade Commission (FTC) ordered Intuit to stop promoting its software products and services as "free" unless they're actually free for all consumers. [...]
'The federal government has almost entirely abdicated its responsibility' For a country that prides itself on being free, America does seem to have an awful lot of spying going on, as the new Street Surveillance Hub from the Electronic Frontier Foundation shows.…
The U.S. Federal Trade Commission (FTC) is continuing to clamp down on data brokers by prohibiting InMarket Media from selling or licensing precise location data