The Record

A 22-year-old Oregon man has been charged with running a powerful botnet-for-hire service used to launch hundreds of thousands of cyberattacks worldwide, the U.S. Justice Department said.

The Russian platform Investment Projects said it is working to restore its infrastructure following a cyberattack claimed by the pro-Ukraine group Cyber Anarchy Squad.

The company said no critical data was accessed, but the hacker "gained access to one of our IT systems that contains the following data: name, first name, telephone number, SIM card number, PUK code, tariff plan.”

The Business Council of New York State, which works with more than 3,000 organizations, told regulators in multiple states that it suffered a cyberattack in February.

North Korea-linked hackers were seen targeting more than a dozen embassies in Seoul with phishing emails.

The Indiana-based pharmaceutical company Inotiv discovered a cybersecurity incident earlier this month and found the hackers had encrypted certain systems.

The United Kingdom is backing down from a controversial legal demand targeting Apple, U.S. Director of National Intelligence Tulsi Gabbard claimed on social media.

Hackers are disguising a powerful strain of malware as a ChatGPT desktop application in preparation for ransomware attacks, Microsoft said.

Bragg Gaming Group said on Monday that it “believes that the data breach was limited to Bragg’s internal computer environment” based on its preliminary investigation.

Thai police found a portable SMS blaster capable of sending barrages of scam texts inside of a Suzuki — at least the second such seizure in Bangkok in recent weeks.

Russia-based cybersecurity firm F6 said the attacks began in April and infected devices with Kinsing and XMRig malware, tools commonly used to mine the cryptocurrency Monero.

The human resources software company Workday announced that some customer information was obtained in a social engineering attack.

The London-based tech and telecom company Colt Technology Services confirmed that a cyberattack earlier this week caused technical issues that it is still addressing.

A new report described how criminals use “ghost-tapping” — when stolen payment card details are uploaded onto a burner phone and used in-person to purchase goods.

The Treasury Department added the cryptocurrency exchange Grinex and other entities to existing sanctions against Garantex, a Russian platform seized earlier this year.

Most of the stolen funds were siphoned in Ethereum, with more than $38.6 million taken out of the platform. The other $10 million was spread across multiple cryptocurrencies, according to security firm PeckShield.

Local media previously reported that the hackers breached the dam’s control system, opening valves for four hours and sending large amounts of water gushing into the Riselva River until operators regained control.

A federal appeals court panel voted 2-1 on Wednesday against a petition from industry groups, who argued that the 2024 rules exceeded the FCC’s statutory authority.

Staff were alerted to the data breach on Monday, as CBC News reported based on an internal email that explained the threat actor had accessed a database “containing information used to manage computers and mobile devices.”

Researchers observed a threat actor advancing Russian interests by targeting state organizations and an energy supplier in Georgia and Moldova.