Crypto exchange OKX shuts down tool used by North Korean hackers to launder stolen funds 加密货币交易所OKX因发现朝鲜黑客试图利用其DeFi服务洗钱而暂时关闭相关工具。此前 Lazarus Group 的攻击未遂已被阻止。该平台近期因合规问题受到调查，并因未获许可经营汇款业务支付5.04亿美元罚款。OKX否认参与洗钱并批评媒体攻击。... 2025-3-17 23:31:15 | 阅读: 5 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media okx north funds bybit exchange

GitHub restores code following malicious changes to tj-actions tool GitHub因开源包被篡改而采取行动，影响23,000多个组织。攻击者修改代码导致CI/CD秘密泄露至日志中。GitHub暂停账户并移除内容后恢复。专家建议审核和替换受损工具以防止泄露。... 2025-3-17 20:47:53 | 阅读: 5 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media github security tj software malicious

'Mora_001' ransomware gang exploiting Fortinet bug spotlighted by CISA in January 新的勒索软件团伙Mora_001利用Fortinet的两个关键漏洞（CVE-2024-55591和CVE-2025-24472）展开攻击，并与LockBit生态系统相关联。CISA要求联邦机构紧急修补漏洞，但部分机构仍未能及时应对。... 2025-3-17 14:31:58 | 阅读: 6 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media lockbit ransomware forescout mora

Telegram CEO confirms leaving France amid criminal probe 俄罗斯出生的Telegram创始人兼所有者 Pavel Durov 因法国针对该应用活动的刑事调查离开数月后返回迪拜，并感谢法官和团队的努力证明Telegram在内容审核和反犯罪方面超出法律义务。... 2025-3-17 14:31:57 | 阅读: 2 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media durov ukraine dubai citizen french

Appellate court upholds sentence for former Uber cyber executive Joe Sullivan 前Uber首席安全官Joe Sullivan因妨碍司法公正罪被定罪并维持原判。2016年Uber数据泄露事件中，黑客窃取了5700万用户及60万司机信息。Sullivan试图掩盖事件，支付黑客并签署保密协议而非向联邦贸易委员会报告。检方指控其故意隐瞒行为非法。法院驳回其上诉理由，指出其行为违反计算机欺诈法且明知违法。最终判处3年缓刑及罚款等处罚。... 2025-3-14 19:16:11 | 阅读: 3 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media sullivan uber charges mckeown lawyers

Can TikTok help Frank McCourt reinvent the internet? Frank McCourt, a real estate magnate, aims to acquire TikTok to implement his Project Liberty, which seeks to redefine internet ownership by giving users control over their data. He believes the internet has become harmful and wants to create a decentralized system where individuals own their identities and data, challenging big tech's dominance.... 2025-3-14 16:31:13 | 阅读: 3 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media fm mccourt bid buyer liberty

Alleged Russian LockBit developer extradited from Israel, appears in New Jersey court LockBit勒索软件开发者Rostislav Panev被引渡至美国并面临40项指控。该团伙曾攻击全球2500多个受害者，非法获利超5亿美元。... 2025-3-14 15:46:8 | 阅读: 3 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media lockbit panev ransomware khoroshev justice

Europe's telecoms sector under increased threat from cyber spies, warns Denmark 丹麦网络安全机构警告称，针对欧洲电信部门的国家支持网络间谍活动增加。该机构未明确提及"盐风暴"或中国，但暗示美国和欧洲对此关注。丹麦提高威胁等级至"高"。... 2025-3-14 12:16:13 | 阅读: 4 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media salt typhoon european

Google refuses to deny it received encryption order from UK government 美国国会议员担心英国政府可能要求美国科技公司提供访问加密信息的机制。Google未否认收到英国政府的秘密法律命令，而Apple则在秘密法庭上 contesting 这个要求。议员们批评听证会的秘密性影响了国会监督，并提到这些公司无法透露是否收到命令。... 2025-3-14 12:1:12 | 阅读: 2 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media congress disclosing deny tcn prohibited

Ransomware attack takes down health system network in Micronesia 密克罗尼西亚的 Yap 州遭遇勒索软件攻击，导致政府卫生部门所有电脑下线。该州已警告居民称此次攻击发生在 3 月 11 日，并采取措施关闭网络以防止进一步损害。目前正与 IT 承包商和其他机构合作恢复服务并评估数据泄露情况。附近国家近期也发生类似网络安全事件。... 2025-3-14 02:18:12 | 阅读: 1 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media ransomware yap micronesia palau islands

European lawmaker says EU is committed to continuing data transfers to US 欧盟专员迈克尔·麦格拉斯表示，欧洲将继续遵守与美国的数据隐私协议，确保跨大西洋数据流动。该协议支撑逾1万亿美元贸易额。尽管特朗普政府曾引发担忧，但美欧均表明支持该框架。... 2025-3-13 19:31:20 | 阅读: 6 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media european mcgrath agreement atlantic tdpf

Booking.com phishing campaign targeting hospitality sector with malware 网络犯罪分子伪装成Booking.com，诱骗酒店业员工下载恶意软件窃取凭证。攻击始于2024年12月，针对北美、东南亚和欧洲的从业者。利用“ClickFix”技术诱导用户执行命令下载恶意软件。微软报告称该活动由Storm-1865团伙实施，并建议员工检查邮件来源、注意拼写错误及谨慎处理要求行动的消息。... 2025-3-13 16:46:13 | 阅读: 5 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media microsoft booking phishing shortcut victim

Calls grow for UK to move secret Apple encryption court hearing to public session 英国政府要求苹果提供加密iCloud访问权限，导致苹果关闭相关功能。社会各界呼吁公开听证会以增加透明度。专家警告政府应更透明地获取加密平台访问权限。苹果强调从未建立后门，并希望政府解释理由。... 2025-3-13 15:16:18 | 阅读: 4 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media british hearing court security encryption

Ukraine seeks to bolster offensive cyber capabilities amid rising threats from Russia 乌克兰警告需加强网络攻击能力以应对俄罗斯威胁，并呼吁欧洲合作。官员表示需主动反击而非被动防御，强调俄罗斯只懂力量。西方专家建议欧洲战略应包括攻防结合以对抗威胁。... 2025-3-13 14:46:14 | 阅读: 2 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media ukraine threats russia kyiv military

At Ukraine’s major cyber conference, Europe takes center stage over US 乌克兰年度网络安全会议今年由欧洲主导，美国政府未派官员出席。尽管美欧企业参与合作，但讨论重心转向乌克兰与欧洲的战略协作及未来网络安全框架建设。... 2025-3-13 12:19:17 | 阅读: 5 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media ukraine kyiv potii american

China continues cyberattacks on routers, this time targeting Juniper Networks devices 中国网络间谍组织UNC3886针对Juniper路由器部署后门程序，主要攻击美国和亚洲的国防、科技及电信机构。该组织利用过时硬件和软件漏洞进行长期渗透活动。... 2025-3-12 22:48:25 | 阅读: 6 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media routers juniper network unc3886 junos

CISA: More than 300 critical infrastructure orgs attacked by Medusa ransomware Medusa 勒索软件团伙已攻击 300 多个关键基础设施部门受害者，涉及医疗、教育等多行业。该团伙通过网络钓鱼和漏洞利用发起攻击，并招募初始访问代理获取目标访问权限。其采用三重勒索策略，在赎金支付后再次索要赎金。该团伙在 2023 年对明尼阿波里斯公立学校发动重大攻击，泄露大量学生数据。... 2025-3-12 20:19:15 | 阅读: 6 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media medusa ransomware affiliates developers security

Volt Typhoon hackers were in Massachusetts utility’s systems for 10 months 中国黑客组织Volt Typhoon入侵美国马萨诸塞州一家公用事业公司系统近一年，被Dragos公司发现并协助应对。此次攻击系中国政府在全球范围内预置网络间谍活动的一部分，旨在为潜在冲突中的破坏性行动做准备。FBI和CISA警告称，此类黑客可能已在美关键基础设施中潜伏多年。... 2025-3-12 19:4:12 | 阅读: 3 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media typhoon volt dragos network

CISA cuts $10 million annually from ISAC funding for states amid wider cyber cuts 美国网络安全机构CISA削减了对两个关键信息共享中心MS-ISAC和EI-ISAC的资助，并裁员。此举引发担忧，认为可能削弱选举安全和地方网络安全能力。... 2025-3-12 17:16:41 | 阅读: 4 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media isac security funding isacs

Europe urged to seize ‘opportunity’ by replacing US funding for Ukraine cyber defense 美国冻结对外援助导致乌克兰网络安全项目资金短缺，欧洲或借此支持本土科技企业。乌克兰去年遭遇4315起网络攻击，其中70%为严重事件。尽管攻击数量激增，但关键性高危事件减少70%。乌克兰正加强与国际合作伙伴合作以提升防御能力。... 2025-3-12 16:31:15 | 阅读: 3 | 收藏 | Over Security - Cybersecurity news aggregator - therecord.media ukraine funding kyiv aid malchenyuk