Researchers at South Korean cybersecurity company S2W attributed a new malware campaign that targeted South Korean organizations to North Korean cybercrime group Kimsuky. The hackers disguised their malware installer as a security program installation file to deceive victims and steal their data.
Pro-Israel hacktivist group R00TK1T said it breached Malaysian telecom giant Maxis shortly after it promised to target organizations in Malaysia because of the country's stance on the Middle East conflict. The hackers also breached telecom company Aminia and online learning platform Yoututor.
The Filipino government has accused China-based threat actors of hacking into the websites of a half-dozen government entities and infiltrating government email systems. DICT officials said the hackers used China-based IP addresses and the services of Chinese telecom firm Unicom to mount attacks.
Fraudsters used deepfake technology to trick an employee at a Hong Kong-based multinational company to transfer $25.57 million to their bank accounts. Hong Kong Police said Sunday that the fraudsters had created deepfake likenesses of top company executives in a video conference to fool the worker.
South Korean President Yoon Suk Yeol expects North Korea to interfere with the upcoming legislative elections and warned citizens to prepare for waves of cyberattacks, fake news and disinformation. Investigators believe North Korea conducted 80% of the attacks on public sector organizations in 2023.
The FBI and the U.S. Department of Justice used a court order to disrupt a Chinese hacking operation that compromised thousands of internet-connected devices and targeted sensitive areas of U.S. critical infrastructure, according to media reports.
The U.K. government is mulling the rollout of a voluntary set of rules urging software vendors to responsibly disclose vulnerabilities in their systems. The measure comes as the government continues to face criticism over poor management of legacy infrastructure.
The United States, Australia and the United Kingdom sanctioned a Russian man the governments say was behind the October 2022 hacking of Medibank, Australia's largest private health insurer. The attack was a high point in a wave of data breaches buffeting the country that year.
The Australian government plans to adopt a risk-based approach to AI governance modeled after the European Union's Artificial Intelligence Act, which requires strict regulation on any uses of AI systems that could pose risks to national security, violate individual privacy or cause harm to society.
The British data regulator is set to analyze the privacy implications of processing scraped data used for training generative artificial intelligence algorithms. The Information Commissioner's Office is soliciting comments from AI developers, legal experts and other industry stakeholders.
Australian fashion and sports retailer The Iconic has blamed careless customers for a spree of incidents that allowed hackers to access customer accounts and place orders worth thousands of dollars. The firm said customers made themselves easy targets by reusing passwords across multiple websites.
Australian travel company Inspiring Vacations is investigating a misconfigured cloud database that exposed passport details and the personal information of tens of thousands of travelers. Cybersecurity researcher Jeremiah Fowler said the database leaked 112,000 passport scans and identity documents.
Budget cuts and a lack of skilled cybersecurity professionals have forced the country's cybersecurity agency to ask hackers for tips and guidance on emerging threats, a government official told Bloomberg. He said DICT employs only 30 cybersecurity experts but needs 200 people.
The Indian government is instituting joint programs with state police forces and the judiciary system to dismantle the growing threat of cyber fraud, but long delays in cybercrime investigations and a lack of experience in investigating digital crimes could derail these efforts.
The court system of Victoria said it had experienced a serious cybersecurity incident in late 2023 that gave hackers access to video recordings of proceedings at multiple courts, including the Supreme Court and the County Court. The hack took place on Dec. 8 and was discovered two weeks later.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.