ENGlobal Corporation, a major contractor in the energy sector and federal government, was locked out of its financial systems for six weeks following a ransomware attack that began on 25 November 2024, the company disclosed in a filing with the US Securities and Exchange Commission (SEC).
The attack disrupted access to key business applications, affecting operational and corporate functions, including financial and reporting systems. However, ENGlobal stated that its systems have been fully restored, and the attackers no longer have access.
The Oklahoma-based company also confirmed that the breach involved unauthorised access to sensitive personal information stored on its IT systems. The company stated that affected individuals will be notified accordingly.
In an earlier SEC filing in December, ENGlobal revealed that the attackers had encrypted data files after gaining access, forcing the company to restrict IT system access and limit operations to essential functions. Despite the disruption, the company does not expect a material financial impact from the incident.
Founded in 1985, ENGlobal specialises in designing and constructing automation and instrumentation systems for commercial and government clients, including the US defence industry. The company reported $6 million in 2024 third-quarter revenue last quarter.
No ransomware group has claimed responsibility for the attack, which caused a longer-than-average outage.
With Germany’s parliamentary elections just weeks away, lawmakers are warning that authoritarian states, including Russia, are intensifying disinformation efforts to destabilise the country. Authorities are particularly concerned about a Russian campaign, known as Doppelgänger, which has been active since 2022 and aims to undermine Western support for Ukraine. The campaign has been linked to fake social media accounts and misleading content in Germany, France, and the US.
CSU MP Thomas Erndl confirmed that Russia is attempting to influence European elections, including in Germany. He argued that disinformation campaigns are contributing to the rise of right-wing populist parties, such as the AfD, by sowing distrust in state institutions and painting foreigners and refugees as a problem. Erndl emphasised the need for improved defences, including modern technologies like AI to detect disinformation, and greater public awareness and education.
The German Foreign Ministry recently reported the identification of over 50,000 fake X accounts associated with the Doppelgänger campaign. These accounts mimic credible news outlets like Der Spiegel and Welt to spread fabricated articles, amplifying propaganda. Lawmakers stress the need for stronger cooperation within Europe and better tools for intelligence agencies to combat these threats, even suggesting that a shift in focus from privacy to security may be necessary to tackle the issue effectively.
Greens MP Konstantin von Notz highlighted the security risks posed by disinformation campaigns, warning that authoritarian regimes like Russia and China are targeting democratic societies, including Germany. He called for stricter regulation of online platforms, stronger counterintelligence efforts, and increased media literacy to bolster social resilience. As the election date approaches, lawmakers urge both government agencies and the public to remain vigilant against the growing threat of foreign interference.
WhatsApp has identified an advanced hacking campaign targeting nearly 90 users across more than two dozen countries. The attack, linked to Israeli spyware firm Paragon Solutions, exploited a zero-click vulnerability, meaning victims’ devices were compromised without them needing to interact with any malicious files. The messaging platform, owned by Meta, has since taken steps to block the hacking attempts and has issued a cease-and-desist letter to Paragon.
While WhatsApp has not disclosed the identities of those targeted, reports indicate that journalists and members of civil society were among the victims. The company has referred affected users to Citizen Lab, a Canadian watchdog that investigates digital security threats. Law enforcement agencies and industry partners have also been alerted, though specifics remain undisclosed.
Paragon, which was recently acquired by US investment firm AE Industrial Partners, has not commented on the allegations. The company presents itself as a responsible player in the spyware industry, claiming to sell its technology only to governments in stable democracies. However, critics argue that the continued spread of surveillance tools increases the risk of human rights abuses, with spyware repeatedly found on the devices of activists, journalists, and officials worldwide.
Cybersecurity experts warn that the growing use of commercial spyware poses an ongoing threat to digital privacy. Despite claims of ethical safeguards, the latest revelations suggest that even companies with supposedly responsible practices may be engaging in questionable surveillance activities.
The South African Weather Service (SAWS) was hit by a cyberattack affecting its online services and limiting access to weather information relied upon by various sectors, including aviation and agriculture. According to an official statement, SAWS’ website has been offline since Sunday evening. As a temporary measure, the agency has been sharing weather updates through alternative channels, such as social media platforms.
SAWS attributed the disruption to a ‘security breach’ and confirmed that its Information and Communication Technology (ICT) systems were impacted. The organisation stated that efforts are underway to investigate the incident and restore affected services, with ICT specialists working on interim and long-term solutions.
Critical operations, including those supporting aviation and maritime operations, have been affected. SAWS advised the public to refer to its social media channels for updates and announced that the incident would be reported to law enforcement authorities. The agency noted that this was the second attempted cyberattack in two days, with an initial attempt on January 25, 2025, reportedly unsuccessful.
SAWS also provides meteorological data to neighboring countries, making the disruption regionally significant. As of Wednesday afternoon, the SAWS website remained offline.
A global law enforcement operation has shut down a series of cybercrime websites used for selling stolen data, pirated software, and hacking tools. The FBI and Europol coordinated the takedown as part of ‘Operation Talent’, targeting platforms associated with Cracked, Nulled, StarkRDP, Sellix, and MySellix.
Seizure notices appeared on the affected websites, and officials confirmed that information on customers and victims had also been obtained. Europol stated that further details would be released within 24 hours, while the FBI has not yet commented on the operation.
Reports suggest that the targeted sites played various roles in the cybercrime ecosystem, facilitating the trade of stolen login credentials, compromised credit card details, and video game cheats. A message in a Cracked Telegram channel acknowledged the seizure, with administrators expressing uncertainty over the next steps.
Authorities continue to investigate, with the crackdown highlighting ongoing efforts to disrupt cybercriminal networks. More updates are expected as officials analyse the seized data and determine potential follow-up actions.
French prosecutors have launched a new investigation into Binance, marking the second time authorities have scrutinised the crypto exchange. The probe includes allegations of drug trafficking, money laundering, and tax evasion, with possible additional charges yet to be disclosed. This follows an earlier inquiry in 2023 over suspected financial crimes linked to the platform.
Regulators worldwide have tightened their grip on cryptocurrency firms after the collapse of FTX and other high-profile failures. Binance has faced mounting legal challenges, including a record $4.3 billion settlement with US authorities. Despite leadership changes, including the resignation of founder Changpeng Zhao, the company remains under regulatory pressure.
As Binance navigates legal battles across multiple jurisdictions, its future in key markets remains uncertain. The latest investigation in France adds to the exchange’s ongoing struggles, reinforcing the global crackdown on crypto platforms accused of financial misconduct.
The launch of the TRUMP meme coin has drawn massive attention, reaching a $72 billion market cap in just two days. The excitement has also unleashed a wave of fraudulent activity, with over 6,800 fake tokens and 91 malicious decentralised applications (dApps) flooding the market, according to blockchain forensic firm Blockaid.
Scammers capitalised on the hype surrounding TRUMP, creating counterfeit tokens and applications designed to mimic the original coin. The surge in fake assets, particularly on networks like Solana and Ethereum, has made it increasingly difficult for investors to distinguish legitimate tokens from malicious ones. The scheme extended to tokens referencing Trump family members, further complicating the situation.
Blockaid has worked to shield users from these threats, blocking hundreds of interactions with fake assets since the TRUMP token’s release. While cryptocurrency’s decentralised nature empowers users, it also provides opportunities for bad actors, underscoring the ongoing need for vigilance and robust scam prevention efforts.
Dean Norris, famed for his role as Hank Schrader in Breaking Bad, had his X account hacked to promote a fraudulent memecoin. The coin, DEAN, which briefly reached a market cap of over $8 million, was part of a pump-and-dump scheme. Norris confirmed the hack on 26 January, stating that the coin was a ‘complete, fake scam’ and slamming Reddit users who blamed him for the incident.
The hackers used Norris’s likeness in a doctored video and images to deceive people into thinking he was endorsing the token. Although the promotional posts were eventually removed, screenshots of the fraudulent content circulated online. Blockchain data showed a massive spike in the coin’s value, which quickly collapsed after the scam was exposed.
It is not the first time Norris has been targeted by crypto fraudsters. In November, his account was also hijacked in a similar scheme, with connections to other high-profile account takeovers. Norris, who rarely uses X and does not have a Telegram account, revealed he was unaware of the hack until friends alerted him.
Big Cheese Studio, a game development studio based in Poland, confirmed it suffered a cyberattack early Friday, according to the Polish Press Agency (PAP). The attack occurred around 4:00 GMT, and the company’s website remained offline several hours later. Management stated that security measures were in place, with an official statement expected later in the day.
Reports indicate hackers accessed the studio’s game code systems and employee personal data. The attackers are allegedly demanding 100,000 zlotys (£19,000) in cryptocurrency to prevent the release of stolen information. Users on social media platform X brought attention to the ransom threat, sparking concerns over data privacy and security.
Big Cheese Studio, listed on the Warsaw Stock Exchange, is working to address the breach. The incident underscores growing risks faced by companies in the gaming industry from cyber threats.
Denmark’s national Centre for Cybersecurity (Center for Cybersikkerhed, CCS) has identified a ‘very high’ risk of cyberattacks targeting the country’s water infrastructure following its first official assessment of threats to the sector.
According to CCS acting head Mark Fiedel, the water sector plays a vital role within Denmark’s critical infrastructure, highlighting the potential impacts of disruptions to drinking water supplies.
As an example of the risks faced by the sector, Fiedel noted an incident in December 2024 when hackers accessed a small water plant in Denmark, resulting in a temporary disruption of water services for approximately 50 households.
CCS classifies cyber threats into various categories, including cybercrime, which poses the significant risk to critical infrastructure. Ransomware attacks are among the identified threats, and in 2021, a water plant in Kalundborg reported a ransomware attack that briefly locked technicians out of IT systems.
