Researchers at the Google Threat Intelligence Group (GTIG) have uncovered details of an espionage campaign conducted by the Chinese group APT24. This activity has been ongoing for approximately three years, and the hackers are using the previously undocumented BadAudio malware in their attacks. APT24 (also known as Pitty Tiger) attacks government agencies , as well as organizations in the healthcare, construction and engineering, mining, non-profit, and telecommunications sectors in the United States and Taiwan. According to Google, the group specializes in the theft of intellectual property, particularly information that makes organizations competitive in their industries. According to experts, since 2022, the malware

On November 13, Eurofiber France, a respected provider of fiber optic network and VPN solutions to many of France’s leading companies, discovered that its systems had been compromised by criminal hackers. The digital portal, through which daily communication between customers and technical support occurs, was vulnerable. Responsibility for the flaw was claimed by a hacker known by the pseudonym ByteToBreach , who posted the information on underground forums. According to the person himself, information was obtained on approximately 10,000 companies and public entities, some of which were highly sensitive. According to the company, the data breach affected only customers of Eurofiber France

With the increasing digitalization of the supply chain , resilience is no longer just about logistics and suppliers, but also the security and visibility of IT systems. Disruptions are no longer a remote possibility: more and more companies are facing cyberattacks , often targeting the very systems that manage the supply chain. Ransomware in particular represents a real threat , capable of blocking critical operations and compromising access to data. Despite investments in backup and business continuity solutions, many organizations struggle to meet their recovery time objectives (RTOs) when these events occur. Visibility as a starting point Many supply chain environments are

This fall, we’ve had quite a bit of a cloud headache, I don’t know if you’ve noticed. That is, AWS, Azure , and then Cloudflare . All of them down, one after the other. A series of outages that showed us something very serious: today, a stupid internal configuration error or a mess of metadata is the modern equivalent of a massive blackout. Yes, that’s right. Within four weeks, all three giants went down, and each time the problem came from within , from the providers’ own infrastructure. It wasn’t that there were too many people, or the seasonal peak, or some

This summer, in the Dubai desert, a flight occurred that few expected to see from a battery-powered quadcopter. The experimental Peregreen 3 reached a speed of 360.4 miles per hour (about 580 kilometers per hour), breaking a record that had stood for a year. At the time, only the test participants knew about it, but on November 18, YouTube blogger Luke Maxima Bell finally revealed the project and shared footage of the flight. The Guinness Book of World Records confirmed the achievement as a new world record for electric remote-controlled quadcopters . The previous record, 350 kilometers per hour, was held by

Users noticed that last week Microsoft developers disabled the offline activation method for Windows 11 and 10 via KMS38, which has been used by hackers around the world for years. However, the official release notes don’t mention these changes. KMS38 was developed by enthusiasts from the Massgrave project ( MAS, Microsoft Activation Scripts ), known for its repository of unofficial tools for activating Windows and Office . The essence of this activation method was to trick the system file GatherOSstate.exe ( a utility that determines whether the current system is eligible for an upgrade ), extending the Key Management Service ( KMS

Artificial intelligence is changing the way recent computer science graduates approach the world of work. It’s not about sudden job disappearances , but rather a transformation of entry-level roles in programming and development. What used to be “write, test, debug” is now done with AI tools that lend a hand, meaning that basic work is no longer the only determining factor. Junior developers today face tasks that require creativity, critical thinking, and collaboration . Software architecture, interface design, systems integration, and ethical computing—all aspects that once seemed reserved for experts—are now essential even in their first professional experiences. AI tools make work

Group-IB experts presented a detailed analysis of the long-running UNC2891 campaign, which demonstrated the continuing sophistication of ATM attack schemes. Attention focused on the Raspberry Pi, which the attackers used to access the infrastructure of two Indonesian banks. However, it emerged that the physical intrusion into the ATM was only part of a larger criminal operation, designed to control the entire process, from host compromise to cash withdrawal, through a network of proxies. According to Group-IB , UNC2891 conducted three separate intrusions: against one bank in February 2022, against another in November 2023, and then back to the first in July 2024.