Sanctions | Breaking Cybersecurity News | The Hacker News

A 51-year-old dual Russian and Israeli national who is alleged to be a developer of the LockBit ransomware group has been extradited to the United States, nearly three months after he was formally charged in connection with the e-crime scheme. Rostislav Panev  was previously arrested in Israel in August 2024. He is said to have been working as a developer for the ransomware gang from 2019 to February 2024, when the operation's online infrastructure was seized in a law enforcement exercise. "Rostislav Panev's extradition to the District of New Jersey makes it clear: if you are a member of the LockBit ransomware conspiracy, the United States will find you and bring you to justice," said United States Attorney John Giordano. LockBit grew to become one of the most prolific ransomware groups, attacking more than 2,500 entities in at least 120 countries around the world. Nearly 1,800 of those were located in the United States. Victims consisted of individuals and ...

DeepSeek, the Chinese AI startup that has captured much of the artificial intelligence (AI) buzz in recent days, said it's restricting registrations on the service, citing malicious attacks. "Due to large-scale malicious attacks on DeepSeek's services, we are temporarily limiting registrations to ensure continued service," the company said in an incident report page. "Existing users can log in as usual. Thanks for your understanding and support." Users attempting to sign up for an account are being displayed a similar message, stating "registration may be busy" and that they should wait and try again. "With the popularity of DeepSeek growing, it's not a big surprise that they are being targeted by malicious web traffic," Erich Kron, security awareness advocate at KnowBe4, said in a statement shared with The Hacker News. "These sorts of attacks could be a way to extort an organization by promising to stop attacks and rest...

The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Tuesday leveled sanctions against two entities in Iran and Russia for their attempts to interfere with the November 2024 presidential election. The federal agency said the entities – a subordinate organization of Iran's Islamic Revolutionary Guard Corps and a Moscow-based affiliate of Russia's Main Intelligence Directorate (GRU) – sought to influence the electoral outcome and divide the American people through targeted disinformation campaigns. "As affiliates of the IRGC and GRU, these actors aimed to stoke socio-political tensions and influence the U.S. electorate during the 2024 U.S. election," it noted in a press release. In August 2024, the Office of the Director of National Intelligence (ODNI), the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA) jointly accused Iran of attempting to undermine democratic processes, including b...

If you invite guest users into your Entra ID tenant, you may be opening yourself up to a surprising risk.  A gap in access control in Microsoft Entra's subscription handling is allowing guest users to create and transfer subscriptions into the tenant they are invited into, while maintaining full ownership of them.  All the guest user needs are the permissions to create subscriptions in their home tenant, and an invitation as a guest user into an external tenant. Once inside, the guest user can create subscriptions in their home tenant, transfer them into the external tenant, and retain full ownership rights. This stealthy privilege escalation tactic allows a guest user to gain a privileged foothold in an environment where they should only have limited access. Many organizations treat guest accounts as low-risk based on their temporary, limited access, but this behavior, which works as designed, opens the door to known attack paths and lateral movement within the resource t...