Poland is warning of a spike in cyberattacks from Russia-linked hackers, including GhostWriter, a state-sponsored hacking group. Poland’s official website claims hostile cyber-activity has intensified, targeting public domains and state organizations, strategic energy and armament providers, and other critical entities.…
Category: Heimdal Security Blog
What Is Container Security? Definition, Benefits, and Risks
Container security is a vital factor for all companies that use containers for running their software, as an alternative to using virtual machines (VMs). A container is a software conglomeration that includes all the components required for the soft to…
Financial and Insurance Sectors in Europe Targeted by Raspberry Robin Worm
The Raspberry Robin worm has targeted the financial and insurance industries in Europe, and the virus is still evolving its post-exploitation capabilities while evading detection. The breaches, which have been seen in Spanish and Portuguese-speaking organizations, are notable for collecting…
Vulnerability in Google Home Speaker Allowed Eavesdropping
A vulnerability in Google Home speakers could have allowed threat actors to remotely listen in on user conversations. The issue was reported to Google by security researcher Matt Kunze, who won a bug bounty of $107,500. According to Kunze’s technical…
The One Ransomware Gang That Decided to Give Back
As a result of an attack against the Hospital for Sick Children (SickKids), the LockBit ransomware gang has formally apologized and released a free decryptor for the hospital. Toronto’s SickKids Hospital is a teaching and research hospital that treats sick children.…
PyTorch Dependency Chain Compromised During Winter Holidays
Users who installed PyTorch-Nightly during last week of December are warned to uninstall it and torchtriton immediately. The good news is those who use PyTorch stable package were not impacted by this problem. The open-source Python-based machine learning framework discovered…
Chinese Students in the U.K. Are Victims of RedZei Scam Calls
RedZei (or RedThief) Chinese-speaking hackers are targeting U.K.-based Chinese international students, a wealthy victim group, with scam calls. The campaign is ongoing for more than a year and shows that threat actors have meticulously selected and researched their victims. Details…
Ransomware Gang Clones Website to Leak Stolen Data
ALPHV ransomware operators published stolen data on a replica of a victim’s site as part of their extortion tactic. Also known as BlackCat ransomware, ALPHV is known for testing new ways to force their victims into paying. Even though these tactics have…
Canadian Mining Company Targeted by Ransomware
A cyberattack launched on December 27, 2022, caused the Canadian Copper Mountain Mining Corporation (CMMC) to shut down its operations. The IT team of the company from British Columbia quickly implemented the predefined risk management systems and protocols to contain…