Dark web vendors are selling credentials to hacked Remote Desktop Protocol (RDP) servers, which allow hackers to spy on and steal data from companies, without using malware.
The news comes nearly a year after disclosures from the Panama Papers shook the global political elite and triggered investigations into prominent figures worldwide.
The data of Tarte Cosmetics' customers was left publicly exposed via two unsecured MongoDB databases, which were later accessed by the Cru3lty ransomware gang.
The hackers reportedly had control over Coinhive's domain name for around six hours.
The US government barred federal agencies from using Kaspersky's anti-virus products because of concerns about its ties to the Kremlin and Russian spy operations.
The malware is capable of stealing victims' contacts, reading and sending SMS messages and locking out users from accessing their phones.
So far, the ongoing FBI investigation has resulted in three cases against defendants across the US.
NCSC head Ciaran Martin confirmed that "hostile" nation-state hackers had hit Northern Ireland infrastructure in "significant" attacks.
The DHS and FBI said in a joint report that the threat actors are "actively pursuing their ultimate objectives over a long-term campaign".
Hackers infected the installers of the Eltima Player and Folx apps with the Proton malware, which in turn was downloaded by unsuspecting users.
Research suggested that the new botnet is evolving at a rapid pace, and could soon be weaponised to launch cyberattacks in the same fashion as "Mirai" last year.
"According to our intelligence services, the Russian government has made a project of turning Americans against each other," Bush said.
Malaysian technology website Lowyat reported that the files were offered for sale by an unknown user of its forums.
The leaked records contained citizen ID numbers, names, genders, martial statuses, home ownership information, employment details and income data.
Hackers have now reportedly launched a new site called ATMjackpot that sells a modified version of CutletMaker, complete with video tutorials on how to successfully exploit it.
According to reports, the hermit kingdom's hacking unit has swelled to 6,000-people strong - conducting operations even as the country's internet remains weak.
The newer version of the remote access trojan (RAT) has been updated to run on modern operating systems and 64-bit platforms.
The latest cryptominer comes amid an uptick in cryptocurrency mining malware campaigns and growing JavaScript-based cryptominers
Security experts say the attack was reminiscent of the infamous $81m Bangladesh Bank cyberheist, with similar malware and hacking tools used.
The company said it was alerted by Troy Hunt, security expert and founder of the data breach notification website Have I Been Pwned.
The spam email campaign was sent from domains that closely resembled those used by the legitimate HMRC – in this case it was using hmirc-gov.co.uk, Trustwave experts said.
Pizza Hut said that its website was compromised and hackers stole some of its customers' card data between 1 and 2 October.
