For individuals

Ukrainian and Russian hacktivist operations have expressed disdain over new ethical guidelines on hacktivism issued by the International Committee of the Red Cross that discouraged the targeting of civilians and critical infrastructure amid the ongoing Russia-Ukraine war, reports The Record, a news site by cybersecurity firm Recorded Future.

TechCrunch reports that mobile spyware Oospy, which emerged in July as a rebranded Spyhide phone monitoring app, has ended operations after its back-end server, which contained thousands of Android devices' data, was shut down due to terms of service violations by web host Hetzner.

Data from individuals who contacted the Lorenz ransomware group between June 3, 2021 and Sept. 17, 2023, including names, email addresses, and online form subject lines, were accidentally leaked due to a misconfigured Apache2 web server, according to The Register.

Vietnamese banking apps hit by novel GoldDigger Android trojan Over 50 Vietnamese banking, cryptocurrency wallet, and e-wallet applications have been targeted in attacks involving the new GoldDigger Android banking trojan since June, reports The Hacker News.

Suspected Chinese hackers have launched a cyberespionage campaign aimed at Guyana government agencies involving the novel data exfiltrating DinodasRAT backdoor and an iteration of the Korplug backdoor tied to Mustang Panda and other China-linked threat operations, according to The Record, a news site by cybersecurity firm Recorded Future.

Taiwan-, Singapore-, and Hong Kong-based semiconductor companies have been subjected to a new China-linked cyberespionage operation that sought to facilitate Cobalt Strike beacon infections, reports BleepingComputer.

CyberScoop reports that state-sponsored threat operations have increased in both sophistication and aggression amid a growing focus on cyberespionage rather than high-profile intrusions.

MGM wins big bet that choosing days of operations outages is a better business decision than paying a ransom, following last month's data breach.