A Russian threat actor behind the alias 'LockBitSupp' has been identified as Dmitry Khoroshev.

The China-linked UNC5221 cluster appears to be behind the hack.

An analysis of the attacker-controlled IP addresses suggests potential involvement of a China-based threat actor.

Initial investigations suggest that no operational data was obtained.

Graph API is often used for discreet communications to cloud-based C&C servers.

Marriott has acknowledged that it used SHA-1 algorithm, which does not qualify as encryption.

The attacks targeted entities "related to Russia's war of aggression against Ukraine."

Vinnik was one of the key operators of BTC-e, a primary facilitator for cybercriminals.

In brief: the Dropbox breach, Chinese hackers caught manipulating China’s Great Firewall, REvil hacker sentenced, and moreю

In addition to his prison sentence, Vasinskyi was ordered to pay over $16 million in restitution.

The attackers accessed authentication tokens, MFA keys, hashed passwords, and customer info.

Cuttlefish implements the functionality that allows it to execute HTTP and DNS hijacking.

The trojan made a comeback around September 2023 after lying dormant for almost two years.

Nearly 20% of all Docker Hub repositories analyzed hosted malware or malicious content.

The group created fake social media accounts impersonating top officials of Ukrainian security agencies.

The Vastaamo breach claimed the largest number of victims in Finnish legal history.

The company didn’t reveal what specific flaw was exploited by the hackers.

The threat actor has been running an operation that utilizes DNS queries for years.

The PSTI also requires device makers to provide contact information for users to report security vulnerabilities.